Sam-I did what I always accuse my father of doing with a computer-not being patient. Task manager was incorrect....it just took a long time on that particular key/hive.
Here is the log:
OTL logfile created on: 11/21/2009 8:52:03 AM - Run 1
OTL by OldTimer - Version 3.1.6.1 Folder = C:\Documents and Settings\Brad\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 95.24% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 3837 3837 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 88.55 Gb Total Space | 11.79 Gb Free Space | 13.32% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 465.76 Gb Total Space | 238.74 Gb Free Space | 51.26% Space Free | Partition Type: NTFS
Drive G: | 1000.25 Mb Total Space | 901.52 Mb Free Space | 90.13% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ABCDE
Current User Name: Brad
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/11/21 08:42:54 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brad\Desktop\OTL.exe
PRC - [2009/11/12 12:12:23 | 00,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009/01/05 06:16:00 | 00,598,016 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2009/01/05 06:16:00 | 00,598,016 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2007/09/25 00:11:35 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
PRC - [2007/06/13 03:23:08 | 01,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/04 00:56:58 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004/06/09 12:42:20 | 00,212,992 | ---- | M] (InterVideo Inc.) -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
PRC - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2000/06/26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSPSv.exe
PRC - [1999/12/13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE
========== Modules (SafeList) ==========
MOD - [2009/11/21 08:42:54 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brad\Desktop\OTL.exe
MOD - [2006/08/25 07:45:55 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004/08/04 00:56:44 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004/08/04 00:56:44 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mslbui.dll
MOD - [2001/08/23 04:00:00 | 00,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
MOD - [2001/08/23 04:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll
========== Win32 Services (SafeList) ==========
SRV - File not found -- -- (WMPNetworkSvc)
SRV - File not found -- -- (WmiApSrv)
SRV - File not found -- -- (stllssvr)
SRV - File not found -- -- (RoxWatch9)
SRV - File not found -- -- (RoxMediaDB9)
SRV - File not found -- -- (RoxLiveShare9)
SRV - File not found -- -- (Roxio Upnp Server 9)
SRV - File not found -- -- (Roxio UPnP Renderer 9)
SRV - File not found -- -- (NBService)
SRV - File not found -- -- (IDriverT)
SRV - File not found -- -- (CyberLink Media Library Service)
SRV - File not found -- -- (CLSched)
SRV - File not found -- -- (CLCapSvc)
SRV - File not found -- -- (AvSynMgr)
SRV - [2009/09/10 14:54:02 | 00,269,648 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2009/06/06 14:53:06 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9e6f991a7f5de)
SRV - [2009/02/26 03:06:44 | 00,137,200 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/01/05 06:16:00 | 00,598,016 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2008/12/01 14:35:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2008/11/17 19:42:37 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2007/03/11 22:02:52 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2007/03/11 22:02:20 | 00,589,824 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL -- (HPSLPSVC)
SRV - [2007/03/11 21:37:52 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2006/10/31 13:56:28 | 00,052,736 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZIPM12.DLL -- (Pml Driver HPZ12)
SRV - [2006/10/31 13:56:24 | 00,043,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPZINW12.DLL -- (Net Driver HPZ12)
SRV - [2006/05/29 17:19:11 | 00,077,944 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2004/08/04 00:56:46 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2000/06/26 07:44:20 | 00,053,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MsPMSPSv.exe -- (WMDM PMSP Service)
SRV - [1999/12/13 01:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.webweb123.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://join.clonecashsystem.com/track/NjU1...zUuMC4wLjAuMC4w
IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://join.clonecashsystem.com/track/NjU1...zUuMC4wLjAuMC4w
IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://search.yahoo.com/search?p={searchTe...-8&fr=b1ie7
IE - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\S-1-5-21-1614895754-1060284298-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\S-1-5-21-1614895754-1060284298-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-US.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15
