iOTL logfile created on: 16/03/2012 15:36:31 - Run 1
OTL by OldTimer - Version 3.2.37.1     Folder = C:\Documents and Settings\Bob\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
2.99 Gb Total Physical Memory | 2.21 Gb Available Physical Memory | 73.92% Memory free
4.83 Gb Paging File | 4.28 Gb Available in Paging File | 88.52% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.75 Gb Total Space | 234.96 Gb Free Space | 50.45% Space Free | Partition Type: NTFS
Drive E: | 598.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: SPIDER-MAN | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/03/16 15:36:20 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bob\Desktop\1O1T1L1.exe
PRC - [2012/03/16 15:32:10 | 001,008,141 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\killer.scr
PRC - [2012/02/18 12:30:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) -- C:\Documents and Settings\Bob\Local Settings\temp\RarSFX2\nird\iexplore.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/03/16 15:32:10 | 001,008,141 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\killer.scr
MOD - [2012/02/27 04:13:34 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2012/02/18 12:30:28 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/11/03 15:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/02/12 04:30:02 | 000,190,976 | ---- | M] () -- C:\WINDOWS\system32\WgaLogon.dll
MOD - [2008/12/19 16:26:06 | 002,625,536 | ---- | M] () -- C:\WINDOWS\system32\ffdshow.ax
MOD - [2008/04/14 05:42:04 | 000,562,176 | ---- | M] () -- C:\WINDOWS\system32\qedit.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/01/18 16:11:40 | 000,433,264 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2012/01/18 16:11:32 | 000,354,416 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012/01/18 13:27:20 | 000,079,872 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/10/05 11:12:58 | 000,675,976 | ---- | M] (Acunetix Ltd.) [Disabled | Stopped] -- C:\Program Files\Acunetix\Web Vulnerability Scanner 7\WVSScheduler7.exe -- (AcuWVSSchedulerv7)
SRV - [2011/09/02 04:13:49 | 000,292,136 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service)
SRV - [2011/09/02 04:13:47 | 000,075,048 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service)
SRV - [2011/08/29 22:11:00 | 000,665,200 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2011/08/24 01:13:43 | 000,083,240 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)
SRV - [2011/06/26 06:45:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\Combo2Fix\pev.3XE -- (PEVSystemStart)
SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/04/22 11:13:36 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/10/27 17:23:16 | 001,483,072 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/10/27 17:21:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/09/17 15:28:06 | 000,045,312 | ---- | M] (NewTech Infosystems, Inc.) [Disabled | Stopped] -- C:\Program Files\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe -- (NTI BackupNowEZSvr)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Disabled | Stopped] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Bob\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/01/18 16:11:48 | 000,055,664 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2012/01/18 16:11:08 | 000,025,584 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2012/01/18 16:10:42 | 000,033,776 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2012/01/18 16:10:36 | 000,025,712 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2012/01/18 13:06:02 | 000,016,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2011/09/08 13:24:14 | 007,180,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011/09/02 12:08:46 | 000,077,296 | ---- | M] (CyberLink Corp.) [2012/02/10 22:01:13] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011/08/29 22:11:00 | 000,032,496 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2011/08/24 01:13:44 | 000,071,664 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys -- (ntk_PowerDVD)
DRV - [2011/08/08 14:58:56 | 000,098,928 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2011/04/23 16:22:16 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2011/04/06 14:33:50 | 006,388,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011/03/14 06:53:44 | 000,229,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\k57xp32.sys -- (k57w2k) Broadcom NetLink (TM)
DRV - [2010/12/18 11:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010/11/05 08:20:00 | 001,938,272 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2010/10/07 12:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/07/28 23:25:42 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/07/04 19:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/11/18 06:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 06:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/09/17 11:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2009/02/04 23:00:00 | 000,026,224 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Corporate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2007/07/20 17:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2006/11/28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [1996/04/03 19:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{37F5447F-735B-4D34-A1E5-45821C1C0A43}: "URL" = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/04/19 14:29:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/10 21:21:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/18 12:30:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/12 18:44:08 | 000,000,000 | ---D | M]
 
[2011/04/16 00:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Extensions
[2012/03/09 14:52:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\96dlx7oy.default\extensions
[2012/02/27 04:20:08 | 000,000,000 | ---D | M] (Wappalyzer) -- C:\Documents and Settings\Bob\Application Data\Mozilla\Firefox\Profiles\96dlx7oy.default\extensions\wappalyzer@crunchlabz.com
[2012/03/12 18:45:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/07 09:56:52 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\Bob\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\96DLX7OY.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\Bob\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\96DLX7OY.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2012/02/18 12:30:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/16 22:21:58 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/02 18:47:14 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/10/02 18:47:14 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/10/02 18:47:14 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/10/02 18:47:14 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/10/02 18:47:14 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Chrome\Application\17.0.963.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.0.147 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Bob\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2012/02/07 16:00:38 | 000,007,847 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 31.3.246.157 canefurniture.org
O1 - Hosts: 31.3.246.157 www.canefurniture.org
O1 - Hosts: 127.0.0.1 doshare.com
O1 - Hosts: 127.0.0.1 www.doshare.com
O1 - Hosts: 127.0.0.1 www.123share.com
O1 - Hosts: 127.0.0.1 123share.com
O1 - Hosts: 127.0.0.1 sendblaster.com
O1 - Hosts: 127.0.0.1 www.sendblaster.com
O1 - Hosts: 127.0.0.1 toolshed.syndk8.net
O1 - Hosts: 127.0.0.1 axandra.com
O1 - Hosts: 127.0.0.1 www.axandra.com
O1 - Hosts: 127.0.0.1 keywordindex.com
O1 - Hosts: 127.0.0.1 www.keywordindex.com
O1 - Hosts: 127.0.0.1 link-assistant.com
O1 - Hosts: 127.0.0.1 www.link-assistant.com
O1 - Hosts: 127.0.0.1 traffictravis.com
O1 - Hosts: 127.0.0.1 www.traffictravis.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com #192.150.22.22
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com #192.150.14.21
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com #192.150.18.247
O1 - Hosts: 127.0.0.1 3dns-5.adobe.com #192.150.22.46
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com #192.150.11.30
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com #192.150.11.247
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com #192.150.22.30
O1 - Hosts: 151 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF  [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\vsocklib.dll (VMware, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_21-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84FA2C41-9FA7-479B-A24F-24B124F09FCE}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Bob\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bob\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2011/04/15 21:48:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/04/17 01:23:42 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008/04/14 13:00:00 | 000,000,110 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/03/16 15:36:21 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Bob\Desktop\1O1T1L1.exe
[2012/03/16 15:35:32 | 016,409,960 | ---- | C] (Safer Networking Limited                                    ) -- C:\Documents and Settings\Bob\Desktop\sspysbotssd162.exe
[2012/03/16 15:10:57 | 000,000,000 | --SD | C] -- C:\Combo2Fix
[2012/03/16 14:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Desktop\Java6Ra-1.16-16-12-11
[2012/03/16 14:56:44 | 004,438,270 | R--- | C] (Swearware) -- C:\Documents and Settings\Bob\Desktop\Combo2Fix.exe
[2012/03/15 16:48:41 | 004,436,988 | R--- | C] (Swearware) -- C:\Documents and Settings\Bob\Desktop\Combo-Fix.exe
[2012/03/14 19:22:16 | 000,000,000 | ---D | C] -- C:\$WIN_NT$.~LS
[2012/03/14 19:22:07 | 000,000,000 | ---D | C] -- C:\$WIN_NT$.~BT
[2012/03/14 19:22:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2012/03/14 19:21:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2012/03/14 18:59:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Desktop\Microsoft.Windows.XP.Professional.SP3.Integrated.February.2011.SATA.By.Maher
[2012/03/13 04:04:08 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012/03/13 02:58:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/03/12 20:21:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/03/12 20:21:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bob\Start Menu\Programs\Administrative Tools
[2012/03/12 20:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup
[2012/03/12 20:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MozBackup
[2012/03/12 20:09:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Desktop\Backups
[2012/03/12 20:02:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Application Data\Malwarebytes
[2012/03/12 20:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/03/12 18:43:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\My Documents\Backlink Loophole Projects
[2012/03/12 18:30:34 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/03/12 18:30:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Start Menu\Programs\HiJackThis
[2012/03/12 03:06:30 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/03/11 18:21:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bob\Recent
[2012/03/06 03:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Local Settings\Application Data\e-academy Inc
[2012/03/06 03:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Application Data\e-academy Inc
[2012/02/29 01:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Seo Indexer Pro
[2012/02/29 01:05:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System64
[2012/02/29 01:05:21 | 000,000,000 | ---D | C] -- C:\Program Files (x64)
[2012/02/29 01:05:20 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr100.dll
[2012/02/29 01:05:20 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp100.dll
[2012/02/29 01:05:20 | 000,138,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atl100.dll
[2012/02/29 01:05:20 | 000,081,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcm100u.dll
[2012/02/29 01:05:20 | 000,081,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcm100.dll
[2012/02/29 01:05:20 | 000,064,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100fra.dll
[2012/02/29 01:05:20 | 000,064,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100deu.dll
[2012/02/29 01:05:20 | 000,063,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100esn.dll
[2012/02/29 01:05:20 | 000,062,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100ita.dll
[2012/02/29 01:05:20 | 000,060,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100rus.dll
[2012/02/29 01:05:20 | 000,055,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100enu.dll
[2012/02/29 01:05:20 | 000,051,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vcomp100.dll
[2012/02/29 01:05:20 | 000,043,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100jpn.dll
[2012/02/29 01:05:20 | 000,043,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100kor.dll
[2012/02/29 01:05:20 | 000,036,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100cht.dll
[2012/02/29 01:05:20 | 000,036,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100chs.dll
[2012/02/29 01:05:19 | 004,422,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100u.dll
[2012/02/29 01:05:19 | 004,397,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc100.dll
[2012/02/29 01:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\stephenhawkins
[2012/02/29 01:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2012/02/28 15:47:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\My Documents\CGC
[2012/02/21 23:39:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TweetAttacks
[2012/02/21 23:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\Traffic Addict
[2012/02/21 23:19:48 | 000,000,000 | ---D | C] -- C:\ErrorLog
[2012/02/18 16:23:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\My Documents\My Virtual Machines
[2012/02/18 16:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Local Settings\Application Data\VMware
[2012/02/18 16:14:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bob\Application Data\VMware
[2012/02/17 10:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\VMware
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/03/16 15:36:20 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bob\Desktop\1O1T1L1.exe
[2012/03/16 15:35:54 | 016,409,960 | ---- | M] (Safer Networking Limited                                    ) -- C:\Documents and Settings\Bob\Desktop\sspysbotssd162.exe
[2012/03/16 15:32:10 | 001,008,141 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\killer.scr
[2012/03/16 15:22:13 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\SDMsgUpdate (TE).job
[2012/03/16 15:21:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/16 14:57:35 | 000,160,639 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\Java6Ra-1.16-16-12-11.zip
[2012/03/16 14:56:44 | 004,438,270 | R--- | M] (Swearware) -- C:\Documents and Settings\Bob\Desktop\Combo2Fix.exe
[2012/03/16 14:16:02 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-682003330-1801674531-1003UA.job
[2012/03/16 12:16:02 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-682003330-1801674531-1003Core.job
[2012/03/16 03:07:47 | 000,023,957 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\gmer.PNG
[2012/03/15 17:31:56 | 000,110,080 | ---- | M] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/15 17:10:02 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\k9f7kvy69.exe
[2012/03/15 17:09:33 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\Flagh_Disinhector.exe
[2012/03/15 16:54:16 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\Win32kDiag.exe
[2012/03/15 16:49:03 | 004,436,988 | R--- | M] (Swearware) -- C:\Documents and Settings\Bob\Desktop\Combo-Fix.exe
[2012/03/15 16:32:10 | 000,000,384 | RHS- | M] () -- C:\boot.ini
[2012/03/14 19:18:49 | 002,215,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/14 19:18:43 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/14 11:26:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/03/14 04:57:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/03/12 20:20:24 | 028,004,238 | ---- | M] () -- C:\Documents and Settings\Bob\My Documents\Firefox 10.0.2 (en-GB) - 2012-03-12.pcv
[2012/03/12 20:01:44 | 000,000,327 | -HS- | M] () -- C:\Boot.bak
[2012/03/11 18:17:48 | 000,000,853 | ---- | M] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/03/07 19:25:43 | 000,499,158 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/07 19:25:43 | 000,086,982 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/07 18:54:26 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\PUTTY.RND
[2012/03/06 12:52:06 | 000,000,419 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2012/03/06 12:52:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2012/03/01 19:18:45 | 000,001,881 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\.htaccess.hack
[2012/03/01 18:27:18 | 000,063,240 | ---- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/02/29 01:06:05 | 000,000,291 | ---- | M] () -- C:\Documents and Settings\Bob\My Documents\FASTINDEX.REG
[2012/02/29 01:05:22 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Seo Fast Indexer Guide.pdf.lnk
[2012/02/28 15:05:53 | 006,368,484 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\Desser 2012 Brochure.pdf
[2012/02/27 04:13:35 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/21 23:35:22 | 000,000,728 | ---- | M] () -- C:\defaults
[2012/02/21 23:35:22 | 000,000,000 | ---- | M] () -- C:\grid
[2012/02/21 19:11:54 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/18 15:20:04 | 000,050,331 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\ally-mccoist.jpg
[2012/02/16 17:34:42 | 000,015,727 | ---- | M] () -- C:\Documents and Settings\Bob\Desktop\gers.jpg
[2012/02/16 07:42:10 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Bob\Application Data\winscp.rnd
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/06/10 12:10:02 | 000,000,019 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\CTDChannels_Version.cd27244d.cdf
[2012/03/16 15:32:13 | 001,008,141 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\killer.scr
[2012/03/16 14:57:41 | 000,160,639 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\Java6Ra-1.16-16-12-11.zip
[2012/03/16 03:07:47 | 000,023,957 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\gmer.PNG
[2012/03/15 17:10:04 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\k9f7kvy69.exe
[2012/03/15 17:09:44 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\Flagh_Disinhector.exe
[2012/03/15 16:54:16 | 000,047,616 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\Win32kDiag.exe
[2012/03/14 19:24:27 | 000,513,436 | ---- | C] () -- C:\txtsetup.sif
[2012/03/14 19:24:27 | 000,260,288 | ---- | C] () -- C:\$LDR$
[2012/03/12 20:19:58 | 028,004,238 | ---- | C] () -- C:\Documents and Settings\Bob\My Documents\Firefox 10.0.2 (en-GB) - 2012-03-12.pcv
[2012/03/12 04:22:56 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/03/12 04:22:56 | 000,001,132 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk
[2012/03/12 04:22:56 | 000,000,862 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Seo Fast Indexer Guide.pdf.lnk
[2012/03/12 04:22:56 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/03/12 04:22:56 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/12 04:22:56 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/03/12 04:22:56 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/03/12 04:22:56 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/03/12 04:22:56 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/03/12 04:22:55 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/03/12 04:22:55 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2012/03/12 04:22:55 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/03/12 04:22:55 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Market Samurai.lnk
[2012/03/01 19:18:45 | 000,001,881 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\.htaccess.hack
[2012/03/01 18:06:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/03/01 18:06:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/29 01:06:04 | 000,000,291 | ---- | C] () -- C:\Documents and Settings\Bob\My Documents\FASTINDEX.REG
[2012/02/28 15:05:29 | 006,368,484 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\Desser 2012 Brochure.pdf
[2012/02/21 23:19:08 | 000,000,728 | ---- | C] () -- C:\defaults
[2012/02/21 23:19:08 | 000,000,000 | ---- | C] () -- C:\grid
[2012/02/18 15:20:03 | 000,050,331 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\ally-mccoist.jpg
[2012/02/16 17:34:41 | 000,015,727 | ---- | C] () -- C:\Documents and Settings\Bob\Desktop\gers.jpg
[2012/02/14 15:25:13 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\winscp.rnd
[2012/02/14 10:46:40 | 000,205,232 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/02/05 04:12:46 | 000,000,099 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2012/02/05 04:12:46 | 000,000,020 | ---- | C] () -- C:\WINDOWS\akebook.ini
[2012/02/05 04:12:46 | 000,000,004 | ---- | C] () -- C:\WINDOWS\a3kebook.ini
[2011/11/13 23:10:44 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193}
[2011/11/01 12:03:54 | 000,000,418 | ---- | C] () -- C:\WINDOWS\ABC_mru.ini
[2011/10/29 23:55:00 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011/06/28 08:55:57 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Bob\Application Data\PUTTY.RND
[2011/06/11 22:11:36 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011/05/12 09:31:17 | 000,063,240 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/26 09:19:05 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011/04/26 09:19:05 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011/04/25 16:06:44 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\PUTTY.RND
[2011/04/21 12:08:28 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/04/21 12:08:28 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/04/21 12:08:28 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/04/21 12:08:28 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/04/21 12:08:28 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/04/19 10:17:00 | 000,000,634 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/04/17 13:49:53 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2011/04/17 01:27:58 | 000,110,080 | ---- | C] () -- C:\Documents and Settings\Bob\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/16 09:59:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011/04/16 02:36:12 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/16 02:02:45 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011/04/16 02:02:45 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011/04/16 02:02:41 | 000,239,869 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011/04/16 00:09:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/04/15 23:35:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/04/15 22:36:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/04/15 22:34:57 | 002,215,784 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/15 21:53:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/04/15 21:44:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/21 18:56:22 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll

< End of report >