OTL logfile created on: 9/11/2012 8:29:20 AM - Run 1 OTL by OldTimer - Version 3.2.61.3 Folder = C:\Documents and Settings\El Jeffe\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.25 Gb Total Physical Memory | 0.56 Gb Available Physical Memory | 45.03% Memory free 2.98 Gb Paging File | 2.40 Gb Available in Paging File | 80.64% Paging File free Paging file location(s): C:\pagefile.sys 1920 3840 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.50 Gb Total Space | 30.28 Gb Free Space | 40.64% Space Free | Partition Type: NTFS Drive D: | 465.76 Gb Total Space | 428.00 Gb Free Space | 91.89% Space Free | Partition Type: NTFS Computer Name: GLENNWORKPC | User Name: El Jeffe | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/09/11 08:27:36 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\El Jeffe\Desktop\OTL.exe PRC - [2012/09/10 10:19:33 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe PRC - [2012/05/03 17:52:18 | 000,024,712 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EASEUS\Todo Backup\bin\GuardAgent.exe PRC - [2012/05/03 17:52:10 | 000,070,280 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EASEUS\Todo Backup\bin\Agent.exe PRC - [2012/04/30 19:56:52 | 000,213,888 | ---- | M] (FileOpen Systems Inc.) -- C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe PRC - [2012/04/30 19:56:50 | 000,836,480 | ---- | M] (FileOpen Systems Inc.) -- C:\Program Files\FileOpen\Services\FileOpenBroker32.exe PRC - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe PRC - [2011/09/23 15:36:50 | 000,729,088 | ---- | M] (Rhapsody International Inc.) -- C:\Program Files\Rhapsody\rhaphlpr.exe PRC - [2011/04/08 05:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe PRC - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/09/10 10:19:32 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012/07/26 07:54:30 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll MOD - [2012/05/03 17:51:16 | 000,066,184 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\TbTapeBrowse.dll MOD - [2012/05/03 17:51:14 | 000,095,880 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\TBFireWall.dll MOD - [2012/05/03 17:51:14 | 000,051,336 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\TBGetRemoteNetInfo.dll MOD - [2012/05/03 17:51:12 | 000,106,120 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\NASOperator.dll MOD - [2012/05/03 17:51:10 | 000,254,088 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\ExImage.dll MOD - [2012/05/03 17:51:08 | 000,382,600 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\ExchBackupSizeEx.dll MOD - [2012/05/03 17:51:08 | 000,194,696 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\ExchBackupSize.dll MOD - [2012/05/03 17:51:08 | 000,070,280 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\EnumTapeDevice.dll MOD - [2012/05/03 17:51:06 | 000,051,848 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\CodeLog.dll MOD - [2012/05/03 17:51:06 | 000,037,000 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\CompressFile.dll MOD - [2012/05/03 17:51:06 | 000,023,176 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\AccountManager.dll MOD - [2011/04/21 16:54:40 | 000,347,024 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl MOD - [2011/04/21 16:54:40 | 000,179,088 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl MOD - [2011/04/21 16:54:40 | 000,046,480 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2008/11/25 17:18:00 | 001,291,264 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\libxml2.dll MOD - [2004/10/05 03:08:00 | 000,055,808 | ---- | M] () -- C:\Program Files\EASEUS\Todo Backup\bin\zlib1.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\DOCUME~1\ELJEFF~1\LOCALS~1\Temp\Y.exe -- (Y) SRV - [2012/09/10 10:19:33 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/09/07 11:19:05 | 000,404,352 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Documents and Settings\El Jeffe\Local Settings\Temp\HU.exe -- (HU) SRV - [2012/09/07 10:43:12 | 000,461,696 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Documents and Settings\El Jeffe\Local Settings\Temp\FJENXFC.exe -- (FJENXFC) SRV - [2012/07/13 14:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5) SRV - [2012/05/03 17:52:18 | 000,024,712 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EASEUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent) SRV - [2012/05/03 17:52:10 | 000,070,280 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files\EASEUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent) SRV - [2012/04/30 19:56:52 | 000,213,888 | ---- | M] (FileOpen Systems Inc.) [Auto | Running] -- C:\Program Files\FileOpen\Services\FileOpenManagerSvc32.exe -- (FileOpenManagerSvc) SRV - [2012/04/04 18:47:32 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012/03/06 14:19:35 | 000,732,160 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\AutoKMS\AutoKMS.exe -- (AutoKMS) SRV - [2012/02/14 02:19:58 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\VPN4ALL\Connect\openvpnserv.exe -- (OpenVPNService) SRV - [2012/01/23 18:58:50 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009/12/15 00:43:20 | 000,515,560 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/07/07 15:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\screamingbdriver.sys -- (SCREAMINGBDRIVER) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rootrepeal.sys -- (rootrepeal) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EUFDDISK0.sys -- (EUFDDISK0) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EUBKMON0.sys -- (EUBKMON0) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EUBAKUP0.sys -- (EUBAKUP0) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a5dy52c1) DRV - [2012/07/15 14:00:47 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2012/05/03 17:52:00 | 000,185,864 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EuFdDisk.sys -- (EUFDDISK) DRV - [2012/05/03 17:51:58 | 000,041,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\EUBKMON.sys -- (EUBKMON) DRV - [2012/05/03 17:51:52 | 000,016,008 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eudskacs.sys -- (EUDSKACS) DRV - [2012/05/03 17:51:50 | 000,050,312 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\eubakup.sys -- (EUBAKUP) DRV - [2012/04/24 13:59:24 | 000,021,808 | ---- | M] (An Chen Computer Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Aldebaran.sys -- (Aldebaran) DRV - [2012/04/24 13:59:24 | 000,016,855 | ---- | M] (An Chen Computer Co., Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Achernar.sys -- (Achernar) DRV - [2012/02/14 02:20:16 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2011/08/26 16:11:40 | 000,027,552 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys -- (IObitUnlocker) DRV - [2011/08/09 15:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2011/08/09 10:37:28 | 000,039,824 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2011/08/04 10:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2011/08/04 10:20:38 | 000,061,936 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2011/08/04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011/07/29 13:54:56 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv) DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2011/04/29 16:47:24 | 000,033,560 | ---- | M] (SUNPLUS TECHNOLOGY Co., LTD.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPCP825K.sys -- (SPCP825K) DRV - [2010/09/17 06:00:28 | 000,599,936 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su) DRV - [2010/02/11 00:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009/07/07 15:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis) DRV - [2009/07/07 15:48:44 | 000,025,392 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp) DRV - [2009/03/02 11:24:26 | 000,030,136 | ---- | M] (Resplendence Software Projects Sp.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rspSanity32.sys -- (rspSanity) DRV - [2007/02/03 11:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007/02/03 11:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL) DRV - [2006/04/26 02:03:56 | 000,009,600 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ISODisk.sys -- (ISODisk) DRV - [2005/11/16 16:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2003/07/23 02:44:18 | 000,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\MLPTDR_Q.SYS -- (MLPTDR_Q) DRV - [2003/04/14 16:00:40 | 000,032,512 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MXOFX.SYS -- (MXOFX) DRV - [2002/05/30 00:11:14 | 000,108,548 | ---- | M] (Network Associates Technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\PGPdisk.sys -- (PGPdisk) DRV - [2002/05/29 23:20:48 | 000,006,656 | ---- | M] (Network Associates, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PGPmemlock.sys -- (PGPmemlock) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/ IE - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678 IE - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "my.yahoo.com" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: File not found FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/08/16 16:29:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/10 10:19:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/10 10:19:16 | 000,000,000 | ---D | M] [2012/01/18 21:10:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\El Jeffe\Application Data\Mozilla\Extensions [2012/08/30 09:11:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\El Jeffe\Application Data\Mozilla\Firefox\Profiles\vdaxwjtt.default\extensions [2012/05/30 10:01:21 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\El Jeffe\Application Data\Mozilla\Firefox\Profiles\vdaxwjtt.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2012/08/30 09:11:24 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Documents and Settings\El Jeffe\Application Data\Mozilla\Firefox\Profiles\vdaxwjtt.default\extensions\donottrackplus@abine.com [2012/08/30 09:11:02 | 000,199,396 | ---- | M] () (No name found) -- C:\Documents and Settings\El Jeffe\Application Data\Mozilla\Firefox\Profiles\vdaxwjtt.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012/08/29 13:56:22 | 000,007,915 | ---- | M] () (No name found) -- C:\Documents and Settings\El Jeffe\Application Data\Mozilla\Firefox\Profiles\vdaxwjtt.default\extensions\donottrackplus@abine.com\chrome\content\ff\view_expiry.js [2012/09/10 13:54:40 | 000,005,472 | ---- | M] () -- C:\Documents and Settings\El Jeffe\Application Data\Mozilla\Firefox\Profiles\vdaxwjtt.default\searchplugins\startpage-https.xml [2012/09/10 10:19:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/09/10 10:19:34 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/01/12 01:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2012/08/29 09:51:36 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/08/29 09:51:36 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2012/09/10 07:22:02 | 000,000,843 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [FileOpenBroker] C:\Program Files\FileOpen\Services\FileOpenBroker32.exe (FileOpen Systems Inc.) O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 File not found O4 - HKU\S-1-5-18..