OTL logfile

View previous topic View next topic Go down

OTL logfile

Post by sllb on Mon 17 Oct 2011, 4:33 am

OTL logfile created on: 10/16/2011 10:00:31 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HP_Owner.GMASXP\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1015.29 Mb Total Physical Memory | 363.36 Mb Available Physical Memory | 35.79% Memory free
2.39 Gb Paging File | 1.85 Gb Available in Paging File | 77.38% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 180.78 Gb Total Space | 52.44 Gb Free Space | 29.01% Space Free | Partition Type: NTFS
Drive D: | 5.51 Gb Total Space | 0.25 Gb Free Space | 4.53% Space Free | Partition Type: FAT32

Computer Name: GMASXP | User Name: HP_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/16 09:59:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner.GMASXP\Desktop\OTL.com
PRC - [2011/09/06 13:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010/09/27 16:42:18 | 004,180,576 | ---- | M] (SafeNet Inc.) -- C:\WINDOWS\system32\hasplms.exe
PRC - [2009/12/09 14:26:30 | 000,090,112 | R--- | M] (FGAG) -- C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2004/10/13 23:17:06 | 002,742,272 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/10/13 23:00:10 | 000,057,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
PRC - [2004/10/13 21:01:50 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/08/04 11:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/03/19 00:55:48 | 000,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2002/01/01 11:03:21 | 000,045,056 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
PRC - [2002/01/01 11:01:18 | 001,187,840 | ---- | M] (InterMute, Inc.) -- C:\Program Files\InterMute\SpySubtract\SpySub.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/16 08:00:44 | 001,597,440 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11101601\algo.dll
MOD - [2011/10/16 07:54:05 | 000,962,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\7a9be0b102ec394699fe9460de34a71c\System.Configuration.ni.dll
MOD - [2011/10/16 00:27:54 | 001,597,440 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11101600\algo.dll
MOD - [2011/10/15 23:35:54 | 005,640,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\01dbb0d439ebfd45969c134588596111\System.Xml.ni.dll
MOD - [2011/10/15 23:35:45 | 013,107,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0ee6011e2444cc4380a05fc2fdd9f769\System.Windows.Forms.ni.dll
MOD - [2011/10/15 23:35:27 | 001,626,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\a939d20fff0e574b8c3ed1d4e64c84ac\System.Drawing.ni.dll
MOD - [2011/10/15 23:35:23 | 008,093,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\7d00a255128f304292a1e1daa0098f62\System.ni.dll
MOD - [2011/10/15 23:35:07 | 011,411,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\5828fd8e9902ca4fa7ee0d1e5916f921\mscorlib.ni.dll
MOD - [2011/10/15 23:34:31 | 000,299,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011/10/15 23:34:19 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2011/10/14 13:21:40 | 000,272,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11101601\aswRep.dll
MOD - [2011/10/14 13:21:40 | 000,272,416 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11101600\aswRep.dll
MOD - [2004/10/08 17:43:10 | 000,196,608 | ---- | M] () -- c:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
MOD - [2002/01/01 11:03:21 | 000,147,493 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\bwfiles.dll
MOD - [2002/01/01 11:03:21 | 000,094,243 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\FrExt.dll
MOD - [2002/01/01 11:03:21 | 000,061,496 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.3.2.62\Program\clntutil.dll
MOD - [2002/01/01 11:03:21 | 000,024,615 | ---- | M] () -- C:\Program Files\Updates from HP\309731\Program\frext-309731.dll
MOD - [2002/01/01 11:03:21 | 000,024,615 | ---- | M] () -- C:\Program Files\Updates from HP\309731\Program\BWfiles-309731.dll
MOD - [2002/01/01 11:03:19 | 000,114,688 | ---- | M] () -- C:\Program Files\Updates from HP\309731\Program\HPClientExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/27 16:42:18 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\WINDOWS\System32\hasplms.exe -- (hasplms)
SRV - [2009/12/09 14:26:30 | 000,090,112 | R--- | M] (FGAG) [Auto | Running] -- C:\Program Files\BERNINA\UCS\UniversalCommunicationServer.exe -- (UniversalCommunicationServer)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2004/03/19 00:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 13:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 13:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 13:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 13:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/09/27 16:42:16 | 000,238,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\akshasp.sys -- (akshasp)
DRV - [2010/09/27 16:42:12 | 000,046,336 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\akshhl.sys -- (akshhl)
DRV - [2009/02/03 03:10:12 | 000,586,752 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2009/01/28 16:26:24 | 000,020,480 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aksusb.sys -- (aksusb)
DRV - [2009/01/16 11:42:28 | 000,352,256 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2004/10/14 00:33:20 | 002,287,104 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2004/06/29 10:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/03/18 00:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2003/09/19 09:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2002/10/04 10:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001/06/04 13:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1879: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1939: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.872: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found



