OTL
OTL logfile created on: 3/16/2011 11:20:57 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Andreita\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 663.00 Mb Available Physical Memory | 65.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): c:\pagefile.sys 1800 3200 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68.77 Gb Total Space | 18.69 Gb Free Space | 27.18% Space Free | Partition Type: NTFS
Drive D: | 68.56 Gb Total Space | 68.33 Gb Free Space | 99.65% Space Free | Partition Type: NTFS
Computer Name: ANDREITA-LAP | User Name: Andreita | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/03/13 11:31:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Andreita\Desktop\OTL.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/03/13 11:31:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Andreita\Desktop\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/02/24 19:37:29 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/03 13:40:10 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/06/28 21:50:52 | 000,024,576 | ---- | M] () [Auto | Stopped] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/06/13 19:54:36 | 000,135,168 | R--- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/06/13 14:23:54 | 000,167,936 | ---- | M] (acer) [Auto | Stopped] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/06/12 21:50:30 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/05/25 09:41:54 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe -- (lxddCATSCustConnectService)
SRV - [2007/05/25 09:41:38 | 000,537,520 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxddcoms.exe -- (lxdd_device)
SRV - [2007/04/25 19:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Stopped] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/04/23 12:53:48 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Stopped] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/01/14 17:31:30 | 000,046,592 | ---- | M] () [Auto | Stopped] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService)
SRV - [2006/11/24 15:57:54 | 000,107,008 | ---- | M] () [Auto | Stopped] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
========== Driver Services (SafeList) ==========
DRV - [2007/06/12 13:38:26 | 001,729,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/04/27 05:56:00 | 000,705,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/03/28 10:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2007/03/22 01:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/09 17:56:04 | 001,163,616 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/02/24 17:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 19:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/07 21:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/02 19:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/
IE - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
[2011/03/02 10:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andreita\AppData\Roaming\Mozilla\Extensions
[2010/05/22 21:33:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andreita\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA THUNDERBIRD\EXTENSIONS\TALKBACK@MOZILLA.ORG
[2008/01/12 20:59:51 | 000,000,000 | ---D | M] (WebMail) -- C:\USERS\ANDREITA\APPDATA\ROAMING\THUNDERBIRD\PROFILES\F7JXI5MM.DEFAULT\EXTENSIONS\{3C8E8390-2CF6-11D9-9669-0800200C9A66}
[2008/01/12 21:01:04 | 000,000,000 | ---D | M] (WebMail - Hotmail) -- C:\USERS\ANDREITA\APPDATA\ROAMING\THUNDERBIRD\PROFILES\F7JXI5MM.DEFAULT\EXTENSIONS\{A6A33690-2C6A-11D9-9669-0800200C9A66}
O1 HOSTS File: ([2011/03/12 22:32:39 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [lxddamon] C:\Program Files\Lexmark 2500 Series\lxddamon.exe ()
O4 - HKLM..\Run: [lxddmon.exe] C:\Program Files\Lexmark 2500 Series\lxddmon.exe ()
O4 - HKLM..\Run: [PLFSet] C:\Windows\PLFSet.dll ( )
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\System32\grpconv.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-3491203945-3468334671-3765132890-1000\..Trusted Domains: mlxchange.com ([sef] http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0D859AF0-C75E-11D4-B760-00E0B81077E8}
http://sef.mlxchange.com/5.2.06.12571/Control/FileCruiser.cab (FileCruiser Class)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Agatha%20Christie/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {16FD824B-8E7B-11D2-9855-00802962956C}
http://sef.mlxchange.com/5.2.06.12571/Control/Specfile.cab (Specfile Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
http://photo2.walgreens.com/WalgreensActivia.cab (Snapfish Activia)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134}
http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUplden-us.cab (MSN Photo Upload Tool)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565}
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0}
http://upload.facebook.com/controls/FacebookPhotoUploader3.cab (Facebook Photo Uploader 4 Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24}
http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE}
http://sef.mlxchange.com/5.2.06.12571/Control/MLSClientUtils.cab (MLS Client Utils)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {78523E50-56EB-11D3-B739-CAA1986A452F}
http://sef.mlxchange.com/5.2.06.12571/Control/LiteGrid.cab (LiteGridCtl Class)
O16 - DPF: {7A7537FC-5988-11D3-8B33-00104B9E5A4A}
http://sef.mlxchange.com/5.2.06.12571/Control/IRCWebPrint.cab (IRCWwwPrint Class)
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E}
http://sef.mlxchange.com/5.2.06.12571/Control/IRCSharc.cab (GeacRevw Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {B198A72B-B4C3-42B5-B8DA-B364E76429AA}
http://sef.mlxchange.com/5.2.06.12571/Control/WebDog.cab (Cerebus Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Agatha%20Christie/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F060A272-A18A-11D3-B75B-00E0B81077E8}
http://sef.mlxchange.com/5.2.06.12571/Control/AspCustomCtrls.cab (DropList Class)
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6}
http://fdl.msn.com/public/chat/msnchat45.cab (MSN Chat Control 4.5)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8}
https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.182.32.146 65.182.32.35
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Andreita\Pictures\Crusero\P4050162.JPG
O24 - Desktop BackupWallPaper: C:\Users\Andreita\Pictures\Crusero\P4050162.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/03/16 23:10:13 | 001,090,912 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\Andreita\Desktop\avg_remover_stf_x86_2011_1184.exe
[2011/03/16 13:48:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/03/16 13:48:07 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/03/15 15:21:19 | 000,000,000 | ---D | C] -- C:\Users\Andreita\Desktop\Virus
[2011/03/15 14:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/15 13:45:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/03/15 12:05:08 | 000,000,000 | ---D | C] -- C:\Users\Andreita\Documents\Andrea Archive
[2011/03/15 12:02:16 | 000,000,000 | ---D | C] -- C:\Users\Andreita\Documents\Real Estate
[2011/03/15 11:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\App4rTemp
[2011/03/15 11:41:56 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/03/15 11:41:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/03/15 11:40:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/03/15 11:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/03/15 10:58:46 | 000,000,000 | ---D | C] -- C:\Users\Andreita\AppData\Roaming\Lexmark Productivity Studio
[2011/03/15 10:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Lx_cats
[2011/03/15 10:53:02 | 000,000,000 | ---D | C] -- C:\logs
[2011/03/15 10:47:13 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2011/03/15 10:47:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 2500 Series
[2011/03/15 10:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 2500 Series
[2011/03/15 10:46:54 | 000,999,424 | ---- | C] ( ) -- C:\Windows\System32\lxddusb1.dll
[2011/03/15 10:46:54 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxddinpa.dll
[2011/03/15 10:46:54 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxddiesc.dll
[2011/03/15 10:46:54 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXDDhcp.dll
[2011/03/15 10:46:53 | 001,232,896 | ---- | C] ( ) -- C:\Windows\System32\lxddserv.dll
[2011/03/15 10:46:53 | 000,700,416 | ---- | C] ( ) -- C:\Windows\System32\lxddhbn3.dll
[2011/03/15 10:46:53 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxddpmui.dll
[2011/03/15 10:46:53 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxddlmpm.dll
[2011/03/15 10:46:53 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxddih.exe
[2011/03/15 10:46:53 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxddprox.dll
[2011/03/15 10:46:53 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxddpplc.dll
[2011/03/15 10:46:52 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxddcomc.dll
[2011/03/15 10:46:52 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxddcoms.exe
[2011/03/15 10:46:52 | 000,425,984 | ---- | C] ( ) -- C:\Windows\System32\lxddcomm.dll
[2011/03/15 10:46:52 | 000,394,160 | ---- | C] ( ) -- C:\Windows\System32\lxddcfg.exe
[2011/03/15 10:44:08 | 000,000,000 | ---D | C] -- C:\drivers
[2011/03/15 10:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2011/03/15 09:42:44 | 000,000,000 | ---D | C] -- C:\Users\Andreita\AppData\Local\Windows Live
[2011/03/15 01:51:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/03/15 01:50:52 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2011/03/14 22:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2011/03/14 19:00:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2011/03/14 19:00:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2011/03/14 19:00:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2011/03/14 17:43:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/03/14 15:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/03/14 15:18:03 | 000,000,000 | ---D | C] -- C:\Users\Andreita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2011/03/14 14:30:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/03/13 23:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/03/13 21:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/03/13 18:29:35 | 000,000,000 | ---D | C] -- C:\_OTL(19)
[2011/03/13 16:04:27 | 000,000,000 | ---D | C] -- C:\Users\Andreita\AppData\Local\NOS
[2011/03/13 13:26:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/03/13 12:51:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/03/13 11:31:37 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Andreita\Desktop\OTL.exe
[2011/03/12 22:43:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/03/12 22:43:18 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/03/12 22:43:18 | 000,000,000 | ---D | C] -- C:\Users\Andreita\AppData\Local\temp
[2011/03/12 22:11:08 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/03/12 22:11:08 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/03/12 22:11:07 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/03/12 22:10:58 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/03/12 22:10:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/12 22:10:09 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/03/05 17:04:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/03/04 21:39:35 | 000,000,000 | ---D | C] -- C:\Users\Andreita\AppData\Roaming\AVG9
[2011/03/02 10:28:26 | 000,000,000 | ---D | C] -- C:\Users\Andreita\AppData\Local\offsync
[2011/03/02 10:23:23 | 000,000,000 | ---D | C] -- C:\Users\Andreita\AppData\Local\Starfield
[2011/02/25 20:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/02/25 09:25:27 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/02/24 19:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011/02/24 19:37:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011/02/24 18:49:07 | 000,000,000 | ---D | C] -- C:\Users\Andreita\AppData\Roaming\Malwarebytes
[2007/09/25 08:18:57 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2007/09/25 08:14:32 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2007/09/25 08:14:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2007/08/13 00:40:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[2007/08/12 23:36:13 | 000,045,056 | ---- | C] ( ) -- C:\Windows\PLFSet.dll
[2002/03/11 05:06:30 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsiw.exe
[2002/03/11 04:45:04 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Program Files\instmsia.exe
========== Files - Modified Within 30 Days ==========
[2011/03/16 23:17:09 | 004,288,660 | R--- | M] () -- C:\Users\Andreita\Desktop\ComboFix.exe
[2011/03/16 23:10:26 | 001,090,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Andreita\Desktop\avg_remover_stf_x86_2011_1184.exe
[2011/03/16 23:01:16 | 000,603,516 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/16 23:01:16 | 000,108,188 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/16 22:56:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/16 22:55:17 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/16 22:55:16 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/16 22:25:12 | 001,006,764 | ---- | M] () -- C:\Users\Andreita\Desktop\rkill.scr
[2011/03/15 16:50:30 | 000,326,999 | ---- | M] () -- C:\Users\Andreita\Documents\WestonBusinesses.pdf
[2011/03/15 11:55:48 | 000,256,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/03/15 10:53:24 | 000,061,773 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2011/03/15 10:07:16 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/03/15 10:06:37 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/03/14 16:21:25 | 000,000,129 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2011/03/13 11:31:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Andreita\Desktop\OTL.exe
[2011/03/12 22:32:39 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/03/10 16:30:06 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011/03/05 01:01:42 | 000,000,947 | ---- | M] () -- C:\Users\Andreita\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/25 10:24:30 | 000,073,728 | ---- | M] () -- C:\Windows\System32\APISlice_AVG_RESTORED.dll
[2011/02/25 10:24:29 | 000,073,728 | ---- | M] () -- C:\Windows\System32\APISlice.dll
[2011/02/19 14:40:02 | 000,000,119 | -H-- | M] () -- C:\Users\Andreita\Documents\.~lock.michelleq.odt#
[2011/02/19 14:34:18 | 000,000,119 | -H-- | M] () -- C:\Users\Andreita\Documents\.~lock.Andreita carta Emmaus.odt#
========== Files Created - No Company Name ==========
[2011/03/16 23:17:09 | 004,288,660 | R--- | C] () -- C:\Users\Andreita\Desktop\ComboFix.exe
[2011/03/16 22:25:12 | 001,006,764 | ---- | C] () -- C:\Users\Andreita\Desktop\rkill.scr
[2011/03/15 23:27:42 | 001,049,814 | ---- | C] () -- C:\Users\Andreita\Documents\pic.bmp
[2011/03/15 16:50:30 | 000,326,999 | ---- | C] () -- C:\Users\Andreita\Documents\WestonBusinesses.pdf
[2011/03/15 11:39:53 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/03/15 11:38:48 | 000,001,231 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/03/15 11:35:31 | 000,001,041 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/03/15 11:33:51 | 000,002,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/03/15 10:47:14 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxddrwrd.ini
[2011/03/15 10:46:54 | 000,286,720 | ---- | C] () -- C:\Windows\System32\LXDDinst.dll
[2011/03/15 10:46:54 | 000,061,773 | ---- | C] () -- C:\Windows\System32\LexFiles.ulf
[2011/03/15 10:46:53 | 000,646,455 | ---- | C] () -- C:\Windows\System32\lxddhelp.chm
[2011/03/15 10:46:52 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxddgrd.dll
[2011/03/15 10:46:51 | 000,001,932 | ---- | C] () -- C:\Windows\System32\lxdd.loc
[2011/03/15 10:07:16 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2011/03/15 10:06:37 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2011/03/14 22:59:10 | 000,002,415 | ---- | C] () -- C:\Users\Andreita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
[2011/03/14 17:40:17 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/03/14 17:40:13 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2011/03/14 17:39:55 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2011/03/14 17:39:50 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/03/14 17:39:50 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/03/14 17:39:42 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2011/03/14 17:39:34 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2011/03/14 17:39:03 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/03/14 17:38:59 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2011/03/14 17:36:54 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2011/03/14 17:36:41 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2011/03/14 16:21:25 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/03/12 22:11:08 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/12 22:11:08 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/12 22:11:08 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/12 22:11:08 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/12 22:11:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/05 17:00:52 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/03/05 17:00:52 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/03/05 17:00:52 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/03/05 00:52:26 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/03/05 00:42:14 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2011/03/05 00:28:33 | 000,002,048 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk
[2011/03/05 00:28:32 | 000,002,449 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 8.lnk
[2011/02/25 10:24:30 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice_AVG_RESTORED.dll
[2011/02/25 10:24:29 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2011/02/24 19:31:30 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk
[2011/02/19 14:40:02 | 000,000,119 | -H-- | C] () -- C:\Users\Andreita\Documents\.~lock.michelleq.odt#
[2011/02/19 14:34:18 | 000,000,119 | -H-- | C] () -- C:\Users\Andreita\Documents\.~lock.Andreita carta Emmaus.odt#
[2011/02/15 13:29:37 | 000,045,208 | ---- | C] () -- C:\Users\Andreita\Desktop\JennySM.jpg
[2010/09/05 15:17:50 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/05/22 19:39:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/11/06 12:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/06 12:33:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/02/11 19:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008/02/11 19:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008/02/11 19:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2008/01/27 16:56:00 | 000,005,972 | ---- | C] () -- C:\Users\Andreita\AppData\Local\d3d9caps.dat
[2008/01/12 19:51:12 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/01/02 17:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 17:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/01/02 17:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/01/02 17:47:22 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/12/26 02:30:55 | 000,036,352 | ---- | C] () -- C:\Users\Andreita\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/13 16:01:44 | 003,395,343 | ---- | C] () -- C:\Program Files\openofficeorg4.cab
[2007/11/13 16:00:51 | 067,695,863 | ---- | C] () -- C:\Program Files\openofficeorg3.cab
[2007/11/13 15:49:19 | 017,646,967 | ---- | C] () -- C:\Program Files\openofficeorg2.cab
[2007/11/13 15:48:24 | 018,827,152 | ---- | C] () -- C:\Program Files\openofficeorg1.cab
[2007/11/13 15:47:02 | 004,364,800 | ---- | C] () -- C:\Program Files\openofficeorg23.msi
[2007/11/13 15:47:02 | 000,000,217 | ---- | C] () -- C:\Program Files\setup.ini
[2007/09/25 09:04:01 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2007/09/25 09:04:00 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007/09/25 08:18:57 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2007/08/14 03:30:25 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/08/13 00:47:50 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/08/13 00:47:50 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/08/13 00:47:17 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/08/13 00:40:27 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/08/13 00:00:34 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/08/12 23:58:20 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/08/12 23:37:11 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/08/12 23:36:23 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/12 23:36:23 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1268.dll
[2007/08/12 23:36:13 | 001,729,152 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/04/25 19:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/04/25 19:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/04/25 19:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/04/25 19:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/04/25 19:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2007/03/28 14:16:44 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxddcoin.dll
[2007/01/23 19:40:04 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxddcaps.dll
[2007/01/09 17:13:08 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxdddrs.dll
[2006/12/25 18:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/13 08:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin
[2006/11/02 09:12:52 | 000,217,088 | ---- | C] () -- C:\Windows\System32\missouri.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,256,696 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,603,516 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,108,188 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/06 17:08:04 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxddcnv4.dll
[2006/05/18 02:47:12 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxddvs.dll
[2002/08/09 07:18:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\pandoras.dll
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== LOP Check ==========
[2011/02/24 16:28:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Acer
[2011/02/24 17:04:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2011/02/24 16:28:33 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Leadertech
[2007/12/25 09:13:13 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\Acer
[2011/03/04 21:39:35 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\AVG9
[2009/06/07 23:10:16 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\FloodLightGames
[2009/10/27 00:00:32 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\GetRightToGo
[2011/03/13 23:50:44 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\IObit
[2010/09/18 15:39:50 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\IrfanView
[2007/12/25 09:13:13 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\Leadertech
[2011/03/15 10:58:46 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\Lexmark Productivity Studio
[2010/04/29 21:35:10 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\OpenOffice.org
[2009/06/07 23:08:41 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\SpinTop
[2008/01/12 19:51:10 | 000,000,000 | ---D | M] -- C:\Users\Andreita\AppData\Roaming\Thunderbird
[2011/03/16 22:55:05 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >