OTL logfile created on: 3/7/2011 8:38:48 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Valued Customer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 69.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 288 800 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 56.19 Gb Free Space | 75.40% Space Free | Partition Type: NTFS
Drive E: | 1.64 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 17.59 Mb Total Space | 17.32 Mb Free Space | 98.44% Space Free | Partition Type: FAT
Computer Name: D44AB535D7254B7 | User Name: Valued Customer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Valued Customer\desktop\OTL (2).exe (OldTimer Tools)
PRC - C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files\Southwest Airlines\Ding\Ding.exe (Southwest Airlines)
PRC - C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
PRC - C:\WINDOWS\system32\slserv.exe (Smart Link)
PRC - C:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Valued Customer\desktop\OTL (2).exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)
========== Win32 Services (SafeList) ========== SRV - (AppMgmt) -- File not found
SRV - (nosGetPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
SRV - (sprtlisten) -- C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe (SupportSoft, Inc.)
SRV - (SupportSoft RemoteAssist) -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe (Smart Link)
========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\L8042mou.Sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (Jukebox3) -- C:\WINDOWS\system32\drivers\ctpdusb.sys (Creative Technology Ltd.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys (Smart Link)
DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Smart Link)
DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys (Smart Link)
DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys (Smart Link)
DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys (Smart Link)
DRV - (RecAgent) -- C:\WINDOWS\system32\DRIVERS\RecAgent.sys (Smart Link)
DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys (Smart Link)
DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://news.yahoo.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/IE - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\S-1-5-21-606747145-776561741-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-606747145-776561741-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ========== [2010/01/06 22:04:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Extensions
[2010/01/06 22:04:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valued Customer\Application Data\Mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2010/12/17 08:40:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {11359F4A-B191-42D7-905A-594F8CF0387B} - No CLSID value found.
O3 - HKU\S-1-5-21-606747145-776561741-682003330-1004\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-606747145-776561741-682003330-1004\..\Toolbar\WebBrowser: (no name) - {11359F4A-B191-42D7-905A-594F8CF0387B} - No CLSID value found.
O3 - HKU\S-1-5-21-606747145-776561741-682003330-1004\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKU\S-1-5-21-606747145-776561741-682003330-1004\..\Toolbar\WebBrowser: (no name) - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - No CLSID value found.
O3 - HKU\S-1-5-21-606747145-776561741-682003330-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-606747145-776561741-682003330-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-776561741-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-606747145-776561741-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Valued Customer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/10/04 13:55:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/03/04 17:44:12 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/08/03 09:04:35 | 000,027,992 | R--- | M] (magicJack L.P.) - E:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/08/03 09:04:35 | 000,016,158 | R--- | M] () - E:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2009/08/03 09:04:35 | 000,000,308 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/08/03 09:04:35 | 000,728,816 | R--- | M] (magicJack L.P.) - E:\autorunu.exe -- [ CDFS ]
O32 - Unable to obtain root file information for disk G:\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/03/07 08:37:17 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL (2).exe
[2011/03/06 17:44:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Valued Customer\UserData
[2011/03/04 17:44:12 | 000,000,000 | ---D | C] -- C:\autorun.inf
[2011/03/03 23:35:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Desktop\tdsskiller
[2011/03/03 23:06:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\lHpBeLe08501
[2011/02/18 21:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\My Documents\DTI STUDENT DOCUMENTS
[2011/02/18 21:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\My Documents\Certblaster
[2011/02/18 21:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\Certblaster
[2011/02/18 21:43:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valued Customer\Application Data\Certblaster
[2011/02/16 10:07:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/02/16 10:07:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/02/16 10:07:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2005/10/04 16:15:09 | 000,014,968 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys
========== Files - Modified Within 30 Days ========== [2011/03/07 08:36:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valued Customer\Desktop\OTL (2).exe
[2011/03/07 08:22:04 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2011/03/07 08:20:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/07 08:19:36 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/03/07 08:19:20 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/07 08:19:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/06 20:09:00 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/03 23:42:09 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/03/01 21:18:25 | 000,001,038 | ---- | M] () -- C:\Documents and Settings\Valued Customer\Desktop\magicJack.lnk
[2011/02/11 10:31:46 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/02/10 14:11:34 | 000,313,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 23:39:46 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ========== [2011/03/03 23:42:09 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/02/18 21:43:16 | 000,002,363 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Start Menu\Programs\Start CertBlaster.lnk
[2010/12/17 08:34:13 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/17 08:34:13 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/17 08:34:13 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/17 08:34:13 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/17 08:34:13 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/13 14:12:55 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Application Data\Launch Internet Explorer Browser.lnk
[2010/11/05 16:11:14 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Application Data\setup_ldm.iss
[2010/08/05 21:16:54 | 000,673,280 | ---- | C] () -- C:\WINDOWS\is-RNDD3.exe
[2010/03/14 11:12:53 | 000,136,448 | ---- | C] () -- C:\WINDOWS\RMTOOLS.DLL
[2009/09/16 20:41:42 | 000,000,228 | ---- | C] () -- C:\WINDOWS\System32\edacded0.dat
[2009/06/27 07:30:13 | 000,000,069 | ---- | C] () -- C:\WINDOWS\st_affiliate.ini
[2008/07/20 19:45:39 | 000,111,944 | ---- | C] () -- C:\WINDOWS\System32\TPActiveX.dll
[2008/05/11 12:18:11 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\PdeSrvps.dll
[2008/05/11 12:18:10 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2007/12/26 19:37:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pestpatrol5.INI
[2007/12/01 12:59:03 | 000,067,184 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2007/08/20 17:41:51 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/25 17:39:50 | 000,001,901 | ---- | C] () -- C:\WINDOWS\panose.bin
[2007/07/25 17:35:29 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007/06/08 13:16:53 | 000,000,032 | ---- | C] () -- C:\WINDOWS\System32\thxcfg.ini
[2007/03/31 05:09:58 | 000,059,392 | R--- | C] () -- C:\WINDOWS\System32\streamhlp.dll
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/01/10 17:05:43 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2007/01/06 08:28:46 | 000,017,134 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Application Data\.googlewebacchosts
[2006/11/18 07:45:20 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/09/18 08:14:24 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/06/15 09:09:13 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/05/21 12:19:14 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/02/14 11:45:12 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2006/01/19 22:18:52 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/01/12 21:17:03 | 000,000,180 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/10/21 10:06:07 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Valued Customer\Local Settings\Application Data\fusioncache.dat
[2005/10/20 07:09:28 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/05 12:06:00 | 000,099,965 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2005/10/05 12:05:45 | 000,006,665 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/10/04 17:21:18 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/10/04 17:21:17 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2005/10/04 17:21:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NSREX.INI
[2005/10/04 16:15:09 | 000,528,384 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll
[2005/10/04 16:15:09 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\slmh.exe
[2005/10/04 16:15:09 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\minirec.exe
[2005/10/04 16:15:09 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\SLMOHServ.dll
[2005/10/04 16:15:09 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SmCfg.exe
[2005/10/04 15:44:46 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005/10/04 15:44:41 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/10/04 15:44:41 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/10/04 15:44:36 | 000,000,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2005/10/04 13:58:37 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/10/04 13:52:54 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/10/04 06:34:25 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/10/04 06:31:42 | 000,313,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/09/17 17:37:42 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/08/04 04:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 04:00:00 | 000,446,050 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 04:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 04:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 04:00:00 | 000,067,070 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 04:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 04:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 04:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 04:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 04:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 04:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/05/03 04:19:26 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >