OTViewIt logfile created on: 12/29/2008 9:41:56 AM - Run 2
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\d\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
767.33 Mb Total Physical Memory | 337.48 Mb Available Physical Memory | 43.98% Memory free
1.83 Gb Paging File | 1.37 Gb Available in Paging File | 74.80% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.90 Gb Total Space | 6.24 Gb Free Space | 22.37% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DAVID
Current User Name: d
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== Processes ========== [2007/10/24 15:25:50 | 00,406,832 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe
[2002/11/07 21:22:10 | 00,147,456 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
[2007/03/06 09:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
[2006/04/24 13:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2007/07/12 09:47:30 | 00,169,264 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrlS.exe
[2007/07/12 09:47:26 | 00,173,360 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PAVFNSVR.EXE
[2007/06/14 15:38:02 | 00,063,024 | ---- | M] (Panda Software) -- C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe
[2007/09/28 12:29:00 | 00,148,272 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PAVSRV51.EXE
[2007/09/28 12:28:58 | 00,096,560 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE
[2007/01/15 12:42:16 | 00,067,120 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe
[2007/06/05 12:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
[2007/04/04 09:45:08 | 00,226,864 | ---- | M] (Panda Software International) -- c:\Program Files\Panda Security\Panda Internet Security 2008\FIREWALL\PSHost.exe
[2007/05/24 08:31:26 | 00,108,592 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe
[2006/09/28 19:18:00 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
[2007/03/03 12:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
[2003/06/13 14:37:48 | 00,045,056 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
[2003/06/13 14:37:48 | 00,450,560 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\BCMWLTRY.EXE
[2007/11/23 13:33:22 | 00,406,832 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\apvxdwin.exe
[2007/06/20 10:32:28 | 00,091,440 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\SrvLoad.exe
[2008/04/13 18:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2007/11/14 12:31:18 | 00,083,248 | ---- | M] (Panda Security International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe
[2003/05/02 16:21:48 | 00,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[2003/05/02 16:15:44 | 00,610,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2006/11/22 20:10:06 | 00,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
[2007/11/13 09:00:32 | 01,052,672 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
[2003/08/29 03:59:24 | 00,122,880 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\BCMSMMSG.exe
[2002/11/07 20:00:00 | 00,294,912 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[2007/07/26 05:47:30 | 00,111,920 | ---- | M] (Panda Software International, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe
[2008/12/29 08:56:52 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTViewIt.exe
[2003/07/16 14:25:23 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe
[2008/04/13 18:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2008/04/13 18:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2008/10/15 01:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/10/15 01:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
========== (O23) Win32 Services ========== [2005/09/23 06:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2002/11/07 21:22:10 | 00,147,456 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2007/03/06 09:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running])
[2005/09/23 06:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2007/12/13 10:07:20 | 00,018,944 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Printer\Center\KodakSvc.exe -- (KodakSvc [Auto | Stopped])
[2006/04/24 13:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2007/07/12 09:47:30 | 00,169,264 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrlS.exe -- (Panda Software Controller [Auto | Running])
[2007/07/12 09:47:26 | 00,173,360 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PAVFNSVR.EXE -- (PAVFNSVR [Auto | Running])
[2007/06/14 15:38:02 | 00,063,024 | ---- | M] (Panda Software) -- C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe -- (PavPrSrv [Auto | Running])
[2007/09/28 12:29:00 | 00,148,272 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PAVSRV51.EXE -- (PAVSRV [Auto | Running])
[2007/01/15 12:42:16 | 00,067,120 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe -- (pmshellsrv [Auto | Running])
[2007/06/05 12:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing [Auto | Start_Pending])
[2007/04/04 09:45:08 | 00,226,864 | ---- | M] (Panda Software International) -- c:\Program Files\Panda Security\Panda Internet Security 2008\FIREWALL\PSHost.exe -- (PSHost [Auto | Running])
[2007/05/24 08:31:26 | 00,108,592 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe -- (PSIMSVC [Auto | Running])
[2006/09/28 19:18:00 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
[2007/10/24 15:25:50 | 00,406,832 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe -- (TPSrv [Auto | Running])
[2007/03/03 12:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running])
[2003/06/13 14:37:48 | 00,045,056 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE -- (WLTRYSVC [Auto | Running])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Driver Services ========== [2007/09/28 12:05:40 | 00,071,608 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\APPFLT.SYS -- (APPFLT [System | Running])
[2002/11/07 21:31:36 | 00,539,392 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
File not found -- -- (AvFlt [On_Demand | Running])
[2003/06/13 14:37:48 | 00,254,208 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX [On_Demand | Stopped])
[2002/12/17 10:41:36 | 00,042,368 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
[2003/08/29 03:59:24 | 01,101,696 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem [On_Demand | Running])