O1 HOSTS File: ([2004/08/04 11:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\ShellBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\sslaunch.exe (InterMute, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe (Hewlett-Packard)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92EFD4D6-FFDC-47FC-9F92-07F1902D5539}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {FA010552-4A27-4cb1-A1BB-3E2D697F1639} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/01/11 12:33:21 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 22:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{426289c2-f7bc-11e0-9e1d-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{426289c2-f7bc-11e0-9e1d-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{426289c2-f7bc-11e0-9e1d-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: MSACM.CEGSM - C:\WINDOWS\System32\mobileV.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/16 09:59:45 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner.GMASXP\Desktop\OTL.com
[2011/10/16 09:32:13 | 000,000,000 | ---D | C] -- C:\@GARBAGE
[2011/10/16 08:20:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\AdobeUM
[2011/10/16 08:20:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\Adobe
[2011/10/16 08:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\My Documents\My eBooks
[2011/10/16 08:20:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Adobe
[2011/10/16 08:12:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/10/16 08:12:56 | 000,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2011/10/16 08:02:11 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/10/16 08:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/10/16 08:02:10 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/10/16 08:02:09 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/10/16 08:02:08 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/10/16 08:02:08 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/10/16 08:02:07 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/10/16 08:02:07 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/10/16 08:02:06 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/10/16 08:01:51 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/10/16 08:01:50 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/10/16 08:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/10/16 08:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/10/15 23:37:09 | 000,114,688 | ---- | C] (AvantGo, Inc.) -- C:\WINDOWS\System32\malslib.dll
[2011/10/15 23:37:09 | 000,077,899 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rapi.dll
[2011/10/15 23:37:09 | 000,069,632 | ---- | C] (AvantGo, Inc.) -- C:\WINDOWS\System32\mbllnk.cpl
[2011/10/15 23:37:09 | 000,065,615 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pmailext.dll
[2011/10/15 23:37:09 | 000,065,613 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ppvexp.dll
[2011/10/15 23:37:09 | 000,057,423 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MsgStRPC.dll
[2011/10/15 23:37:09 | 000,036,942 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ppcload.dll
[2011/10/15 23:37:09 | 000,024,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ceutil.dll
[2011/10/15 23:37:09 | 000,024,652 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uicom.dll
[2011/10/15 23:31:51 | 000,244,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSFLXGRD.OCX
[2011/10/15 23:31:51 | 000,133,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2011/10/15 23:24:18 | 002,790,400 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\System32\aksllmtp.exe
[2011/10/15 23:24:18 | 000,030,208 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\WINDOWS\System32\akshhl27.dll
[2011/10/15 23:22:40 | 004,180,576 | ---- | C] (SafeNet Inc.) -- C:\WINDOWS\System32\hasplms.exe
[2011/10/15 23:10:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/10/15 23:07:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/10/15 23:07:39 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/10/15 23:07:39 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/10/15 23:07:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/10/15 23:07:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/10/15 23:07:39 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/10/15 22:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\Help
[2011/10/15 22:23:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Help
[2011/10/15 22:23:19 | 000,000,000 | --SD | C] -- C:\Documents and Settings\HP_Owner.GMASXP\UserData
[2011/10/15 22:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Macromedia
[2011/10/15 22:22:07 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/10/15 22:21:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Recent
[2011/10/15 22:21:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\LightScribe
[2011/10/15 22:21:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2011/10/15 22:21:24 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2011/10/15 22:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\InterMute
[2011/10/15 22:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Identities
[2011/10/15 22:19:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Apple Computer
[2011/10/15 22:19:52 | 000,000,000 | --SD | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Microsoft
[2011/10/15 22:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Real
[2011/10/15 22:19:51 | 000,000,000 | --SD | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Cookies
[2011/10/15 22:19:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\SendTo
[2011/10/15 22:19:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data
[2011/10/15 22:19:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\My Documents\My Videos
[2011/10/15 22:19:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\My Documents\My Pictures
[2011/10/15 22:19:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\My Documents\My Music
[2011/10/15 22:19:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\My Documents
[2011/10/15 22:19:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Favorites
[2011/10/15 22:19:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\Accessories
[2011/10/15 22:19:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\PrintHood
[2011/10/15 22:19:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\NetHood
[2011/10/15 22:19:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Local Settings
[2011/10/15 22:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Symantec
[2011/10/15 22:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Sun
[2011/10/15 22:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\SampleView
[2011/10/15 22:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\Microsoft
[2011/10/15 22:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Desktop
[2011/10/15 22:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\ApplicationHistory
[2011/10/15 22:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\Apple Computer
[2011/10/15 22:19:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2011/10/15 22:19:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\Startup
[2011/10/15 22:19:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu
[2011/10/15 22:19:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Templates
[2011/10/15 22:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\WINDOWS
[2011/10/15 22:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\WeatherBug
[2011/10/15 22:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\Quicken
[2011/10/15 22:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\PC Help & Tools
[2011/10/15 22:19:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\Online Services
[2011/10/15 22:17:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2011/10/15 10:32:45 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/10/11 09:13:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/10/05 16:36:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/10/03 17:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/10/03 17:34:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/10/03 17:28:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/10/03 17:13:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/16 09:59:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Owner.GMASXP\Desktop\OTL.com
[2011/10/16 09:45:00 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/16 09:41:11 | 000,000,304 | ---- | M] () -- C:\Documents and Settings\HP_Owner.GMASXP\Desktop\internet explorer 8 problems xp Windows Internet Explorer 8 - Bing.url
[2011/10/16 09:02:27 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/16 09:02:09 | 000,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2011/10/16 09:02:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/16 09:02:02 | 1064,685,568 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/16 08:36:06 | 000,001,147 | ---- | M] () -- C:\Documents and Settings\HP_Owner.GMASXP\My Documents\Frank.rtf
[2011/10/16 08:13:05 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/10/16 08:02:11 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/10/16 08:02:07 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/10/15 23:43:12 | 000,192,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/15 23:41:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\DEFMERGE.INI
[2011/10/15 23:37:59 | 000,002,510 | ---- | M] () -- C:\WINDOWS\Microsoft.MIF
[2011/10/15 23:36:22 | 000,402,736 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/15 23:36:22 | 000,063,220 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/15 23:31:52 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BERNINA Embroidery Software.lnk
[2011/10/15 23:09:31 | 000,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2011/10/15 23:08:41 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\Easy Internet Sign-up.job
[2011/10/15 23:07:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/10/15 23:07:23 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/10/15 23:07:23 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/10/15 23:07:23 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/10/15 23:07:23 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/10/15 22:23:04 | 000,104,226 | ---- | M] () -- C:\WINDOWS\hpoins04.dat
[2011/10/15 22:22:29 | 000,000,283 | RHS- | M] () -- C:\boot.ini
[2011/10/15 22:21:36 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\HP_Owner.GMASXP\Desktop\Register with HP.url
[2011/10/15 22:21:09 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/15 22:20:37 | 000,001,925 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_PW524AA-ABA a1040n_YC_0Pavi_QMXF514_E52NAheBLU1_47_IGoldfish3_SASUSTeK Computer INC._V1.xx_B3.19_T050310_WXH2_L409_M1016_J200_7Intel_8Pentium 4_93_#081202_N10EC8139_Z11C1048C_G80862582.MRK
[2011/10/15 22:19:37 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/15 22:18:34 | 000,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/10/15 22:18:30 | 000,002,158 | ---- | M] () -- C:\WINDOWS\System32\ssmute.ini
[2011/10/15 22:17:30 | 000,000,213 | RHS- | M] () -- C:\BOOT.BAK
[2011/10/11 15:35:12 | 000,000,848 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/16 09:41:11 | 000,000,304 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Desktop\internet explorer 8 problems xp Windows Internet Explorer 8 - Bing.url
[2011/10/16 08:36:06 | 000,001,147 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\My Documents\Frank.rtf
[2011/10/16 08:02:11 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/10/15 23:41:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DEFMERGE.INI
[2011/10/15 23:37:09 | 000,057,422 | ---- | C] () -- C:\WINDOWS\System32\mobileV.acm
[2011/10/15 23:09:31 | 000,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2011/10/15 23:08:34 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\Easy Internet Sign-up.job
[2011/10/15 22:21:36 | 000,000,603 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Desktop\Register with HP.url
[2011/10/15 22:20:21 | 000,001,925 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_PW524AA-ABA a1040n_YC_0Pavi_QMXF514_E52NAheBLU1_47_IGoldfish3_SASUSTeK Computer INC._V1.xx_B3.19_T050310_WXH2_L409_M1016_J200_7Intel_8Pentium 4_93_#081202_N10EC8139_Z11C1048C_G80862582.MRK
[2011/10/15 22:20:10 | 1064,685,568 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/15 22:19:59 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/10/15 22:19:59 | 000,000,926 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Microsoft\Internet Explorer\Quick Launch\RealPlayer.lnk
[2011/10/15 22:19:59 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/15 22:19:59 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2011/10/15 22:19:59 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/10/15 22:19:58 | 000,002,235 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Desktop\Help and Support.lnk
[2011/10/15 22:19:57 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Local Settings\Application Data\fusioncache.dat
[2011/10/15 22:19:53 | 000,001,692 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\Install Microsoft Money 2005.lnk
[2011/10/15 22:19:53 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\Remote Assistance.lnk
[2011/10/15 22:19:53 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\Windows Media Player.lnk
[2011/10/15 22:19:53 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\Internet Explorer.lnk
[2011/10/15 22:19:53 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\HP_Owner.GMASXP\Start Menu\Programs\Outlook Express.lnk
[2011/10/15 22:18:27 | 000,001,540 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Extended Service Plans.lnk
[2011/10/15 22:18:27 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Software Repair Wizard.lnk
[2010/10/27 13:40:58 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/10/22 16:29:49 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/08/10 11:20:40 | 001,374,154 | ---- | C] () -- C:\Program Files\wrar390.exe
[2010/06/13 14:34:33 | 000,001,481 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010/03/08 12:17:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Textart.INI
[2009/12/05 15:01:37 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI5_SETUP.ini
[2009/10/12 12:15:44 | 000,103,847 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2009/10/12 12:15:44 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2009/10/10 12:34:30 | 000,000,043 | ---- | C] () -- C:\WINDOWS\spookydisplay.ini
[2009/09/26 16:18:35 | 000,000,848 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/05/03 12:43:34 | 000,000,294 | ---- | C] () -- C:\WINDOWS\EReg077.dat
[2009/05/03 11:02:05 | 000,000,061 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2009/05/02 11:42:27 | 000,000,060 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/01/05 13:11:37 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini
[2008/12/13 11:58:06 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008/12/10 16:26:02 | 000,000,278 | ---- | C] () -- C:\WINDOWS\EReg213.dat
[2008/12/10 16:13:33 | 000,000,028 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2008/12/05 18:59:05 | 000,000,221 | ---- | C] () -- C:\WINDOWS\ka.ini
[2008/12/03 16:11:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Setup32.INI
[2008/12/02 14:41:21 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2008/12/02 14:41:18 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/12/02 14:41:18 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/12/02 14:41:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/12/02 14:41:17 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/12/02 14:41:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/12/02 14:41:11 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/12/02 14:41:10 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/12/02 14:40:58 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/10/15 03:52:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/10/15 03:43:00 | 000,402,736 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/10/15 03:43:00 | 000,063,220 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/10/15 03:41:10 | 000,192,184 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/10/15 03:37:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/10/15 03:36:06 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/09/13 16:35:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/20 03:14:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 03:14:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/08/04 11:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 11:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 11:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/06/15 21:38:02 | 000,000,549 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/06/07 11:32:52 | 000,009,505 | ---- | C] () -- C:\WINDOWS\System32\hphmon06.dat
[2003/04/10 23:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/01/07 23:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/01/11 12:34:55 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/01/11 12:31:27 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2002/01/11 12:31:27 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2002/01/11 12:31:27 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2002/01/11 12:31:27 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2002/01/11 12:31:27 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2002/01/11 12:31:27 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2002/01/11 12:04:53 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-6.3.2.62.exe
[2002/01/11 12:03:21 | 000,014,553 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2002/01/11 12:03:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2002/01/11 12:02:54 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2002/01/11 11:59:54 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2002/01/11 11:49:29 | 000,086,562 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2002/01/11 11:49:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2002/01/11 11:48:15 | 000,094,364 | ---- | C] () -- C:\WINDOWS\HPHins03.dat
[2002/01/11 11:48:15 | 000,002,655 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat
[2002/01/11 11:45:24 | 000,104,226 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2002/01/11 11:45:24 | 000,016,939 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2002/01/11 11:42:39 | 000,050,501 | ---- | C] () -- C:\WINDOWS\hpdins03.dat
[2002/01/11 11:42:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpdmdl01.dat
[2002/01/11 11:40:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/01/11 11:29:12 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/01/11 11:28:04 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2002/01/11 11:28:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2002/01/11 11:27:40 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2002/01/11 11:24:49 | 000,000,024 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AXEL.DAV
[2002/01/11 11:24:49 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\AXEL.DAV
[2002/01/11 11:24:48 | 000,000,024 | -H-- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\AXEL.DAV
[2002/01/11 11:24:48 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\AXEL.DAV
[2002/01/01 10:35:16 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2002/01/01 10:54:15 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2010/10/02 11:54:35 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2008/12/13 11:12:19 | 000,000,000 | ---D | M] -- C:\Program Files\AvantGo Connect
[2011/10/16 08:01:39 | 000,000,000 | ---D | M] -- C:\Program Files\AVAST Software
[2002/01/01 11:03:21 | 000,000,000 | ---D | M] -- C:\Program Files\BackWeb
[2011/01/25 19:29:07 | 000,000,000 | ---D | M] -- C:\Program Files\Bandoo
[2011/10/15 23:32:22 | 000,000,000 | ---D | M] -- C:\Program Files\BERNINA
[2009/05/21 11:19:29 | 000,000,000 | ---D | M] -- C:\Program Files\BFG
[2010/10/27 13:40:58 | 000,000,000 | ---D | M] -- C:\Program Files\Blaster
[2008/12/03 16:11:59 | 000,000,000 | ---D | M] -- C:\Program Files\Broderbund
[2011/10/15 22:27:44 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2004/11/03 22:20:22 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2002/01/01 10:37:26 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2011/06/15 17:01:33 | 000,000,000 | ---D | M] -- C:\Program Files\COOPERS GAMES
[2009/09/25 13:06:24 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2008/12/10 16:15:27 | 000,000,000 | ---D | M] -- C:\Program Files\directx
[2010/12/17 20:09:13 | 000,000,000 | ---D | M] -- C:\Program Files\Disney Interactive
[2011/10/15 23:08:42 | 000,000,000 | ---D | M] -- C:\Program Files\Easy Internet signup
[2009/10/21 14:27:20 | 000,000,000 | ---D | M] -- C:\Program Files\eGames
[2010/01/04 14:58:07 | 000,000,000 | ---D | M] -- C:\Program Files\Electric Quilt Company
[2011/01/06 10:41:32 | 000,000,000 | ---D | M] -- C:\Program Files\exPressit S.E. 2.2
[2010/11/15 17:07:19 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2002/01/01 11:07:37 | 000,000,000 | ---D | M] -- C:\Program Files\Help and Support Additions
[2002/01/01 11:02:35 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2002/01/01 10:46:10 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2002/01/01 11:33:47 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2002/01/01 10:54:37 | 000,000,000 | ---D | M] -- C:\Program Files\IntelliMover Data Transfer Demo
[2002/01/01 11:01:18 | 000,000,000 | ---D | M] -- C:\Program Files\InterMute
[2011/10/15 23:33:53 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2002/01/01 11:33:23 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2002/01/01 10:59:09 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2002/01/01 10:59:09 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/10/15 23:07:20 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2002/01/01 11:32:47 | 000,000,000 | ---D | M] -- C:\Program Files\Macrovision Corp
[2011/10/11 09:30:03 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2010/09/28 15:45:18 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Online Backup
[2010/09/28 15:43:37 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2010/09/28 15:45:31 | 000,000,000 | ---D | M] -- C:\Program Files\McAfeeMOBK
[2004/11/03 22:20:26 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2011/10/15 23:37:59 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2010/10/26 16:29:15 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2004/11/03 22:20:26 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/02/22 13:50:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Hardware