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023 File not found O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoManageMyComputerVerb = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartmenuLogoff = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinterTabs = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinters = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoSecCpl = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoVisualStyleChoice = 0 O7 - HKU\S-1-5-21-2000478354-1592454029-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCpl = 0 O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.238.64.12 68.238.96.12 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8071B03F-8382-4EDD-8098-A000584A3D92}: DhcpNameServer = 68.238.64.12 68.238.96.12 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9E9BD90-381A-4B25-A152-DF6DFDA97484}: DhcpNameServer = 192.168.1.1 4.2.2.2 O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\El Jeffe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\El Jeffe\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/01/18 20:35:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/09/11 08:27:35 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\El Jeffe\Desktop\OTL.exe [2012/09/10 10:19:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012/09/07 12:18:43 | 000,030,136 | ---- | C] (Resplendence Software Projects Sp.) -- C:\WINDOWS\System32\drivers\rspSanity32.sys [2012/09/05 07:21:27 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\El Jeffe\Desktop\esetsmartinstaller_enu.exe [2012/09/04 11:30:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\El Jeffe\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012/08/29 15:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\FileOpen [2012/08/27 10:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\El Jeffe\My Documents\Skype Voice Records [2012/08/27 10:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\El Jeffe\My Documents\Clownfish Avatars [2012/08/16 16:37:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe [2012/08/16 16:29:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe LiveCycle ES2 [2012/08/16 16:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ALM [2012/08/16 15:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2012/08/16 15:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe [2012/08/16 15:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Master Collection CS5 [2012/08/16 15:53:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2012/08/16 15:53:05 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012/08/16 15:51:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe [2012/08/16 15:48:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\El Jeffe\Local Settings\Application Data\Adobe [2012/08/16 12:45:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\El Jeffe\Application Data\Adobe [2012/08/14 13:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\El Jeffe\Application Data\PGP [2012/08/14 12:28:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\El Jeffe\Application Data\Brother [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/09/11 08:27:36 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\El Jeffe\Desktop\OTL.exe [2012/09/11 08:00:06 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2012/09/11 07:50:00 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/09/11 07:03:43 | 000,870,128 | ---- | M] () -- C:\Documents and Settings\El Jeffe\Application Data\mcs.rma [2012/09/11 07:03:43 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\El Jeffe\Application Data\C02984 [2012/09/11 06:57:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/09/11 06:56:59 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/09/11 06:56:40 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job [2012/09/11 06:56:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/09/11 06:56:28 | 1340,231,680 | -HS- | M] () -- C:\hiberfil.sys [2012/09/10 13:36:22 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI [2012/09/10 13:04:26 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012/09/06 13:39:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012/09/05 14:48:09 | 000,000,512 | ---- | M] () -- C:\WINDOWS\randseed.rnd [2012/09/05 09:06:47 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\El Jeffe\Desktop\Clownfish.lnk [2012/09/05 07:21:36 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\El Jeffe\Desktop\esetsmartinstaller_enu.exe [2012/09/04 11:30:45 | 000,059,548 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat [2012/09/04 10:59:02 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-GLENNWORKPC-El Jeffe.job [2012/08/29 07:45:38 | 000,000,099 | ---- | M] () -- C:\WINDOWS\Brownie.ini [2012/08/17 07:15:18 | 003,586,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012/08/16 16:29:59 | 000,001,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat X Pro.lnk [2012/08/14 10:59:01 | 000,303,081 | ---- | M] () -- C:\Documents and Settings\El Jeffe\Desktop\VZGL1 Claim-1.pdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/09/04 10:59:01 | 000,000,348 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-GLENNWORKPC-El Jeffe.job [2012/08/16 16:29:59 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat X Pro.lnk [2012/08/16 16:29:58 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [2012/08/16 16:29:58 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat X Pro.lnk [2012/08/16 15:53:14 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Help.lnk [2012/08/14 10:59:01 | 000,303,081 | ---- | C] () -- C:\Documents and Settings\El Jeffe\Desktop\VZGL1 Claim-1.pdf [2012/08/08 14:02:22 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2012/08/08 14:02:21 | 002,468,520 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe [2012/08/08 14:02:21 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe [2012/08/08 14:02:21 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2012/08/08 14:02:21 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2012/08/08 08:58:43 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2012/07/18 20:45:46 | 000,059,548 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012/07/16 16:13:11 | 000,001,534 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ss.ini [2012/07/16 09:43:31 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2012/07/16 09:43:06 | 000,000,146 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI [2012/07/16 09:43:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini [2012/07/16 09:43:04 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\brlmw03a.ini [2012/07/16 09:43:03 | 000,009,868 | ---- | C] () -- C:\WINDOWS\HL-2170W.INI [2012/07/16 09:41:19 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\bd2170w.dat [2012/07/16 09:40:57 | 000,000,099 | ---- | C] () -- C:\WINDOWS\Brownie.ini [2012/04/21 13:18:26 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\El Jeffe\Local Settings\Application Data\fusioncache.dat [2012/04/06 22:04:15 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2012/04/02 16:14:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2012/03/06 14:19:55 | 000,151,552 | ---- | C] () -- C:\WINDOWS\KMSEmulator.exe [2012/02/24 13:26:57 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\El Jeffe\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/02/13 19:24:42 | 000,038,476 | ---- | C] () -- C:\Documents and Settings\El Jeffe\Application Data\Comma Separated Values (DOS).ADR [2012/02/01 09:41:01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/01/31 17:31:16 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\El Jeffe\Application Data\C02984 [2012/01/31 17:31:15 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\El Jeffe\Application Data\mcs.rma [2012/01/27 19:10:34 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2012/01/27 19:10:33 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2012/01/27 19:10:33 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2012/01/27 19:10:33 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2012/01/27 19:10:33 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2012/01/27 19:10:33 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2012/01/27 19:10:33 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2012/01/27 19:10:33 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2012/01/27 19:10:33 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2012/01/27 19:10:33 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2012/01/27 19:10:33 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2012/01/27 19:10:33 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2012/01/27 19:10:33 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2012/01/27 19:10:33 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2012/01/27 19:10:33 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2012/01/27 19:10:33 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2012/01/20 14:55:55 | 000,041,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\EUBKMON.sys [2012/01/20 12:43:44 | 000,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\ISODisk.sys [2012/01/19 17:41:16 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi [2012/01/19 13:14:09 | 000,002,179 | ---- | C] () -- C:\Documents and Settings\El Jeffe\Application Data\mainhst.zgh [2012/01/19 11:40:12 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2012/01/19 11:31:55 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\InstMed.exe [2012/01/18 21:02:25 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2012/01/18 21:02:18 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2012/01/18 20:37:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012/01/18 20:32:36 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2012/01/18 12:26:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012/01/18 12:24:37 | 003,586,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [color=#E56717]========== LOP Check ==========[/color] [2012/01/28 18:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IObit [2012/09/10 13:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2012/07/25 16:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2012/07/15 14:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2012/03/13 22:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON [2012/02/14 18:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileOpen [2012/07/16 16:12:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP [2012/05/07 21:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GNU [2012/03/14 12:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GPS Master [2012/02/29 12:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit [2012/09/10 13:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack [2012/03/14 12:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAPTAQ GPS Watch software [2012/05/07 11:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PGP [2012/07/26 14:27:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe [2012/08/15 10:25:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\BitComet [2012/09/04 11:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012/08/16 15:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\DAEMON Tools Lite [2012/01/24 20:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\Dextronet [2012/07/19 11:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\Dropbox [2012/05/15 11:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\ElevatedDiagnostics [2012/01/27 19:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\EPSON [2012/02/14 18:58:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\FileOpen [2012/03/09 09:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\FileZilla [2012/03/06 21:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\Godlike [2012/01/27 16:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\IObit [2012/01/19 20:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\Itsth [2012/06/04 09:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\Oracle [2012/08/14 13:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\PGP [2012/02/28 16:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\Windows Desktop Search [2012/01/20 15:47:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\El Jeffe\Application Data\Windows Search [2012/05/07 21:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\gnupg [2012/09/11 06:56:40 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job [2012/05/31 18:03:02 | 000,000,268 | ---- | M] () -- C:\WINDOWS\Tasks\LaunchApp.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color] [C:\WINDOWS\$NtUninstallKB15872$] -> Error: Cannot create file handle -> Unknown point type < End of report >