FF - prefs.js..keyword.URL: "http://toolbar.ask.com/toolbarv/askRedirect?o=101757&gct=&gc=1&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 02:00:20 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/30 06:26:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/30 06:26:23 | 00,000,000 | ---D | M]
[2008/09/14 06:34:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Mozilla\Extensions
[2008/09/14 06:34:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/20 17:42:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\5l4evuuz.default\extensions
[2009/09/02 18:45:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\5l4evuuz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/06/01 21:18:39 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\5l4evuuz.default\searchplugins\ask.xml
[2009/11/20 17:42:08 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/30 06:26:23 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007/10/28 14:51:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2009/10/30 06:26:20 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/10/30 06:26:20 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2008/09/03 16:11:24 | 00,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2009/10/30 06:26:21 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009/02/27 11:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/09/12 17:08:29 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/12 17:08:29 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/12 17:08:29 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/12 17:08:29 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/12 17:08:29 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/12 17:08:29 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/12 17:08:30 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2008/12/24 11:20:53 | 06,320,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npsibelius.dll
[2005/04/27 17:31:10 | 00,225,280 | ---- | M] (Asgard Software Inc.) -- C:\Program Files\Mozilla Firefox\plugins\NPUploader.dll
[2004/01/13 18:09:25 | 00,176,176 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2009/04/25 21:57:33 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/04/25 21:57:33 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/04/25 21:57:33 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/04/25 21:57:33 | 00,002,343 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/04/25 21:57:33 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/04/25 21:57:33 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/04/25 21:57:33 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AsioReg] C:\WINDOWS\System32\CTASIO.DLL (Creative Technology Ltd)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe (Autodesk, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - Reg Error: Value error. File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1614895754-1060284298-839522115-1003\..Trusted Domains: 179 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} file://D:\content\include\XPPatchInstaller.CAB (PatchInstaller.Installer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3}
http://192.168.1.103/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {BC35E1AD-B98B-408E-8BC8-BF17CC09A981}
http://192.168.1.139/activex/AMC_mpeg2.cab (Axis MPEG HTTP Stream Source)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.macromedia.com/get/shock...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044}
http://192.168.1.109/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/03/29 20:40:32 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/11/12 19:05:12 | 00,000,028 | ---- | M] () - G:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{e3c2e948-b03d-11d8-88d7-0007e94a298a}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\verclsid.exe -- [2006/03/16 17:38:02 | 00,028,672 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: BtwSrv - File not found
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/03/29 20:40:11 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll (Microsoft Corporation)
NetSvcs: Ip6FwHlp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (70653779682263040)
========== Files/Folders - Created Within 14 Days ==========
[2009/11/21 08:42:54 | 00,528,896 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Brad\Desktop\OTL.exe
