OTL logfile created on: 7/24/2011 8:28:22 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\tnay\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.24 Gb Total Physical Memory | 2.66 Gb Available Physical Memory | 82.16% Memory free
7.94 Gb Paging File | 7.46 Gb Available in Paging File | 93.93% Paging File free
Paging file location(s): C:\pagefile.sys 4977 4977 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43.40 Gb Total Space | 22.34 Gb Free Space | 51.46% Space Free | Partition Type: NTFS
Drive D: | 90.06 Gb Total Space | 87.63 Gb Free Space | 97.30% Space Free | Partition Type: NTFS
Computer Name: AIG-LTP-XP-059 | User Name: tnay | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/07/24 08:24:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\tnay\Desktop\OTL.exe
PRC - [2011/07/13 10:02:53 | 000,556,032 | ---- | M] (AIDEX Team) -- C:\WINDOWS\system32\ole3232.exe
PRC - [2011/07/13 10:02:53 | 000,556,032 | ---- | M] (AIDEX Team) -- C:\WINDOWS\system32\atmpvcno32.exe
PRC - [2011/06/26 15:25:35 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2010/02/18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/11/17 13:07:46 | 001,528,624 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2009/09/17 19:56:58 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/09/17 19:38:02 | 001,864,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2009/09/17 19:27:26 | 001,455,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2009/07/08 21:14:40 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2009/07/08 21:14:20 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/20 17:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/08/20 17:28:34 | 000,348,160 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2008/08/20 17:27:36 | 001,368,064 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2008/08/20 17:18:34 | 000,905,216 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008/08/20 17:09:12 | 001,191,936 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2008/08/20 17:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/30 20:06:56 | 002,471,280 | ---- | M] (Seagull Scientific) -- C:\Program Files\Seagull\BarTender\8.0\CmdrSrv.exe
PRC - [2007/07/20 17:55:46 | 001,228,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/07/20 17:53:52 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/05/10 11:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
========== Modules (SafeList) ========== MOD - [2011/07/24 08:24:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\tnay\Desktop\OTL.exe
MOD - [2011/06/26 15:26:13 | 000,043,520 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome10browserrecordhelper.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/07/29 08:05:08 | 000,655,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
MOD - [2008/07/29 08:05:08 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
========== Win32 Services (SafeList) ========== SRV - [2011/07/13 10:02:53 | 000,556,032 | ---- | M] (AIDEX Team) [Auto | Running] -- C:\WINDOWS\system32\ole3232.exe -- (Wmi32)
SRV - [2009/11/17 13:07:46 | 001,528,624 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2009/09/17 19:56:58 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/09/17 19:38:02 | 001,864,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2009/09/17 18:21:10 | 000,341,320 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2009/07/13 13:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/07/08 21:14:20 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2009/07/08 21:14:20 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/20 17:38:30 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/08/20 17:28:34 | 000,348,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2008/08/20 17:18:34 | 000,905,216 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008/08/20 17:08:02 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2007/08/30 20:06:56 | 002,471,280 | ---- | M] (Seagull Scientific) [Auto | Running] -- C:\Program Files\Seagull\BarTender\8.0\CmdrSrv.exe -- (Commander Service)
SRV - [2007/07/20 17:53:52 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
========== Driver Services (SafeList) ========== DRV - [2011/06/22 19:05:28 | 000,167,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wpshelper.sys -- (WpsHelper)
DRV - [2011/05/17 04:00:00 | 001,542,392 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110723.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/05/17 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110723.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/05/09 04:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/09 04:00:00 | 000,105,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/02/01 16:28:03 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/11/17 13:07:06 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009/09/17 19:38:10 | 000,092,488 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant)
DRV - [2009/09/17 19:31:50 | 000,042,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2009/09/03 17:03:48 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/09/03 17:03:48 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/08/26 12:54:38 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/08/25 21:05:44 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2009/08/25 21:05:42 | 000,320,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2009/08/25 21:05:42 | 000,281,648 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2009/07/14 13:51:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009/05/27 15:31:18 | 000,050,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2009/04/22 15:28:08 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2009/04/22 15:28:06 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2008/11/16 19:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/10/04 17:49:46 | 000,018,712 | ---- | M] (TeraByte, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\phylock.sys -- (phylock)
DRV - [2008/08/29 00:34:30 | 003,632,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008/08/04 12:32:26 | 000,011,904 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/11/14 20:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/05/10 11:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/01/18 21:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/22 00:05:48 | 000,061,312 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2005/10/26 11:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 64 1A AD 01 7E BF 67 4D 98 C7 76 7B FF 8A C8 52 [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 64 1A AD 01 7E BF 67 4D 98 C7 76 7B FF 8A C8 52 [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 64 1A AD 01 7E BF 67 4D 98 C7 76 7B FF 8A C8 52 [binary data]
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 64 1A AD 01 7E BF 67 4D 98 C7 76 7B FF 8A C8 52 [binary data]
IE - HKU\S-1-5-21-220523388-790525478-1801674531-1274\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKU\S-1-5-21-220523388-790525478-1801674531-1274\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 64 1A AD 01 7E BF 67 4D 98 C7 76 7B FF 8A C8 52 [binary data]
IE - HKU\S-1-5-21-220523388-790525478-1801674531-1274\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems:
firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\tnay\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/26 15:26:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/26 15:26:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/26 15:27:00 | 000,000,000 | ---D | M]
[2010/04/15 16:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\tnay\Application Data\Mozilla\Extensions
[2011/07/13 10:02:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\tnay\Application Data\Mozilla\Firefox\Profiles\ggu8i46z.default\extensions
[2010/04/15 16:55:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\tnay\Application Data\Mozilla\Firefox\Profiles\ggu8i46z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/10 13:10:55 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\tnay\Application Data\Mozilla\Firefox\Profiles\ggu8i46z.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/07/24 08:23:47 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Documents and Settings\tnay\Application Data\Mozilla\Firefox\Profiles\ggu8i46z.default\extensions\{eb7f1266-1eca-4a6e-8a70-5b21db9b2bce}
[2010/05/08 21:22:30 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Documents and Settings\tnay\Application Data\Mozilla\Firefox\Profiles\ggu8i46z.default\extensions\firefox@tvunetworks.com
[2011/01/27 15:38:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/28 18:42:42 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/06/26 15:26:15 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/02/11 15:20:51 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {01AD1A64-BF7E-4D67-98C7-767BFF8AC852} - C:\WINDOWS\system32\atmpvcno32.dll (AIDEX Team)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKU\S-1-5-21-220523388-790525478-1801674531-1274..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [ShowDeskFix] File not found
O4 - HKU\S-1-5-18..\RunOnce: [ShowDeskFix] File not found
O4 - HKU\S-1-5-19..\RunOnce: [ShowDeskFix] File not found
O4 - HKU\S-1-5-20..\RunOnce: [ShowDeskFix] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}\Icon3E5562ED7.ico ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-790525478-1801674531-1274\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://www.update.microsoft.com/microso ... 9883166640 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://www.update.microsoft.com/microso ... 9883148140 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7}
http://jp-appserver.jeffparish.net/webmap/acgm/Acgm.cab (ActiveCGM Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aigismech.com
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/21 12:41:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5f781223-c56b-11df-92a2-0015c5243daa}\Shell - "" = AutoRun
O33 - MountPoints2\{5f781223-c56b-11df-92a2-0015c5243daa}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5f781223-c56b-11df-92a2-0015c5243daa}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/07/24 08:24:16 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\tnay\Desktop\OTL.exe
[2011/07/24 08:17:46 | 000,350,208 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\atmpvcno32.dll
[2011/07/21 19:35:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\tnay\Recent