[2008/12/29 08:53:21 | 00,013,880 | ---- | M] () -- C:\WINDOWS\system32\drivers\COMFiltr.sys -- (ComFiltr [On_Demand | Running])
[2007/06/08 06:44:06 | 00,024,760 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\cpoint.sys -- (cpoint [Auto | Running])
[2007/05/11 07:33:06 | 00,051,256 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\dsaflt.sys -- (DSAFLT [System | Running])
[2007/11/14 16:48:22 | 00,021,816 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\fnetmon.sys -- (FNETMON [System | Running])
[2007/07/11 09:39:48 | 00,191,672 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\idsflt.sys -- (IDSFLT [System | Running])
[2007/10/25 07:50:32 | 00,132,664 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\NETFLTDI.SYS -- (NETFLTDI [System | Running])
[2007/11/19 12:01:50 | 00,143,160 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\netimflt.sys -- (NETIMFLT01050097 [On_Demand | Running])
[2003/05/06 08:51:18 | 00,017,156 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI [System | Running])
[2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
[2007/09/28 12:24:18 | 00,083,896 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\pavdrv51.sys -- (PAVDRV [Auto | Running])
[2007/07/12 12:49:38 | 00,178,872 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc [Auto | Running])
File not found -- -- (PavSRK.sys [On_Demand | Running])
File not found -- -- (PavTPK.sys [On_Demand | Running])
[2006/05/23 14:00:26 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2003/07/16 14:42:18 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2003/07/16 14:40:01 | 00,023,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\refblhlo.sys -- (refblhlo [Boot | Running])
[2008/12/04 13:50:04 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV [System | Running])
[2008/12/04 13:50:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
[2008/12/04 13:50:02 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System | Running])
[2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2007/05/23 14:40:30 | 00,038,968 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv [System | Running])
[2007/05/11 07:33:32 | 00,037,304 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\smsflt.sys -- (SMSFLT [System | Running])
[2003/04/25 16:10:52 | 00,220,176 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97 [On_Demand | Running])
[2003/05/02 15:45:40 | 00,270,640 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2007/05/11 07:33:34 | 00,030,648 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\wnmflt.sys -- (WNMFLT [System | Running])
[2003/07/16 14:53:06 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])
========== (R ) Internet Explorer ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.yahoo.com/
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 192.168.0.1;<local>
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.yahoo.com/
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 192.168.0.1;<local>
========== (O1) Hosts File ========== HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
========== (O2) BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
{1B29C093-FF94-4607-A625-E3DDF190CA29} (HKLM) -- C:\WINDOWS\system32\amstrea.dll ()
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} (HKLM) -- C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
========== (O4) Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"APVXDWIN"="C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s (Panda Software International)
"ATIModeChange"=Ati2mdxx.exe (ATI Technologies, Inc.)
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
"BCMSMMSG"=BCMSMMSG.exe (Broadcom Corporation)
"EKIJ5000StatusMonitor"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
"EverioService"="C:\Program Files\CyberLink\PCM4Everio\EverioService.exe" (CyberLink Corp.)
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
"SCANINICIO"="C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" (Panda Software International)
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
"UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation)
"UVS12 Preload"=C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Ulead Systems, Inc.)
========== (O4) RunOnceEx Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
""= File not found
========== (O4) Startup Folders ========== ========== (O6 & O7) Current Version Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
========== (O9) IE Extensions ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}: Button: PokerStars -- %ProgramFiles%\PokerStars\PokerStarsUpdate.exe [2008/09/07 14:39:03 | 00,603,416 | ---- | M] (PokerStars)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}: Button: Yahoo! Services -- %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [2007/12/12 16:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
========== (O12) Internet Explorer Plugins ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" =
http://activex.microsoft.com/controls/find...=%s&mime=%sPluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
========== (O13) Default Prefixes ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
========== (O15) Trusted Sites ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
50 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
========== (O16) DPF ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}:
http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab -- ActiveScan 2.0 Installer Class
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: C:\Program Files\Yahoo!\Common\Yinsthelper.dll -- Installation Support
{49232000-16E4-426C-A231-62846947304B}:
http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab -- SysData Class
{88D969C0-F192-11D4-A65F-0040963251E5}:
http://ipgweb.cce.hp.com/rdqcpc/downloads/msxml4.cab -- XML DOM Document 4.0
{8AD9C840-044E-11D1-B3E9-00805F499D93}:
http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jd...ows-i586-jc.cab -- Java Plug-in 1.6.0_07
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}:
http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{D27CDB6E-AE6D-11CF-96B8-444553540000}:
http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab -- Shockwave Flash Object
========== (O17) DNS Name Servers ========== {1E2DD983-7B4F-409C-9412-972ED04AFB49} (Servers: | Description: Dell TrueMobile 1300 WLAN Mini-PCI Card)
{5B7F3451-DCBC-4174-8F3F-8DF0E45DDB1C} (Servers: | Description: 1394 Net Adapter)
{B90E4392-DAA3-45A6-834D-9253D44C99A8} (Servers: | Description: Broadcom 440x 10/100 Integrated Controller)
========== (O20) Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.dll -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
avldr: "DllName" = avldr.dll -- C:\WINDOWS\system32\avldr.dll (Panda Software International)
========== Shell Execute Hooks ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
========== Safeboot Options ========== "AlternateShell"=cmd.exe
========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ========== AUTOEXEC.BAT []
[2008/05/27 22:18:51 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]
========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deb81219-2d8d-11dd-a51a-000d56acc60b}\Shell\PlayVideoFilesOnArrival_PlayDVD\command]
""=C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe -- [2005/06/13 14:59:00 | 03,608,576 | ---- | M] (Nero Software AG)
========== Files/Folders - Created Within 30 Days ========== [5 C:\WINDOWS\System32\*.tmp files]
[8 C:\WINDOWS\*.tmp files]
[2008/12/29 08:56:41 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTViewIt.exe
[2008/12/29 08:51:47 | 00,018,224 | ---- | C] (Panda Software International) -- C:\WINDOWS\System32\pfdnnt.exe
[2008/12/29 08:48:53 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/12/29 08:47:37 | 01,033,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTMoveIt3.exe
[2008/12/28 22:02:06 | 00,000,256 | ---- | C] () -- C:\WINDOWS\tasks\µTorrent.job
[2008/12/20 14:55:27 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2008/12/20 14:55:27 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2008/12/19 12:39:13 | 00,013,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2008/12/15 11:09:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\d\Local Settings\Application Data\Innova_Electronics_Corp
[2008/12/15 10:58:43 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2008/12/15 10:58:43 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2008/12/15 10:58:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Innova Electronics Corp
[2008/12/15 10:56:53 | 00,000,000 | ---D | C] -- C:\Program Files\RepairSolutions
[2008/12/13 21:54:08 | 00,000,000 | ---D | C] -- C:\Program Files\Photo Viewer
[2008/12/13 02:03:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2008/12/13 02:03:11 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2008/12/13 02:03:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\d\Application Data\SUPERAntiSpyware.com
[2008/12/13 01:51:51 | 00,006,062 | ---- | C] () -- C:\Documents and Settings\d\My Documents\removal.rtf
[2008/12/12 11:39:44 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/12/12 11:39:40 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/12 11:39:38 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/12/07 20:50:04 | 00,000,000 | ---D | C] -- C:\Temp
[2008/12/07 10:23:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/12/07 09:55:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2008/12/07 09:54:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2008/12/07 09:54:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2008/12/07 03:27:33 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2008/12/07 03:27:23 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2008/12/07 03:27:17 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2008/12/07 03:27:16 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2008/12/07 03:26:44 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2008/12/07 03:26:43 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2008/12/07 03:26:04 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2008/12/07 03:26:03 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2008/12/07 03:25:52 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2008/12/07 03:25:46 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2008/12/07 03:25:44 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2008/12/07 03:25:41 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2008/12/07 03:25:40 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2008/12/07 03:25:40 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2008/12/07 03:25:33 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2008/12/07 03:25:25 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2008/12/07 03:24:53 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2008/12/07 03:24:53 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2008/12/07 03:24:53 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2008/12/07 03:24:49 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2008/12/07 03:24:49 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2008/12/07 03:24:48 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2008/12/07 03:24:48 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2008/12/07 03:24:41 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2008/12/07 03:24:40 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2008/12/07 03:23:54 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2008/12/07 03:23:52 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2008/12/07 03:23:52 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2008/12/07 03:23:52 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2008/12/07 03:23:19 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2008/12/07 03:23:17 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2008/12/07 03:23:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2008/12/07 03:23:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2008/12/07 03:23:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2008/12/07 03:23:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2008/12/07 03:22:58 | 00,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2008/12/07 03:22:34 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2008/12/07 03:22:34 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2008/12/07 03:22:34 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2008/12/07 03:22:34 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2008/12/07 03:22:34 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2008/12/07 03:22:34 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2008/12/07 03:22:34 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2008/12/07 