[2009/11/19 18:10:46 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/11/19 18:07:53 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/11/19 18:07:53 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/11/19 18:07:53 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/11/19 18:07:53 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/11/19 18:07:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/19 18:06:48 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/11/18 23:57:23 | 00,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2009/11/18 23:57:23 | 00,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2009/11/18 23:57:22 | 00,298,496 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2009/11/18 23:57:21 | 00,266,240 | R--- | C] (Cypress Semiconductor) -- C:\WINDOWS\SM1nint.exe
[2009/11/18 23:57:21 | 00,094,208 | R--- | C] (Cypress Semiconductor) -- C:\WINDOWS\SM1bg.exe
[2009/11/18 23:57:20 | 00,724,992 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2009/11/18 23:57:20 | 00,286,720 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun506.exe
[2009/11/18 23:57:20 | 00,094,208 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\ScUnin.exe
[2009/11/18 23:57:20 | 00,035,840 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\READREG.EXE
[2009/11/18 23:41:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\windows media
[2009/11/18 23:41:45 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ST510Clp
[2009/11/18 23:41:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DLA
[2009/11/18 23:40:33 | 00,102,400 | ---- | C] (Prime Entertainment) -- C:\WINDOWS\System32\Digital Movie Creator.scr
[2009/11/18 23:39:35 | 00,069,632 | ---- | C] (AvantGo, Inc.) -- C:\WINDOWS\System32\MBLLNK.CPL
[2009/11/18 23:39:15 | 00,049,152 | ---- | C] (Image Buider Software) -- C:\WINDOWS\System32\DMWaveDest.ax
[2009/11/18 23:38:04 | 00,409,600 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2009/11/18 23:37:29 | 00,266,240 | ---- | C] (ATI) -- C:\WINDOWS\System32\vctest.dll
[2009/11/18 23:36:56 | 00,012,382 | R--- | C] (Cypress Semiconductor) -- C:\WINDOWS\System32\SM1ui32.dll
[2009/11/18 23:35:57 | 00,036,864 | ---- | C] (Palm, Inc.) -- C:\WINDOWS\System32\PalmDevC.dll
[2009/11/18 23:34:12 | 00,114,688 | ---- | C] (AvantGo, Inc.) -- C:\WINDOWS\System32\MALSLIB.DLL
[2009/11/18 23:31:44 | 00,121,856 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\System32\CTSFINST.DLL
[2009/11/18 23:31:40 | 00,047,616 | ---- | C] (Creative Technology, Ltd) -- C:\WINDOWS\System32\CTEDASIO.DLL
[2009/11/18 23:31:39 | 00,146,432 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\System32\ctdvinst.dll
[2009/11/18 23:31:38 | 00,081,920 | ---- | C] (Creative Technology Limited) -- C:\WINDOWS\System32\ctcoinst.dll
[2009/11/18 23:31:36 | 00,045,056 | ---- | C] (TechSmith Corporation) -- C:\WINDOWS\System32\CSvidcap.dll
[2009/11/18 23:31:32 | 03,166,208 | ---- | C] (Roxio Inc.) -- C:\WINDOWS\System32\CPSIPP30.dll
[2009/11/18 23:31:24 | 00,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2009/11/18 23:30:53 | 00,295,424 | ---- | C] (BinaryWork Corp.) -- C:\WINDOWS\System32\bwmedia1.dll
[2009/11/18 23:30:46 | 00,122,880 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\AVITrim.dll
[2009/11/18 23:30:44 | 00,126,976 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\AVIClean.dll
[2009/11/18 23:30:21 | 00,688,128 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atimcenc.dll
[2009/11/18 23:29:44 | 00,029,696 | ---- | C] (Conducent) -- C:\WINDOWS\System32\Addon2VB.dll
[2009/11/18 23:28:22 | 00,086,106 | R--- | C] (Cypress Semiconductor) -- C:\WINDOWS\System32\SM1un.exe
[2009/11/18 23:28:11 | 00,663,675 | ---- | C] (Creative Labs Inc.) -- C:\WINDOWS\System32\OALInst.exe
[2009/11/18 23:27:56 | 00,009,216 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[2009/11/18 23:27:49 | 00,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe
[2009/11/18 23:27:40 | 00,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2009/11/18 23:27:34 | 00,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2009/11/13 08:24:40 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Brad\Desktop\HiJackThis.exe
[2009/11/13 07:41:50 | 02,056,616 | ---- | C] (ParetoLogic Inc.) -- C:\Documents and Settings\Brad\Desktop\RegCureSetup_RW.exe
[2009/11/13 06:46:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2009/11/13 06:46:25 | 00,000,000 | ---D | C] -- C:\Program Files\RegCure
[2009/11/12 12:16:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\84b770b
[2009/11/12 08:41:40 | 00,061,440 | ---- | C] (USA) -- C:\WINDOWS\System32\fgjk4wvb.dll
[2009/11/12 08:37:23 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\84b770b
[2009/11/10 18:02:37 | 00,000,000 | ---D | C] -- C:\Program Files\DirectVobSub
[2008/12/21 11:53:22 | 00,021,510 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SCI1PL.SYS
[2008/12/21 11:53:22 | 00,008,679 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\SCI0PL.SYS
[2006/08/07 19:58:28 | 00,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Brad\Application Data\pcouffin.sys
