OTL logfile created on: 4/10/2012 8:50:01 PM - Run 1
OTL by OldTimer - Version 3.2.39.1 Folder = K:\Documents and Settings\rebecca levant\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1022.07 Mb Total Physical Memory | 361.64 Mb Available Physical Memory | 35.38% Memory free
2.40 Gb Paging File | 1.55 Gb Available in Paging File | 64.40% Paging File free
Paging file location(s): K:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = K: | %SystemRoot% = K:\WINDOWS | %ProgramFiles% = K:\Program Files
Drive K: | 298.08 Gb Total Space | 265.81 Gb Free Space | 89.17% Space Free | Partition Type: NTFS
Drive L: | 93.36 Gb Total Space | 78.59 Gb Free Space | 84.18% Space Free | Partition Type: NTFS
Computer Name: BARRY-C87035552 | User Name: rebecca levant | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/04/10 20:49:11 | 000,594,432 | ---- | M] (OldTimer Tools) -- K:\Documents and Settings\rebecca levant\My Documents\Downloads\OTL.com
PRC - [2012/03/13 00:39:04 | 000,924,600 | ---- | M] (Mozilla Corporation) -- K:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- K:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- k:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- K:\Program Files\Norton AntiVirus\Engine\18.7.1.3\ccsvchst.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- K:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/17 04:59:10 | 000,094,720 | ---- | M] (PostgreSQL Global Development Group) -- K:\Nir\Postgre\bin\pg_ctl.exe
PRC - [2010/09/17 04:58:27 | 004,909,568 | ---- | M] (PostgreSQL Global Development Group) -- K:\Nir\Postgre\bin\postgres.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- K:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- K:\Program Files\Common Files\AOL\1307225327\ee\aolsoftware.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- K:\WINDOWS\explorer.exe
PRC - [2005/02/03 11:34:58 | 000,102,400 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
PRC - [2005/02/03 04:08:52 | 000,294,912 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
PRC - [2004/07/27 10:08:22 | 000,262,144 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\memcard.exe
PRC - [2004/03/10 21:50:52 | 000,028,672 | ---- | M] (Creative Technology Ltd) -- K:\WINDOWS\system32\CTHELPER.EXE
========== Modules (No Company Name) ==========
MOD - [2012/03/13 00:39:07 | 001,969,080 | ---- | M] () -- K:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/11/03 11:28:36 | 001,292,288 | ---- | M] () -- K:\WINDOWS\system32\quartz.dll
MOD - [2011/10/07 13:07:08 | 008,522,400 | ---- | M] () -- K:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008/04/13 20:12:42 | 000,148,992 | ---- | M] () -- K:\WINDOWS\system32\mpg2splt.ax
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- K:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- K:\WINDOWS\system32\devenum.dll
MOD - [2005/02/03 11:34:58 | 000,102,400 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
MOD - [2005/02/03 04:08:52 | 000,294,912 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
MOD - [2005/02/03 04:08:24 | 000,007,680 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\dlbumcro.dll
MOD - [2005/02/03 04:07:16 | 000,036,864 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\JetPrint.dll
MOD - [2005/02/03 04
50 | 000,061,440 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\JetScan.dll
MOD - [2005/02/03 04:05:54 | 000,135,168 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\JetDecmp.dll
MOD - [2005/02/03 04:05:40 | 000,065,536 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\JetImage.dll
MOD - [2005/02/03 04:05:21 | 000,028,672 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\JetPDF.dll
MOD - [2005/02/03 04:05:05 | 000,036,864 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\JetFunc.dll
MOD - [2004/10/08 14:47:26 | 000,075,264 | ---- | M] () -- K:\WINDOWS\system32\spool\prtprocs\w32x86\DLBUPP5C.DLL
MOD - [2004/08/10 07:00:00 | 000,331,776 | ---- | M] () -- K:\WINDOWS\system32\encdec.dll
MOD - [2004/08/10 07:00:00 | 000,268,288 | ---- | M] () -- K:\WINDOWS\system32\sbe.dll
MOD - [2004/08/10 07:00:00 | 000,154,112 | ---- | M] () -- K:\WINDOWS\system32\vbicodec.ax
MOD - [2004/07/29 17:54:20 | 000,061,440 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\ConvDIB.dll
MOD - [2004/07/27 10:08:22 | 000,262,144 | ---- | M] () -- K:\Program Files\Dell Photo AIO Printer 942\memcard.exe
MOD - [2004/04/30 17:46:38 | 000,102,480 | ---- | M] () -- K:\WINDOWS\system32\EzRating.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- k:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- K:\Program Files\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe -- (NAV)
SRV - [2010/09/17 04:59:10 | 000,094,720 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- K:\Nir\Postgre\bin\pg_ctl.exe -- (postgresql-9.0)
SRV - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- K:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- K:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/03/08 16:45:24 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- K:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- K:\Program Files\Common Files\AOL\acs\AOLacsd.exe -- (AOL ACS)
SRV - [2004/10/25 17:13:32 | 000,421,888 | ---- | M] (Dell) [On_Demand | Stopped] -- K:\WINDOWS\system32\dlbucoms.exe -- (dlbu_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/04/02 19:38:08 | 000,821,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- K:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20120402.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/03/06 17:04:10 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- K:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20120410.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012/02/03 23:21:40 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- K:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/02/03 23:21:40 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- K:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/08/03 22:19:34 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- K:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20120410.020\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/08/03 22:19:34 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- K:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20120410.020\NAVENG.SYS -- (NAVENG)
DRV - [2011/05/02 19:00:29 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/20 21:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- K:\WINDOWS\system32\drivers\NAV\1207010.003\symtdi.sys -- (SYMTDI)
DRV - [2011/03/30 23:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- K:\WINDOWS\system32\drivers\NAV\1207010.003\srtsp.sys -- (SRTSP)
DRV - [2011/03/30 23:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- K:\WINDOWS\system32\drivers\NAV\1207010.003\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/14 22:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- K:\WINDOWS\system32\drivers\NAV\1207010.003\symefa.sys -- (SymEFA)
DRV - [2011/01/27 02:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- K:\WINDOWS\system32\drivers\NAV\1207010.003\symds.sys -- (SymDS)
DRV - [2011/01/27 01:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- K:\WINDOWS\system32\drivers\NAV\1207010.003\ironx86.sys -- (SymIRON)
DRV - [2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- K:\WINDOWS\system32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2008/04/13 14:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/04/12 09:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 09:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 09:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 09:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 09:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 09:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 09:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 09:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/10 05:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2006/02/09 21:57:46 | 001,502,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/02/02 16:05:04 | 000,376,320 | ---- | M] (Lumanate, Inc.) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\Angel.sys -- (Angel)
DRV - [2004/08/12 03:40:50 | 000,904,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2004/08/05 22:43:26 | 000,366,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2004/07/12 22:15:48 | 000,148,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2004/07/12 22:13:14 | 000,145,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2004/07/12 22:12:36 | 000,130,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/07/12 22:11:58 | 000,006,096 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2004/07/12 22:11:28 | 000,178,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2004/07/12 22:09:32 | 000,645,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2004/07/12 21:53:14 | 000,585,728 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\ctaudfx.dll -- (CTAUDFX.DLL)
DRV - [2004/06/09 19:42:38 | 000,015,429 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\drivers\Sacm2A.sys -- (USBCM)
DRV - [2003/11/13 06:04:08 | 000,606,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\ctsblfx.dll -- (CTSBLFX.DLL)
DRV - [2003/11/13 06:02:14 | 000,114,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\commonfx.dll -- (COMMONFX.DLL)
DRV - [2003/11/12 08:11:54 | 000,333,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- K:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2003/01/10 17:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- K:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
AOL.com - News, Sports, Weather, Entertainment, Local & Lifestyle
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
AOL.com - News, Sports, Weather, Entertainment, Local & Lifestyle
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
Internet Explorer 6 Search Companion is no longer supported.
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
AOL.com - News, Sports, Weather, Entertainment, Local & Lifestyle
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
AOL.com - News, Sports, Weather, Entertainment, Local & Lifestyle
IE - HKCU\..\SearchScopes,DefaultScope = {045D890A-83B6-4EB8-AF81-4B8A3AC81D6E}
IE - HKCU\..\SearchScopes\{045D890A-83B6-4EB8-AF81-4B8A3AC81D6E}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={SearchTerms}&invocationType=tb50-ie-aolmailtb-chromesbox-en-us
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems:
moveplayer@movenetworks.com:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.0.68 - 1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: K:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: K:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: K:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: K:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: k:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: K:\Documents and Settings\rebecca levant\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.15: K:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.15: K:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: K:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: K:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: K:\Documents and Settings\rebecca levant\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.4.21: K:\Documents and Settings\rebecca levant\Local Settings\Application Data\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: K:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2012/01/31 21:09:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: K:\Program Files\Mozilla Firefox\components [2012/03/21 08:59:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: K:\Program Files\Mozilla Firefox\plugins [2012/03/21 08:59:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: K:\Documents and Settings\rebecca levant\Application Data\Move Networks [2010/01/25 09:53:23 | 000,000,000 | ---D | M]
[2009/04/25 22:01:56 | 000,000,000 | ---D | M] (No name found) -- K:\Documents and Settings\rebecca levant\Application Data\Mozilla\Extensions
[2012/04/01 22
56 | 000,000,000 | ---D | M] (No name found) -- K:\Documents and Settings\rebecca levant\Application Data\Mozilla\Firefox\Profiles\dvkhk3oi.default\extensions
[2012/03/21 08:59:33 | 000,000,000 | ---D | M] (No name found) -- K:\Program Files\Mozilla Firefox\extensions
() (No name found) -- K:\DOCUMENTS AND SETTINGS\REBECCA LEVANT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\DVKHK3OI.DEFAULT\EXTENSIONS\CZUPYVQSIX@CZUPYVQSIX.ORG.XPI
[2012/03/13 00:39:39 | 000,097,208 | ---- | M] (Mozilla Foundation) -- K:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- K:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- K:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/13 00:38:32 | 000,002,252 | ---- | M] () -- K:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/13 00:38:32 | 000,002,040 | ---- | M] () -- K:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/03/29 05:57:30 | 000,000,855 | RH-- | M]) - K:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 94.63.147.17
Bing
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - K:\Program Files\Norton AntiVirus\Engine\18.7.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - K:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] K:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [CTHelper] K:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [Dell Photo AIO Printer 942] K:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe ()
O4 - HKLM..\Run: [DellMCM] K:\Program Files\Dell Photo AIO Printer 942\memcard.exe ()
O4 - HKLM..\Run: [DLBUCATS] K:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBUtime.DLL ()
O4 - HKLM..\Run: [HostManager] K:\Program Files\Common Files\AOL\1307225327\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [MSC] k:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: K:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk.disabled ()
O4 - Startup: K:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Online Backup Status.lnk.disabled ()
O4 - Startup: K:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk.disabled ()
O4 - Startup: K:\Documents and Settings\rebecca levant\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk.disabled ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = K:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = K:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - K:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - K:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - K:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - K:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1C72E5E8-C622-4F09-A0B6-D0C0700999D1}
http://test.zixi.com/Sport5Page/ZixiPlayer.ocx (zixi viewer)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862}
https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
https://juniper.net/dana-cached/sc/J...etupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FA0D2A8-223C-4B6F-B057-D380E52234A3}: DhcpNameServer = 8.8.8.8 8.8.4.4 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - K:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - K:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (K:\WINDOWS\system32\userinit.exe) - K:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (K:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - K:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop BackupWallPaper: K:\Documents and Settings\rebecca levant\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/08 15:27:49 | 000,000,000 | ---- | M] () - L:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/07/16 09:51:42 | 000,000,031 | ---- | M] () - L:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{20425385-592d-11de-aa2b-00123f9be258}\Shell\AutoRun\command - "" = L:\WDSetup.exe
O33 - MountPoints2\{95fe26af-c6b2-11df-aad3-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{95fe26af-c6b2-11df-aad3-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95fe26af-c6b2-11df-aad3-00038a000015}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{bce12787-cd4a-11de-aa60-00123f9be258}\Shell\AutoRun\command - "" = L:\KEYGEN_NOUPX.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/04/09 17:55:40 | 000,000,000 | ---D | C] -- K:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/09 17:55:25 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- K:\WINDOWS\System32\drivers\mbam.sys
[2012/04/09 16:27:50 | 000,237,072 | ---- | C] (Microsoft Corporation) -- K:\WINDOWS\System32\MpSigStub.exe
[2012/04/09 16:26:00 | 000,000,000 | ---D | C] -- K:\Program Files\Microsoft Security Client
[2012/04/09 16:25:42 | 000,000,000 | ---D | C] -- K:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2012/04/09 14:07:08 | 000,000,000 | R--D | C] -- K:\Documents and Settings\rebecca levant\Start Menu\Programs\Administrative Tools
[2012/04/09 09:43:35 | 000,000,000 | ---D | C] -- K:\Program Files\Malwarebytes' Anti-Malware
[2012/04/09 00:48:44 | 000,000,000 | -HSD | C] -- K:\Documents and Settings\rebecca levant\IECompatCache
[2012/04/08 23:05:49 | 000,000,000 | ---D | C] -- K:\Documents and Settings\rebecca levant\Application Data\AVG2012
[2012/04/08 23:01:57 | 000,000,000 | -H-D | C] -- K:\$AVG
[2012/04/08 23:01:57 | 000,000,000 | ---D | C] -- K:\Documents and Settings\All Users\Application Data\AVG2012
[2012/04/08 23:01:13 | 000,000,000 | ---D | C] -- K:\Program Files\AVG
[2012/04/08 22:59:35 | 000,000,000 | -H-D | C] -- K:\Documents and Settings\All Users\Application Data\Common Files
[2012/04/08 22:59:11 | 000,000,000 | ---D | C] -- K:\Documents and Settings\All Users\Application Data\MFAData
[2012/04/08 22:21:38 | 000,000,000 | ---D | C] -- K:\Program Files\PC Tools
[2012/04/08 22:18:53 | 000,185,560 | ---- | C] (PC Tools) -- K:\WINDOWS\System32\drivers\PCTSD.sys
[2012/04/08 22:18:53 | 000,000,000 | ---D | C] -- K:\Program Files\Common Files\PC Tools
[2012/04/08 22:18:40 | 000,000,000 | ---D | C] -- K:\Documents and Settings\All Users\Application Data\TEMP
[2012/04/08 22:18:39 | 000,000,000 | ---D | C] -- K:\Documents and Settings\All Users\Application Data\PC Tools
[2012/04/08 22:18:38 | 000,000,000 | ---D | C] -- K:\Documents and Settings\rebecca levant\Application Data\TestApp
[2012/04/08 22:15:12 | 000,000,000 | -HSD | C] -- K:\WINDOWS\CSC
[2012/04/08 17:50:19 | 000,000,000 | ---D | C] -- K:\Documents and Settings\rebecca levant\Application Data\Malwarebytes
[2012/04/08 17:50:02 | 000,000,000 | ---D | C] -- K:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/04/08 10:56:50 | 000,000,000 | ---D | C] -- K:\WINDOWS\System32\NtmsData
[6 K:\Documents and Settings\rebecca levant\My Documents\*.tmp files -> K:\Documents and Settings\rebecca levant\My Documents\*.tmp -> ]
[4 K:\WINDOWS\*.tmp files -> K:\WINDOWS\*.tmp -> ]
[1 K:\WINDOWS\System32\*.tmp files -> K:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/04/10 19:57:00 | 000,001,006 | ---- | M] () -- K:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-1078081533-1801674531-1003UA.job
[2012/04/10 05:57:05 | 000,000,954 | ---- | M] () -- K:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-1078081533-1801674531-1003Core.job
[2012/04/09 22:51:41 | 000,000,424 | -H-- | M] () -- K:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/04/09 22:46:29 | 000,002,048 | --S- | M] () -- K:\WINDOWS\bootstat.dat
[2012/04/09 22:45:49 | 000,032,592 | ---- | M] () -- K:\WINDOWS\System32\BMXStateBkp-{00000003-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/04/09 22:45:49 | 000,032,592 | ---- | M] () -- K:\WINDOWS\System32\BMXState-{00000003-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/04/09 22:45:49 | 000,032,088 | ---- | M] () -- K:\WINDOWS\System32\BMXCtrlState-{00000003-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/04/09 22:45:49 | 000,032,088 | ---- | M] () -- K:\WINDOWS\System32\BMXBkpCtrlState-{00000003-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/04/09 22:45:49 | 000,001,080 | ---- | M] () -- K:\WINDOWS\System32\settingsbkup.sfm
[2012/04/09 22:45:49 | 000,001,080 | ---- | M] () -- K:\WINDOWS\System32\settings.sfm
[2012/04/09 22:45:49 | 000,000,384 | ---- | M] () -- K:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000002-00001102-00000004-20061102}.dat
[2012/04/09 22:45:49 | 000,000,384 | ---- | M] () -- K:\WINDOWS\System32\DVCState-{00000003-00000000-00000002-00001102-00000004-20061102}.dat
[2012/04/09 22:45:14 | 004,932,601 | ---- | M] () -- K:\WINDOWS\{00000003-00000000-00000002-00001102-00000004-20061102}.CDF
[2012/04/09 16:26:40 | 000,001,945 | ---- | M] () -- K:\WINDOWS\epplauncher.mif
[2012/04/09 16:26:25 | 000,676,788 | ---- | M] () -- K:\WINDOWS\System32\drivers\NAV\1207010.003\Cat.DB
[2012/04/09 16:25:42 | 000,002,206 | ---- | M] () -- K:\WINDOWS\System32\wpa.dbl
[2012/04/09 00:47:16 | 000,017,446 | ---- | M] () -- K:\Documents and Settings\rebecca levant\Local Settings\Application Data\dt.dat
[2012/04/08 22:18:39 | 000,001,591 | ---- | M] () -- K:\Documents and Settings\rebecca levant\Desktop\SD_Online_aff_GenericRevenueWire_207.exe.lnk
[2012/04/07 15:15:22 | 000,000,897 | ---- | M] () -- K:\WINDOWS\dellstat.ini
[2012/04/07 07:59:02 | 000,000,284 | ---- | M] () -- K:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/04/04 21:50:00 | 000,001,876 | ---- | M] () -- K:\Documents and Settings\All Users\Desktop\Norton AntiVirus.LNK
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- K:\WINDOWS\System32\drivers\mbam.sys
[2012/04/02 19:57:31 | 000,000,664 | ---- | M] () -- K:\WINDOWS\System32\d3d9caps.dat
[2012/04/01 17:26:01 | 000,000,450 | ---- | M] () -- K:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/03/29 05:57:30 | 000,000,855 | RH-- | M] () -- K:\WINDOWS\System32\drivers\etc\hosts
[2012/03/27 20:54:09 | 000,000,172 | ---- | M] () -- K:\WINDOWS\System32\drivers\NAV\1207010.003\isolate.ini
[2012/03/21 08:59:36 | 000,000,742 | ---- | M] () -- K:\Documents and Settings\rebecca levant\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/03/21 08:59:35 | 000,000,724 | ---- | M] () -- K:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/03/14 03:07:19 | 000,181,040 | ---- | M] () -- K:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/14 03:01:37 | 000,001,374 | ---- | M] () -- K:\WINDOWS\imsins.BAK
[2012/03/13 07:51:40 | 000,444,456 | ---- | M] () -- K:\WINDOWS\System32\perfh009.dat
[2012/03/13 07:51:40 | 000,072,332 | ---- | M] () -- K:\WINDOWS\System32\perfc009.dat
[6 K:\Documents and Settings\rebecca levant\My Documents\*.tmp files -> K:\Documents and Settings\rebecca levant\My Documents\*.tmp -> ]
[4 K:\WINDOWS\*.tmp files -> K:\WINDOWS\*.tmp -> ]
[1 K:\WINDOWS\System32\*.tmp files -> K:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/04/09 16:31:32 | 000,000,424 | -H-- | C] () -- K:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/04/09 16:26:40 | 000,001,945 | ---- | C] () -- K:\WINDOWS\epplauncher.mif
[2012/04/09 16:26:15 | 000,001,680 | ---- | C] () -- K:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/04/09 00:47:16 | 000,017,446 | ---- | C] () -- K:\Documents and Settings\rebecca levant\Local Settings\Application Data\dt.dat
[2012/04/08 22:18:39 | 000,001,591 | ---- | C] () -- K:\Documents and Settings\rebecca levant\Desktop\SD_Online_aff_GenericRevenueWire_207.exe.lnk
[2012/03/21 08:59:35 | 000,000,730 | ---- | C] () -- K:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/03/14 03:01:24 | 000,001,374 | ---- | C] () -- K:\WINDOWS\imsins.BAK
[2010/10/14 18:13:15 | 000,001,940 | ---- | C] () -- K:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/07/19 06:31:46 | 000,000,384 | ---- | C] () -- K:\WINDOWS\System32\DVCStateBkp-{00000003-00000000-00000002-00001102-00000004-20061102}.dat
[2010/07/19 06:31:46 | 000,000,384 | ---- | C] () -- K:\WINDOWS\System32\DVCState-{00000003-00000000-00000002-00001102-00000004-20061102}.dat
[2010/07/19 06:30:43 | 000,127,226 | ---- | C] () -- K:\WINDOWS\System32\ctdlang.dat
[2010/07/19 06:30:43 | 000,053,932 | ---- | C] () -- K:\WINDOWS\System32\ctdaught.dat
[2010/07/19 06:30:41 | 000,184,320 | ---- | C] () -- K:\WINDOWS\PSCONV.EXE
[2010/07/19 06:30:41 | 000,053,248 | ---- | C] ( ) -- K:\WINDOWS\System32\killapps.exe
[2010/07/19 06:30:41 | 000,036,864 | ---- | C] () -- K:\WINDOWS\System32\regplib.exe
[2010/07/19 06:30:41 | 000,000,194 | ---- | C] () -- K:\WINDOWS\System32\kill.ini
[2010/07/19 06:30:35 | 000,065,536 | ---- | C] ( ) -- K:\WINDOWS\System32\a3d.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 109 bytes -> K:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