[2011/07/18 13:32:03 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2011/07/18 13:31:56 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2011/07/18 13:31:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2011/07/18 13:31:54 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2011/07/18 13:31:54 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2011/07/18 13:31:52 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2011/07/18 13:31:49 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2011/07/18 13:31:46 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2011/07/18 13:31:44 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2011/07/18 13:31:31 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2011/07/18 13:31:31 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2011/07/18 13:31:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2011/07/18 13:31:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2011/07/18 13:31:30 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2011/07/18 13:31:30 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2011/07/18 13:31:30 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2011/07/18 13:31:30 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2011/07/18 13:31:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2011/07/18 13:31:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2011/07/13 18:50:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tnay\My Documents\My Barnes & Noble eBooks
[2011/07/13 18:49:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Barnes & Noble
[2011/07/13 18:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tnay\Application Data\Barnes & Noble
[2011/07/13 18:49:37 | 000,000,000 | ---D | C] -- C:\Program Files\Barnes & Noble
[2011/07/13 10:02:56 | 000,556,032 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\atmpvcno32.exe
[2011/07/13 10:02:55 | 000,556,032 | ---- | C] (AIDEX Team) -- C:\WINDOWS\System32\ole3232.exe
[2011/07/05 20:45:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\tnay\Application Data\vlc
[2011/07/05 20:45:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2011/07/05 20:44:45 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/06/26 20:45:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/06/26 15:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/06/26 15:26:02 | 000,198,848 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/06/26 15:25:41 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/06/26 15:25:41 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/06/26 15:25:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\tnay\Desktop\*.tmp files -> C:\Documents and Settings\tnay\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\tnay\*.tmp files -> C:\Documents and Settings\tnay\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/07/24 08:24:42 | 000,463,184 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/24 08:24:42 | 000,078,964 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/24 08:24:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\tnay\Desktop\OTL.exe
[2011/07/24 08:21:18 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk
[2011/07/24 08:21:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/24 08:20:28 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-790525478-1801674531-1274.job
[2011/07/24 08:20:27 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/24 08:20:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/24 08:17:46 | 000,350,208 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\atmpvcno32.dll
[2011/07/24 06:48:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/22 14:52:53 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/22 07:38:47 | 000,001,770 | -H-- | M] () -- C:\Documents and Settings\tnay\My Documents\Default.rdp
[2011/07/19 13:53:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-790525478-1801674531-1274.job
[2011/07/18 20:28:42 | 035,364,676 | ---- | M] () -- C:\Documents and Settings\tnay\My Documents\temp10.flv
[2011/07/18 17:15:06 | 102,801,881 | ---- | M] () -- C:\Documents and Settings\tnay\My Documents\temp9.flv
[2011/07/18 17:05:31 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\tnay\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/18 17:05:17 | 146,655,695 | ---- | M] () -- C:\Documents and Settings\tnay\My Documents\temp8.wmv
[2011/07/15 06:49:20 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/07/13 18:49:43 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/07/13 17:42:42 | 000,144,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/13 10:02:56 | 000,000,063 | ---- | M] () -- C:\WINDOWS\System32\1323918268
[2011/07/13 10:02:53 | 000,556,032 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\ole3232.exe
[2011/07/13 10:02:53 | 000,556,032 | ---- | M] (AIDEX Team) -- C:\WINDOWS\System32\atmpvcno32.exe
[2011/07/13 07:00:15 | 000,055,499 | ---- | M] () -- C:\Documents and Settings\tnay\Desktop\DonnaDL.pdf
[2011/07/05 20:45:30 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/07/05 20:31:55 | 000,001,466 | ---- | M] () -- C:\Documents and Settings\tnay\Desktop\DivX Movies.lnk
[2011/07/05 20:19:34 | 004,127,232 | ---- | M] () -- C:\Documents and Settings\tnay\My Documents\anyasam.avi
[2011/06/28 09:13:18 | 000,143,360 | ---- | M] () -- C:\Documents and Settings\tnay\My Documents\db1.mdb
[2011/06/26 20:50:33 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\tnay\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/26 15:26:50 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/06/26 15:26:02 | 000,198,848 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2011/06/26 15:25:41 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2011/06/26 15:25:41 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2011/06/26 15:25:39 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\tnay\Desktop\*.tmp files -> C:\Documents and Settings\tnay\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\tnay\*.tmp files -> C:\Documents and Settings\tnay\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/07/18 20:28:42 | 035,364,676 | ---- | C] () -- C:\Documents and Settings\tnay\My Documents\temp10.flv
[2011/07/18 17:15:06 | 102,801,881 | ---- | C] () -- C:\Documents and Settings\tnay\My Documents\temp9.flv
[2011/07/18 17:05:17 | 146,655,695 | ---- | C] () -- C:\Documents and Settings\tnay\My Documents\temp8.wmv
[2011/07/13 18:49:43 | 000,000,873 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NOOK for PC.lnk
[2011/07/13 10:02:55 | 000,000,063 | ---- | C] () -- C:\WINDOWS\System32\1323918268
[2011/07/13 07:00:15 | 000,055,499 | ---- | C] () -- C:\Documents and Settings\tnay\Desktop\DonnaDL.pdf
[2011/07/05 20:45:30 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
[2011/07/05 20:19:34 | 004,127,232 | ---- | C] () -- C:\Documents and Settings\tnay\My Documents\anyasam.avi
[2011/06/28 09:07:38 | 000,143,360 | ---- | C] () -- C:\Documents and Settings\tnay\My Documents\db1.mdb
[2011/06/26 15:26:50 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/06/05 08:18:42 | 000,103,535 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2011/06/05 08:18:42 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2011/02/28 21:18:57 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/10/19 14:34:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bartend.INI
[2010/08/28 18:44:13 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/04/27 18:45:29 | 000,012,800 | ---- | C] () -- C:\Documents and Settings\tnay\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/15 16:54:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/02/05 12:15:47 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2010/02/04 08:30:50 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\regobj.dll
[2010/02/01 17:41:26 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2010/02/01 17:41:26 | 000,000,059 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2010/02/01 15:20:30 | 000,000,475 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/02/01 12:14:22 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2010/02/01 12:14:21 | 001,663,488 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2010/02/01 12:14:21 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2010/02/01 12:14:21 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2010/02/01 12:14:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2010/02/01 11:39:23 | 000,077,312 | ---- | C] () -- C:\WINDOWS\tbicd2hd.exe
[2010/01/21 17:03:27 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll
[2009/11/17 13:08:34 | 000,197,424 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2009/11/17 13:07:44 | 000,193,328 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2008/12/21 13:32:45 | 000,042,743 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2008/12/21 13:06:22 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/12/21 13:06:21 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/12/21 13:06:21 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/12/21 13:06:21 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/12/21 13:06:20 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/12/21 13:06:19 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/12/21 13:06:16 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/12/21 13:06:16 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/12/21 12:44:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/12/21 12:37:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/12/21 08:20:17 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/12/21 08:18:46 | 000,144,424 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2005/01/21 13:02:28 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,463,184 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,078,964 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/07/21 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/07/21 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1999/01/22 07:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ========== [2008/12/21 15:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2010/02/01 16:05:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\aigismechsuperuser\Application Data\Windows Desktop Search
[2011/03/13 11:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2011/05/05 11:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2010/10/19 14:32:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagull
[2010/02/01 12:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/23 07:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/07/13 18:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tnay\Application Data\Barnes & Noble
[2011/03/14 19:11:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tnay\Application Data\mjusbsp
[2010/02/05 12:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tnay\Application Data\pdf995
[2011/06/14 20:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tnay\Application Data\TeamViewer
[2010/02/01 16:19:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tnay\Application Data\Windows Desktop Search
[2010/02/05 08:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tnay\Application Data\Windows Search
[2010/02/04 08:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\tnay\Application Data\Xerox
[2008/12/21 14:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 192 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CF08C48A
< End of report >