[2006/07/11 13:29:00 | 00,028,672 | R--- | C] ( ) -- C:\WINDOWS\System32\DivXGraphBuilderCallback.dll
[2004/03/30 22:52:51 | 00,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\Brad\*.tmp files -> C:\Documents and Settings\Brad\*.tmp -> ]
[1 C:\Documents and Settings\Brad\My Documents\*.tmp files -> C:\Documents and Settings\Brad\My Documents\*.tmp -> ]
========== Files - Modified Within 14 Days ==========
[2009/11/21 08:55:02 | 00,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/21 08:51:41 | 00,000,376 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Startup.job
[2009/11/21 08:42:54 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Brad\Desktop\OTL.exe
[2009/11/20 20:28:57 | 00,095,232 | ---- | M] () -- C:\Documents and Settings\Brad\My Documents\bradandlisapayments.xls
[2009/11/20 17:30:46 | 00,000,436 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/11/20 17:30:41 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/20 17:30:28 | 00,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/20 17:30:11 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/20 17:30:06 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/20 17:30:03 | 26,833,75616 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/19 20:09:32 | 00,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/19 20:09:32 | 00,030,036 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/19 20:09:32 | 00,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/19 20:09:32 | 00,029,760 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/19 20:09:32 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/11/19 20:09:32 | 00,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/11/19 20:09:32 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000004-10031102}.dat
[2009/11/19 20:09:32 | 00,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000002-00001102-00000004-10031102}.dat
[2009/11/19 20:09:12 | 08,912,896 | -H-- | M] () -- C:\Documents and Settings\Brad\NTUSER.DAT
[2009/11/19 20:09:10 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Brad\ntuser.ini
[2009/11/19 20:02:47 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/11/19 18:57:48 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/11/19 18:56:07 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/11/19 18:10:54 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/11/19 18:06:11 | 03,568,341 | ---- | M] () -- C:\Documents and Settings\Brad\Desktop\ComboFix.exe
[2009/11/19 08:19:50 | 04,317,646 | -H-- | M] () -- C:\Documents and Settings\Brad\Local Settings\Application Data\IconCache.db
[2009/11/19 07:45:25 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/11/19 07:45:25 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/11/19 07:43:38 | 00,002,464 | ---- | M] () -- C:\WINDOWS\$_hpcst$.hpc
[2009/11/19 07:32:44 | 00,000,134 | ---- | M] () -- C:\Documents and Settings\Brad\Desktop\Internet Explorer Troubleshooting.url
[2009/11/19 03:12:01 | 00,000,370 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2009/11/18 23:08:38 | 00,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/14 01:47:57 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/11/13 08:24:41 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Brad\Desktop\HiJackThis.exe
[2009/11/13 08:00:24 | 00,525,946 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/13 08:00:24 | 00,444,028 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/13 08:00:24 | 00,071,904 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/13 07:56:06 | 00,000,000 | ---- | M] () -- C:\WINDOWS\Nwujakezakoboxa.bin
[2009/11/13 07:41:50 | 02,056,616 | ---- | M] (ParetoLogic Inc.) -- C:\Documents and Settings\Brad\Desktop\RegCureSetup_RW.exe
[2009/11/13 06:46:26 | 00,000,748 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RegCure.lnk
[2009/11/12 23:11:00 | 00,000,120 | ---- | M] () -- C:\WINDOWS\Uwawa.dat
[2009/11/12 20:46:03 | 00,056,133 | ---- | M] () -- C:\virus 11122009.JPG
[2009/11/12 19:07:15 | 00,001,733 | ---- | M] () -- C:\Documents and Settings\Brad\Desktop\Internet Explorer.lnk
[2009/11/12 19:03:42 | 00,000,734 | -HS- | M] () -- C:\WINDOWS\System32\drivers\etc\Copy of hosts
[2009/11/12 18:51:15 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/11/12 12:14:07 | 00,000,152 | ---- | M] () -- C:\WINDOWS\System32\api.reg
[2009/11/12 08:42:42 | 00,000,348 | ---- | M] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/12 08:42:42 | 00,000,100 | ---- | M] () -- C:\WINDOWS\System32\flags.ini
[2009/11/12 08:41:40 | 00,061,440 | ---- | M] (USA) -- C:\WINDOWS\System32\fgjk4wvb.dll
[2009/11/12 07:46:39 | 00,516,152 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/10 18:03:49 | 00,109,056 | ---- | M] () -- C:\Documents and Settings\Brad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/10 17:01:01 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/10 07:29:47 | 02,109,440 | ---- | M] () -- C:\Documents and Settings\Brad\Desktop\vlc-1.0.3-win32.exe.part
[2009/11/09 17:42:36 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Brad\Desktop\vlc-1.0.3-win32.exe
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\Brad\*.tmp files -> C:\Documents and Settings\Brad\*.tmp -> ]
[1 C:\Documents and Settings\Brad\My Documents\*.tmp files -> C:\Documents and Settings\Brad\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/19 18:10:54 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/11/19 18:10:49 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/11/19 18:07:53 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/11/19 18:07:53 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/11/19 18:07:53 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/11/19 18:07:53 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2009/11/19 18:07:53 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/11/19 18:06:07 | 03,568,341 | ---- | C] () -- C:\Documents and Settings\Brad\Desktop\ComboFix.exe
[2009/11/19 07:43:38 | 00,002,464 | ---- | C] () -- C:\WINDOWS\$_hpcst$.hpc
[2009/11/19 07:32:44 | 00,000,134 | ---- | C] () -- C:\Documents and Settings\Brad\Desktop\Internet Explorer Troubleshooting.url
[2009/11/18 23:57:25 | 00,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2009/11/18 23:57:22 | 00,122,880 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2009/11/18 23:57:22 | 00,107,134 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2009/11/18 23:57:22 | 00,045,568 | ---- | C] () -- C:\WINDOWS\UniFish3.exe
[2009/11/18 23:57:21 | 00,018,432 | ---- | C] () -- C:\WINDOWS\SSK_B5.EXE
[2009/11/18 23:57:20 | 00,034,304 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2009/11/18 23:57:19 | 00,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
[2009/11/18 23:57:19 | 00,041,984 | ---- | C] () -- C:\WINDOWS\EDow_AS2.exe
[2009/11/18 23:57:19 | 00,021,312 | ---- | C] () -- C:\WINDOWS\choice.exe
[2009/11/18 23:40:53 | 00,006,760 | ---- | C] () -- C:\WINDOWS\System32\CTGAME.VXD
[2009/11/18 23:40:39 | 00,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
[2009/11/18 23:40:31 | 00,011,564 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000002-00001102-00000004-10031102}.rfx
[2009/11/18 23:40:29 | 00,013,398 | ---- | C] () -- C:\WINDOWS\System32\Repository.reg
[2009/11/18 23:40:27 | 00,000,715 | ---- | C] () -- C:\WINDOWS\System32\IDMC1Vex.pro
[2009/11/18 23:39:59 | 00,000,880 | ---- | C] () -- C:\WINDOWS\System32\IDMC1Vex.loc
[2009/11/18 23:39:59 | 00,000,366 | ---- | C] () -- C:\WINDOWS\System32\IDMC1Mnu.loc
[2009/11/18 23:39:59 | 00,000,337 | ---- | C] () -- C:\WINDOWS\System32\IDMC1Dld.loc
[2009/11/18 23:39:56 | 00,012,477 | ---- | C] () -- C:\WINDOWS\System32\ICM10UNI.hlp
[2009/11/18 23:39:53 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpFDD38.FOT
[2009/11/18 23:39:53 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpF1FBF.FOT
[2009/11/18 23:39:53 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpEFD38.FOT
[2009/11/18 23:39:53 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpE3FBF.FOT
[2009/11/18 23:39:53 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpD6FBF.FOT
[2009/11/18 23:39:53 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpD1E38.FOT
[2009/11/18 23:39:53 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpC9FBF.FOT
[2009/11/18 23:39:53 | 00,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpC3E38.FOT
[2009/11/18 23:39:42 | 00,265,042 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2009/11/18 23:39:42 | 00,231,281 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2009/11/18 23:39:42 | 00,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/11/18 23:39:41 | 00,044,567 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2009/11/18 23:39:30 | 00,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2009/11/18 23:39:26 | 00,086,446 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2009/11/18 23:39:26 | 00,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/11/18 23:39:11 | 00,081,408 | ---- | C] () -- C:\WINDOWS\System32\ATIVvpxx.ax
[2009/11/18 23:39:11 | 00,034,304 | ---- | C] () -- C:\WINDOWS\System32\ativyuxx.ax
[2009/11/18 23:36:05 | 00,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2009/11/18 23:35:35 | 00,110,080 | ---- | C] () -- C:\WINDOWS\System32\nlame.dll
[2009/11/18 23:34:29 | 00,217,088 | ---- | C] () -- C:\WINDOWS\System32\mp3enc.dll
[2009/11/18 23:33:30 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009/11/18 23:33:14 | 00,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2009/11/18 23:33:12 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[2009/11/18 23:33:02 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IDMC1Reg.dll
[2009/11/18 23:32:05 | 00,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2009/11/18 23:31:42 | 00,071,680 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[2009/11/18 23:31:38 | 00,037,888 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2009/11/18 23:30:53 | 00,150,016 | ---- | C] () -- C:\WINDOWS\System32\bwmedia.dll
[2009/11/18 23:30:33 | 00,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2009/11/18 23:28:17 | 00,033,792 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2009/11/18 23:28:14 | 00,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/11/18 23:28:14 | 00,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/11/18 23:28:11 | 00,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/11/18 23:27:59 | 00,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2009/11/18 23:27:51 | 00,004,096 | ---- | C] () -- C:\WINDOWS\System32\ENLOCSTR.EXE
[2009/11/18 23:27:49 | 00,055,296 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe
[2009/11/18 23:27:44 | 00,524,288 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2009/11/18 23:27:40 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\besch.exe
[2009/11/18 23:27:35 | 00,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/11/18 23:27:35 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009/11/18 23:27:35 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2009/11/14 14:10:38 | 26,833,75616 | -HS- | C] () -- C:\hiberfil.sys
[2009/11/13 06:46:30 | 00,000,436 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/11/13 06:46:29 | 00,000,376 | ---- | C] () -- C:\WINDOWS\tasks\RegCure Startup.job
[2009/11/13 06:46:29 | 00,000,370 | ---- | C] () -- C:\WINDOWS\tasks\RegCure.job
[2009/11/13 06:46:26 | 00,000,748 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RegCure.lnk
[2009/11/12 20:46:02 | 00,056,133 | ---- | C] () -- C:\virus 11122009.JPG
[2009/11/12 19:05:05 | 00,001,733 | ---- | C] () -- C:\Documents and Settings\Brad\Desktop\Internet Explorer.lnk
[2009/11/12 12:16:16 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Nwujakezakoboxa.bin
[2009/11/12 12:16:15 | 00,000,120 | ---- | C] () -- C:\WINDOWS\Uwawa.dat
[2009/11/12 12:14:07 | 00,000,152 | ---- | C] () -- C:\WINDOWS\System32\api.reg
[2009/11/12 08:42:25 | 00,000,348 | ---- | C] () -- C:\WINDOWS\System32\uses32.dat
[2009/11/12 08:42:25 | 00,000,100 | ---- | C] () -- C:\WINDOWS\System32\flags.ini
[2009/11/09 17:42:36 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Brad\Desktop\vlc-1.0.3-win32.exe
[2009/11/09 17:42:35 | 02,109,440 | ---- | C] () -- C:\Documents and Settings\Brad\Desktop\vlc-1.0.3-win32.exe.part
[2008/08/07 07:15:18 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Brad\Local Settings\Application Data\rx_image.Cache
[2007/11/28 21:34:59 | 00,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2007/11/21 14:34:11 | 00,001,254 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/11/06 09:07:30 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/10/17 08:22:32 | 00,000,265 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2006/10/14 13:59:38 | 00,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2006/09/24 10:46:47 | 00,000,165 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/08/16 12:47:38 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/08/09 03:19:50 | 00,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/08/09 03:19:50 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/08/09 00:00:00 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2006/08/07 19:58:29 | 00,000,034 | ---- | C] () -- C:\Documents and Settings\Brad\Application Data\pcouffin.log
[2006/08/07 19:58:28 | 00,087,608 | ---- | C] () -- C:\Documents and Settings\Brad\Application Data\ezpinst.exe
[2006/08/07 19:58:28 | 00,007,824 | ---- | C] () -- C:\Documents and Settings\Brad\Application Data\pcouffin.cat
[2006/08/07 19:58:28 | 00,001,144 | ---- | C] () -- C:\Documents and Settings\Brad\Application Data\pcouffin.inf
[2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/02/20 15:38:58 | 00,000,118 | ---- | C] () -- C:\WINDOWS\DVDFabGold.INI
[2005/07/15 10:35:56 | 00,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/15 10:35:56 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/07/15 10:35:24 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/07/09 11:10:35 | 00,004,934 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2005/06/22 05:43:36 | 00,026,311 | ---- | C] () -- C:\Program Files\Quicken.QIF
[2004/07/26 18:08:11 | 00,000,048 | ---- | C] () -- C:\WINDOWS\PerWin.ini
[2004/07/02 17:23:02 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/07/02 17:23:02 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/07/02 17:23:02 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/07/02 17:23:02 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/07/02 17:23:02 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/07/02 17:23:02 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/07/02 17:22:40 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2004/07/01 21:15:22 | 00,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2004/06/29 22:05:54 | 00,000,028 | ---- | C] () -- C:\WINDOWS\nanoPEG.ini
[2004/06/29 22:05:08 | 00,020,298 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2004/06/29 03:57:38 | 00,000,078 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2004/06/29 03:56:10 | 00,000,210 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/06/26 09:37:18 | 00,172,264 | ---- | C] () -- C:\Documents and Settings\Brad\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2004/05/31 14:24:10 | 00,109,056 | ---- | C] () -- C:\Documents and Settings\Brad\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/05/27 14:53:51 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/05/27 13:28:40 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2004/03/30 22:53:35 | 00,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2004/03/30 22:53:07 | 00,066,807 | ---- | C] () -- C:\WINDOWS\System32\Aud2_Del.ini
[2004/03/30 22:53:07 | 00,000,030 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/03/30 22:52:57 | 00,005,515 | ---- | C] () -- C:\WINDOWS\System32\ENSDEF.INI
[2004/03/30 22:52:57 | 00,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2004/03/30 22:52:00 | 00,000,136 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/03/30 22:02:52 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/03/29 20:58:48 | 04,317,646 | -H-- | C] () -- C:\Documents and Settings\Brad\Local Settings\Application Data\IconCache.db
[2004/03/29 20:58:07 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Brad\Application Data\desktop.ini
[2004/03/29 12:32:05 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2004/02/11 17:52:18 | 00,089,600 | ---- | C] () -- C:\WINDOWS\System32\MAGICLAB.DLL
[2003/10/02 00:00:00 | 00,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 00:00:00 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/03/30 04:02:45 | 00,684,032 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/04/11 10:47:52 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\msmscoin.dll
[2002/03/26 11:18:28 | 00,091,136 | ---- | C] () -- C:\WINDOWS\System32\mp4fil32.dll
[2002/01/20 04:26:36 | 00,073,728 | ---- | C] () -- C:\WINDOWS\System32\SimpleResize.dll
[2001/08/23 04:00:00 | 00,000,807 | ---- | C] () -- C:\WINDOWS\win.ini
[2001/08/23 04:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2001/04/30 03:51:00 | 00,004,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\naifsrec.sys
========== LOP Check ==========
[2009/11/12 08:40:45 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\84b770b
[2009/02/07 13:59:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2007/10/21 16:50:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI MMC
[2006/05/29 17:12:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2008/10/04 08:51:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle
[2008/10/04 08:51:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Plus
[2009/10/07 06:59:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate
[2009/11/13 06:46:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2008/11/17 19:44:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2008/10/04 08:51:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Studio 12
[2009/04/01 09:44:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TDK
[2008/09/07 21:20:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2004/06/30 05:04:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/03/04 12:16:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2007/05/20 12:30:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2009/02/07 13:59:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\ATI
[2006/05/29 17:12:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Autodesk
[2009/11/19 08:51:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\BitTorrent
[2009/10/01 15:51:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Cakewalk
[2009/03/05 21:13:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Diskeeper Corporation
[2009/11/21 09:02:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\DNA
[2007/11/27 17:29:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\DVDFab
[2009/02/10 19:05:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\EBookSys
[2007/09/26 06:30:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\GlobalSCAPE
[2007/12/01 15:36:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Image Zone Express
[2004/06/26 11:08:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\InterVideo
[2007/10/28 17:11:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Sharpcast
[2005/02/24 07:44:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Snapfish
[2004/06/21 18:52:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\ThumbsPlus
[2007/10/28 17:11:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\tmp
[2008/11/12 20:47:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\TrueCrypt
[2009/05/26 06:23:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\Vso
[2006/03/11 11:05:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Brad\Application Data\VSO_HWE
[2009/02/07 15:06:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\ATI
[2007/02/09 09:02:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\ATI MMC
[2006/05/30 15:58:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\Autodesk
[2009/06/12 20:30:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\BitTorrent
[2009/03/04 20:20:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\EBookSys
[2006/09/06 19:49:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\Image Zone Express
[2006/02/26 19:51:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\InterVideo
[2006/11/03 08:15:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\Sharpcast
[2008/12/24 11:23:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\Sibelius Software
[2004/06/21 18:56:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\ThumbsPlus
[2009/01/31 10:02:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lisa\Application Data\Vso
[2001/08/23 04:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/11/20 17:30:46 | 00,000,436 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2009/11/21 08:51:41 | 00,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Startup.job
[2009/11/19 03:12:01 | 00,000,370 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job
[2009/11/20 17:30:11 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Custom Scans ==========
< %systemdrive%\*.exe >
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2002/08/29 03:40:52 | 00,049,152 | ---- | M] (Microsoft Corporation) MD5=BF3C8CF53C77B48206B39910B6D6CBCC -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2004/08/04 00:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004/08/04 00:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 00:56:44 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2002/08/29 01:27:50 | 00,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5 -- C:\WINDOWS\system32\drivers\atapi.sys
[2002/08/29 01:27:50 | 00,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2002/08/29 01:27:50 | 00,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2001/08/17 13:58:00 | 00,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004/08/03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2004/08/03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2004/08/03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >
< %SYSTEMDRIVE%\viamraid.sys /s /md5 >
< %SYSTEMDRIVE%\nvata.sys /s /md5 >
< %SYSTEMDRIVE%\tdl*.dll >
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Tatiana's Basketball.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Tatiana.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Production 2.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Production 1.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Piano Reticle Jan 2007.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\New Years Eve 2007.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Kids Karate Testing Spring 2007.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Kids Early 2007.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Karate Bunkai, Jan 2008 first run.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\IMG_4879.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\gpedit.msc_screen_saver_set.bmp:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Copy of IMG_7566.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Christmas Even 2006.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Christmas Eve 2006.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\carly plays some basket ball.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\Brady Bunch-Episodes 1-10.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\bjork.mov:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\My Documents\4tj dan testing.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\Desktop\test.avi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\Desktop\look at 715.avi:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Brad\Desktop\EPS 23 THE HUMAN COMPUTER..avi:Roxio EMC Stream
@Alternate Data Stream - 156 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F7B65412
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E7833B2E
< End of report >
Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
Posted 13 November 2009 - 12:53 PM
hijackthis.log (11.72K)
Back to top
button.