03:22:33 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2008/12/07 03:22:25 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2008/12/07 03:22:25 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2008/12/07 03:22:25 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2008/12/07 03:22:25 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2008/12/07 03:22:25 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2008/12/07 03:22:25 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2008/12/07 03:22:24 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2008/12/07 03:22:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2008/12/07 03:22:20 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2008/12/07 03:22:19 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2008/12/07 03:22:09 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2008/12/07 03:21:54 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2008/12/07 03:21:53 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2008/12/07 03:21:37 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2008/12/06 19:45:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\d\Application Data\Malwarebytes
[2008/12/06 19:45:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/12/06 14:47:16 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/12/06 14:47:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2008/12/03 22:11:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2008/12/03 21:25:08 | 00,000,168 | R--- | C] () -- C:\Documents and Settings\d\My Documents\Document.rtf
[2008/12/03 21:04:42 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2008/12/02 17:44:15 | 00,046,960 | R--- | C] () -- C:\Documents and Settings\d\My Documents\clara barten.wpd
========== Files - Modified Within 30 Days ========== [5 C:\WINDOWS\System32\*.tmp files]
[8 C:\WINDOWS\*.tmp files]
[2008/12/29 08:56:52 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTViewIt.exe
[2008/12/29 08:55:38 | 00,272,836 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls.bck
[2008/12/29 08:55:38 | 00,272,836 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls
[2008/12/29 08:55:38 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg.bck
[2008/12/29 08:55:38 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg
[2008/12/29 08:55:35 | 00,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg.bck
[2008/12/29 08:55:35 | 00,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg
[2008/12/29 08:55:35 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg.bck
[2008/12/29 08:55:35 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg
[2008/12/29 08:55:35 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg.bck
[2008/12/29 08:55:35 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg
[2008/12/29 08:55:35 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\SmsFlt.cfg.bck
[2008/12/29 08:55:35 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\SmsFlt.cfg
[2008/12/29 08:55:34 | 00,287,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck
[2008/12/29 08:55:34 | 00,287,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT
[2008/12/29 08:55:34 | 00,001,244 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck
[2008/12/29 08:55:34 | 00,001,244 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG
[2008/12/29 08:53:21 | 00,013,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2008/12/29 08:51:24 | 00,000,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAV.alt.bck
[2008/12/29 08:51:24 | 00,000,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAV.alt
[2008/12/29 08:51:24 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt.bck
[2008/12/29 08:51:24 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt
[2008/12/29 08:50:57 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/29 08:50:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/29 08:47:46 | 01,033,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTMoveIt3.exe
[2008/12/29 04:55:00 | 00,000,256 | ---- | M] () -- C:\WINDOWS\tasks\µTorrent.job
[2008/12/29 00:00:08 | 00,000,496 | ---- | M] () -- C:\WINDOWS\tasks\Basic clean-up.job
[2008/12/28 19:52:33 | 00,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2008/12/28 19:42:56 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/19 12:53:06 | 04,310,098 | -H-- | M] () -- C:\Documents and Settings\d\Local Settings\Application Data\IconCache.db
[2008/12/18 21:42:46 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/15 01:01:30 | 00,000,026 | ---- | M] () -- C:\WINDOWS\dvdSanta.INI
[2008/12/13 01:51:51 | 00,006,062 | ---- | M] () -- C:\Documents and Settings\d\My Documents\removal.rtf
[2008/12/13 00:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2008/12/13 00:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008/12/11 03:05:22 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/12/09 17:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2008/12/07 10:28:39 | 00,432,340 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/12/07 10:28:39 | 00,070,364 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/12/07 10:28:34 | 00,510,030 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/07 10:22:16 | 00,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/07 09:25:47 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2008/12/07 01:27:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\wnmsav.dat
[2008/12/04 17:28:43 | 00,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008/12/03 22:22:46 | 00,000,667 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/12/03 22:22:46 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/12/03 22:22:46 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2008/12/03 21:25:08 | 00,000,168 | R--- | M] () -- C:\Documents and Settings\d\My Documents\Document.rtf
[2008/12/03 19:59:06 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/03 19:59:02 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/12/03 06:40:50 | 00,046,960 | R--- | M] () -- C:\Documents and Settings\d\My Documents\clara barten.wpd
< End of report >
OTViewIt logfile created on: 12/29/2008 9:41:56 AM - Run 2
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\d\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
767.33 Mb Total Physical Memory | 337.48 Mb Available Physical Memory | 43.98% Memory free
1.83 Gb Paging File | 1.37 Gb Available in Paging File | 74.80% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304;
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.90 Gb Total Space | 6.24 Gb Free Space | 22.37% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DAVID
Current User Name: d
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
========== Processes ========== [2007/10/24 15:25:50 | 00,406,832 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe
[2002/11/07 21:22:10 | 00,147,456 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe
[2007/03/06 09:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
[2006/04/24 13:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
[2007/07/12 09:47:30 | 00,169,264 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrlS.exe
[2007/07/12 09:47:26 | 00,173,360 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PAVFNSVR.EXE
[2007/06/14 15:38:02 | 00,063,024 | ---- | M] (Panda Software) -- C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe
[2007/09/28 12:29:00 | 00,148,272 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PAVSRV51.EXE
[2007/09/28 12:28:58 | 00,096,560 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE
[2007/01/15 12:42:16 | 00,067,120 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe
[2007/06/05 12:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
[2007/04/04 09:45:08 | 00,226,864 | ---- | M] (Panda Software International) -- c:\Program Files\Panda Security\Panda Internet Security 2008\FIREWALL\PSHost.exe
[2007/05/24 08:31:26 | 00,108,592 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe
[2006/09/28 19:18:00 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe
[2007/03/03 12:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
[2003/06/13 14:37:48 | 00,045,056 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
[2003/06/13 14:37:48 | 00,450,560 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\BCMWLTRY.EXE
[2007/11/23 13:33:22 | 00,406,832 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\apvxdwin.exe
[2007/06/20 10:32:28 | 00,091,440 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\SrvLoad.exe
[2008/04/13 18:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2007/11/14 12:31:18 | 00,083,248 | ---- | M] (Panda Security International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe
[2003/05/02 16:21:48 | 00,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
[2003/05/02 16:15:44 | 00,610,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[2008/06/10 03:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
[2006/11/22 20:10:06 | 00,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
[2007/11/13 09:00:32 | 01,052,672 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
[2003/08/29 03:59:24 | 00,122,880 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\BCMSMMSG.exe
[2002/11/07 20:00:00 | 00,294,912 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
[2007/07/26 05:47:30 | 00,111,920 | ---- | M] (Panda Software International, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PavBckPT.exe
[2008/12/29 08:56:52 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTViewIt.exe
[2003/07/16 14:25:23 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cidaemon.exe
[2008/04/13 18:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2008/04/13 18:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2008/10/15 01:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2008/10/15 01:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
========== (O23) Win32 Services ========== [2005/09/23 06:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2002/11/07 21:22:10 | 00,147,456 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2007/03/06 09:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running])
[2005/09/23 06:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[2007/12/13 10:07:20 | 00,018,944 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Printer\Center\KodakSvc.exe -- (KodakSvc [Auto | Stopped])
[2006/04/24 13:25:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
[2007/07/12 09:47:30 | 00,169,264 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrlS.exe -- (Panda Software Controller [Auto | Running])
[2007/07/12 09:47:26 | 00,173,360 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PAVFNSVR.EXE -- (PAVFNSVR [Auto | Running])
[2007/06/14 15:38:02 | 00,063,024 | ---- | M] (Panda Software) -- C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe -- (PavPrSrv [Auto | Running])
[2007/09/28 12:29:00 | 00,148,272 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PAVSRV51.EXE -- (PAVSRV [Auto | Running])
[2007/01/15 12:42:16 | 00,067,120 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe -- (pmshellsrv [Auto | Running])
[2007/06/05 12:20:32 | 00,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing [Auto | Start_Pending])
[2007/04/04 09:45:08 | 00,226,864 | ---- | M] (Panda Software International) -- c:\Program Files\Panda Security\Panda Internet Security 2008\FIREWALL\PSHost.exe -- (PSHost [Auto | Running])
[2007/05/24 08:31:26 | 00,108,592 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe -- (PSIMSVC [Auto | Running])
[2006/09/28 19:18:00 | 00,266,343 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running])
[2007/10/24 15:25:50 | 00,406,832 | ---- | M] (Panda Software International) -- C:\Program Files\Panda Security\Panda Internet Security 2008\TPSrv.exe -- (TPSrv [Auto | Running])
[2007/03/03 12:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running])
[2003/06/13 14:37:48 | 00,045,056 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE -- (WLTRYSVC [Auto | Running])
[2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Driver Services ========== [2007/09/28 12:05:40 | 00,071,608 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\APPFLT.SYS -- (APPFLT [System | Running])
[2002/11/07 21:31:36 | 00,539,392 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
File not found -- -- (AvFlt [On_Demand | Running])
[2003/06/13 14:37:48 | 00,254,208 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX [On_Demand | Stopped])
[2002/12/17 10:41:36 | 00,042,368 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp [On_Demand | Running])
[2003/08/29 03:59:24 | 01,101,696 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMSM.sys -- (BCMModem [On_Demand | Running])
[2008/12/29 08:53:21 | 00,013,880 | ---- | M] () -- C:\WINDOWS\system32\drivers\COMFiltr.sys -- (ComFiltr [On_Demand | Running])
[2007/06/08 06:44:06 | 00,024,760 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\cpoint.sys -- (cpoint [Auto | Running])
[2007/05/11 07:33:06 | 00,051,256 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\dsaflt.sys -- (DSAFLT [System | Running])
[2007/11/14 16:48:22 | 00,021,816 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\fnetmon.sys -- (FNETMON [System | Running])
[2007/07/11 09:39:48 | 00,191,672 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\idsflt.sys -- (IDSFLT [System | Running])
[2007/10/25 07:50:32 | 00,132,664 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\NETFLTDI.SYS -- (NETFLTDI [System | Running])
[2007/11/19 12:01:50 | 00,143,160 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\netimflt.sys -- (NETIMFLT01050097 [On_Demand | Running])
[2003/05/06 08:51:18 | 00,017,156 | ---- | M] (Dell Computer Corporation) -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI [System | Running])
[2008/06/19 17:24:30 | 00,028,544 | ---- | M] (Panda Security, S.L.) -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot [Boot | Running])
[2007/09/28 12:24:18 | 00,083,896 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\pavdrv51.sys -- (PAVDRV [Auto | Running])
[2007/07/12 12:49:38 | 00,178,872 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\PavProc.sys -- (PavProc [Auto | Running])
File not found -- -- (PavSRK.sys [On_Demand | Running])
File not found -- -- (PavTPK.sys [On_Demand | Running])
[2006/05/23 14:00:26 | 00,010,368 | ---- | M] (Padus, Inc.) -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc [On_Demand | Running])
[2003/07/16 14:42:18 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2003/07/16 14:40:01 | 00,023,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\refblhlo.sys -- (refblhlo [Boot | Running])
[2008/12/04 13:50:04 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV [System | Running])
[2008/12/04 13:50:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
[2008/12/04 13:50:02 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL [System | Running])
[2007/11/13 04:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
[2007/05/23 14:40:30 | 00,038,968 | ---- | M] (Panda Software) -- C:\WINDOWS\system32\drivers\ShlDrv51.sys -- (ShldDrv [System | Running])
[2007/05/11 07:33:32 | 00,037,304 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\smsflt.sys -- (SMSFLT [System | Running])
[2003/04/25 16:10:52 | 00,220,176 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97 [On_Demand | Running])
[2003/05/02 15:45:40 | 00,270,640 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP [On_Demand | Running])
[2007/05/11 07:33:34 | 00,030,648 | ---- | M] (Panda Software International) -- C:\WINDOWS\system32\drivers\wnmflt.sys -- (WNMFLT [System | Running])
[2003/07/16 14:53:06 | 00,012,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL [System | Running])
========== (R ) Internet Explorer ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=%SystemRoot%\system32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.yahoo.com/
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 192.168.0.1;<local>
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\SOFTWARE\Microsoft\Internet Explorer\Main]
"Local Page"=C:\WINDOWS\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.yahoo.com/
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 192.168.0.1;<local>
========== (O1) Hosts File ========== HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
========== (O2) BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
{1B29C093-FF94-4607-A625-E3DDF190CA29} (HKLM) -- C:\WINDOWS\system32\amstrea.dll ()
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} (HKLM) -- C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
========== (O4) Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
"APVXDWIN"="C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s (Panda Software International)
"ATIModeChange"=Ati2mdxx.exe (ATI Technologies, Inc.)
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
"BCMSMMSG"=BCMSMMSG.exe (Broadcom Corporation)
"EKIJ5000StatusMonitor"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
"EverioService"="C:\Program Files\CyberLink\PCM4Everio\EverioService.exe" (CyberLink Corp.)
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
"SCANINICIO"="C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" (Panda Software International)
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
"UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation)
"UVS12 Preload"=C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Ulead Systems, Inc.)
========== (O4) RunOnceEx Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
""= File not found
========== (O4) Startup Folders ========== ========== (O6 & O7) Current Version Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145
========== (O9) IE Extensions ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Menu: Sun Java Console -- %ProgramFiles%\Java\jre1.6.0_07\bin\npjpi160_07.dll [2008/06/10 03:27:02 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.)
{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}: Button: PokerStars -- %ProgramFiles%\PokerStars\PokerStarsUpdate.exe [2008/09/07 14:39:03 | 00,603,416 | ---- | M] (PokerStars)
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}: Button: Yahoo! Services -- %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [2007/12/12 16:09:42 | 00,222,448 | ---- | M] (Yahoo! Inc.)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 12:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 18:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
========== (O12) Internet Explorer Plugins ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" =
http://activex.microsoft.com/controls/find...=%s&mime=%sPluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
========== (O13) Default Prefixes ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
========== (O15) Trusted Sites ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
50 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_USERS\S-1-5-21-1801674531-507921405-842925246-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
49 domain(s) and sub-domain(s) not assigned to a zone.
========== (O16) DPF ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}:
http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab -- ActiveScan 2.0 Installer Class
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}: C:\Program Files\Yahoo!\Common\Yinsthelper.dll -- Installation Support
{49232000-16E4-426C-A231-62846947304B}:
http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab -- SysData Class
{88D969C0-F192-11D4-A65F-0040963251E5}:
http://ipgweb.cce.hp.com/rdqcpc/downloads/msxml4.cab -- XML DOM Document 4.0
{8AD9C840-044E-11D1-B3E9-00805F499D93}:
http://dl8-cdn-01.sun.com/s/ESD44/JSCDL/jd...ows-i586-jc.cab -- Java Plug-in 1.6.0_07
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}:
http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}:
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_07
{D27CDB6E-AE6D-11CF-96B8-444553540000}:
http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab -- Shockwave Flash Object
========== (O17) DNS Name Servers ========== {1E2DD983-7B4F-409C-9412-972ED04AFB49} (Servers: | Description: Dell TrueMobile 1300 WLAN Mini-PCI Card)
{5B7F3451-DCBC-4174-8F3F-8DF0E45DDB1C} (Servers: | Description: 1394 Net Adapter)
{B90E4392-DAA3-45A6-834D-9253D44C99A8} (Servers: | Description: Broadcom 440x 10/100 Integrated Controller)
========== (O20) Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
!SASWinLogon: "DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.dll -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
avldr: "DllName" = avldr.dll -- C:\WINDOWS\system32\avldr.dll (Panda Software International)
========== Shell Execute Hooks ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" (HKLM) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
========== Safeboot Options ========== "AlternateShell"=cmd.exe
========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
========== Autorun Files on Drives ========== AUTOEXEC.BAT []
[2008/05/27 22:18:51 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]
========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{deb81219-2d8d-11dd-a51a-000d56acc60b}\Shell\PlayVideoFilesOnArrival_PlayDVD\command]
""=C:\Program Files\Ahead\Nero ShowTime\ShowTime.exe -- [2005/06/13 14:59:00 | 03,608,576 | ---- | M] (Nero Software AG)
========== Files/Folders - Created Within 30 Days ========== [5 C:\WINDOWS\System32\*.tmp files]
[8 C:\WINDOWS\*.tmp files]
[2008/12/29 08:56:41 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTViewIt.exe
[2008/12/29 08:51:47 | 00,018,224 | ---- | C] (Panda Software International) -- C:\WINDOWS\System32\pfdnnt.exe
[2008/12/29 08:48:53 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
[2008/12/29 08:47:37 | 01,033,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTMoveIt3.exe
[2008/12/28 22:02:06 | 00,000,256 | ---- | C] () -- C:\WINDOWS\tasks\µTorrent.job
[2008/12/20 14:55:27 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2008/12/20 14:55:27 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2008/12/19 12:39:13 | 00,013,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2008/12/15 11:09:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\d\Local Settings\Application Data\Innova_Electronics_Corp
[2008/12/15 10:58:43 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2008/12/15 10:58:43 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2008/12/15 10:58:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Innova Electronics Corp
[2008/12/15 10:56:53 | 00,000,000 | ---D | C] -- C:\Program Files\RepairSolutions
[2008/12/13 21:54:08 | 00,000,000 | ---D | C] -- C:\Program Files\Photo Viewer
[2008/12/13 02:03:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2008/12/13 02:03:11 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2008/12/13 02:03:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\d\Application Data\SUPERAntiSpyware.com
[2008/12/13 01:51:51 | 00,006,062 | ---- | C] () -- C:\Documents and Settings\d\My Documents\removal.rtf
[2008/12/12 11:39:44 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/12/12 11:39:40 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/12 11:39:38 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/12/07 20:50:04 | 00,000,000 | ---D | C] -- C:\Temp
[2008/12/07 10:23:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2008/12/07 09:55:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2008/12/07 09:54:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2008/12/07 09:54:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2008/12/07 03:27:33 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2008/12/07 03:27:23 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2008/12/07 03:27:17 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2008/12/07 03:27:16 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2008/12/07 03:26:44 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll
[2008/12/07 03:26:43 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2008/12/07 03:26:04 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2008/12/07 03:26:03 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2008/12/07 03:25:52 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2008/12/07 03:25:46 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2008/12/07 03:25:44 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2008/12/07 03:25:41 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2008/12/07 03:25:40 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll
[2008/12/07 03:25:40 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2008/12/07 03:25:33 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2008/12/07 03:25:25 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2008/12/07 03:24:53 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2008/12/07 03:24:53 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2008/12/07 03:24:53 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2008/12/07 03:24:49 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2008/12/07 03:24:49 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2008/12/07 03:24:48 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6.dll
[2008/12/07 03:24:48 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2008/12/07 03:24:41 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2008/12/07 03:24:40 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2008/12/07 03:23:54 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2008/12/07 03:23:52 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2008/12/07 03:23:52 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2008/12/07 03:23:52 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2008/12/07 03:23:19 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2008/12/07 03:23:17 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll
[2008/12/07 03:23:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2008/12/07 03:23:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2008/12/07 03:23:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2008/12/07 03:23:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2008/12/07 03:22:58 | 00,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2008/12/07 03:22:34 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2008/12/07 03:22:34 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2008/12/07 03:22:34 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2008/12/07 03:22:34 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2008/12/07 03:22:34 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2008/12/07 03:22:34 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2008/12/07 03:22:34 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll
[2008/12/07 03:22:33 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2008/12/07 03:22:25 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2008/12/07 03:22:25 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll
[2008/12/07 03:22:25 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2008/12/07 03:22:25 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2008/12/07 03:22:25 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2008/12/07 03:22:25 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2008/12/07 03:22:24 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2008/12/07 03:22:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2008/12/07 03:22:20 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll
[2008/12/07 03:22:19 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2008/12/07 03:22:09 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll
[2008/12/07 03:21:54 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2008/12/07 03:21:53 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2008/12/07 03:21:37 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2008/12/06 19:45:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\d\Application Data\Malwarebytes
[2008/12/06 19:45:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2008/12/06 14:47:16 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2008/12/06 14:47:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2008/12/03 22:11:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2008/12/03 21:25:08 | 00,000,168 | R--- | C] () -- C:\Documents and Settings\d\My Documents\Document.rtf
[2008/12/03 21:04:42 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2008/12/02 17:44:15 | 00,046,960 | R--- | C] () -- C:\Documents and Settings\d\My Documents\clara barten.wpd
========== Files - Modified Within 30 Days ========== [5 C:\WINDOWS\System32\*.tmp files]
[8 C:\WINDOWS\*.tmp files]
[2008/12/29 08:56:52 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTViewIt.exe
[2008/12/29 08:55:38 | 00,272,836 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls.bck
[2008/12/29 08:55:38 | 00,272,836 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.rls
[2008/12/29 08:55:38 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg.bck
[2008/12/29 08:55:38 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\DsaFlt.cfg
[2008/12/29 08:55:35 | 00,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg.bck
[2008/12/29 08:55:35 | 00,000,252 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\IdsFlt.cfg
[2008/12/29 08:55:35 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg.bck
[2008/12/29 08:55:35 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetFlt.cfg
[2008/12/29 08:55:35 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg.bck
[2008/12/29 08:55:35 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\WnmFlt.cfg
[2008/12/29 08:55:35 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\SmsFlt.cfg.bck
[2008/12/29 08:55:35 | 00,000,056 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\SmsFlt.cfg
[2008/12/29 08:55:34 | 00,287,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT.bck
[2008/12/29 08:55:34 | 00,287,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFCONT.DAT
[2008/12/29 08:55:34 | 00,001,244 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG.bck
[2008/12/29 08:55:34 | 00,001,244 | ---- | M] () -- C:\WINDOWS\System32\drivers\APPFLTR.CFG
[2008/12/29 08:53:21 | 00,013,880 | ---- | M] () -- C:\WINDOWS\System32\drivers\COMFiltr.sys
[2008/12/29 08:51:24 | 00,000,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAV.alt.bck
[2008/12/29 08:51:24 | 00,000,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAV.alt
[2008/12/29 08:51:24 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt.bck
[2008/12/29 08:51:24 | 00,000,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\NetAR.wlt
[2008/12/29 08:50:57 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2008/12/29 08:50:54 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2008/12/29 08:47:46 | 01,033,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\d\Desktop\OTMoveIt3.exe
[2008/12/29 04:55:00 | 00,000,256 | ---- | M] () -- C:\WINDOWS\tasks\µTorrent.job
[2008/12/29 00:00:08 | 00,000,496 | ---- | M] () -- C:\WINDOWS\tasks\Basic clean-up.job
[2008/12/28 19:52:33 | 00,008,627 | ---- | M] () -- C:\WINDOWS\System32\PAV_FOG.OPC
[2008/12/28 19:42:56 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2008/12/19 12:53:06 | 04,310,098 | -H-- | M] () -- C:\Documents and Settings\d\Local Settings\Application Data\IconCache.db
[2008/12/18 21:42:46 | 00,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/15 01:01:30 | 00,000,026 | ---- | M] () -- C:\WINDOWS\dvdSanta.INI
[2008/12/13 01:51:51 | 00,006,062 | ---- | M] () -- C:\Documents and Settings\d\My Documents\removal.rtf
[2008/12/13 00:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2008/12/13 00:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008/12/11 03:05:22 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/12/09 17:24:37 | 17,593,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2008/12/07 10:28:39 | 00,432,340 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2008/12/07 10:28:39 | 00,070,364 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2008/12/07 10:28:34 | 00,510,030 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2008/12/07 10:22:16 | 00,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/07 09:25:47 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2008/12/07 01:27:24 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\wnmsav.dat
[2008/12/04 17:28:43 | 00,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008/12/03 22:22:46 | 00,000,667 | ---- | M] () -- C:\WINDOWS\win.ini
[2008/12/03 22:22:46 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2008/12/03 22:22:46 | 00,000,211 | RHS- | M] () -- C:\boot.ini
[2008/12/03 21:25:08 | 00,000,168 | R--- | M] () -- C:\Documents and Settings\d\My Documents\Document.rtf
[2008/12/03 19:59:06 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/03 19:59:02 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2008/12/03 06:40:50 | 00,046,960 | R--- | M] () -- C:\Documents and Settings\d\My Documents\clara barten.wpd
< End of report >