[2002/01/01 10:57:09 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2002/01/01 10:55:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Dancer LE
[2002/01/01 10:55:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2002/01/01 10:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2010/10/26 16:33:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2002/01/01 10:57:08 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2002/01/01 10:56:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2002/01/01 10:56:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2004/11/03 22:20:30 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/10/03 18:30:42 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2004/11/03 22:20:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2002/01/01 10:51:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Encarta Standard
[2004/11/03 22:20:36 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2010/01/28 10:26:22 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2002/01/01 11:33:47 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies
[2002/01/01 09:19:37 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2011/10/15 23:13:12 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2004/11/03 22:20:48 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2002/01/01 11:09:07 | 000,000,000 | ---D | M] -- C:\Program Files\PC-Doctor for DOS
[2002/01/01 11:08:59 | 000,000,000 | ---D | M] -- C:\Program Files\PC-Doctor for Windows
[2011/08/02 12:19:15 | 000,000,000 | ---D | M] -- C:\Program Files\PrintMaster 16
[2002/01/01 10:59:24 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2002/01/01 10:52:01 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2010/10/03 18:30:33 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/12/24 13:44:53 | 000,000,000 | ---D | M] -- C:\Program Files\Riverdeep
[2011/08/02 12:29:15 | 000,000,000 | ---D | M] -- C:\Program Files\Scholastic
[2002/01/01 10:50:41 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2002/01/01 10:50:46 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic RecordNow!
[2009/10/21 14:27:56 | 000,000,000 | ---D | M] -- C:\Program Files\TimeSink
[2004/11/03 22:20:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2002/01/01 11:03:19 | 000,000,000 | ---D | M] -- C:\Program Files\Updates from HP
[2010/12/24 23:54:41 | 000,000,000 | ---D | M] -- C:\Program Files\Web Publish
[2010/10/22 16:28:35 | 000,000,000 | ---D | M] -- C:\Program Files\Western Digital
[2002/01/01 10:53:08 | 000,000,000 | ---D | M] -- C:\Program Files\WildTangent
[2002/01/01 10:29:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2004/11/03 22:20:52 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/01/25 14:58:40 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Searchqu Toolbar
[2004/11/03 22:20:58 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/10/12 13:20:43 | 000,000,000 | ---D | M] -- C:\Program Files\WordPerfect Office 11
[2004/11/03 22:20:58 | 000,000,000 | ---D | M] -- C:\Program Files\xerox


< MD5 for: AGP440.SYS >
[2004/08/04 11:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011/10/03 17:13:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/03 21:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2011/10/03 17:13:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2011/10/03 17:13:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:AGP440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 11:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011/10/03 17:13:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/03 21:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2011/10/03 17:13:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2011/10/03 17:13:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004/08/03 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 11:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2011/10/03 17:13:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/03 21:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2011/10/03 17:13:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2011/10/03 17:13:29 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:disk.sys
[2004/08/03 21:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2004/08/03 21:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 11:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 11:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2004/08/04 11:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/04 11:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 11:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-16 15:13:41

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2004/08/04 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2004/08/04 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2004/08/04 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2004/08/04 11:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2004/08/04 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2004/08/04 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2004/08/04 11:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2004/08/04 11:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:78E0DF72

< End of report >

sllb

Unborn
Unborn

Posts : 2
Joined : 2011-10-17
Operating System : XP

View user profile

Back to top Go down

Re: OTL logfile

Post by DragonMaster Jay on Tue 18 Oct 2011, 12:42 am

Please visit this webpage for a tutorial on downloading and running ComboFix:

[You must be registered and logged in to see this link.]

See the area: Using ComboFix, and when done, post the log back here.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum