OTL:
OTL logfile created on: 10/3/2009 4:36:23 PM - Run 1
OTL by OldTimer - Version 3.0.18.2 Folder = C:\Users\Nate\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116.44 Gb Total Space | 37.09 Gb Free Space | 31.85% Space Free | Partition Type: NTFS
Drive D: | 106.68 Gb Total Space | 93.70 Gb Free Space | 87.83% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: NATE-PC
Current User Name: Nate
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2007/11/30 12:20:44 | 00,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/12/26 15:38:32 | 00,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/11 00:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/09/15 15:32:14 | 01,114,536 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
PRC - [2009/05/18 23:23:16 | 00,049,968 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe
PRC - [2008/11/06 11:33:00 | 00,041,264 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aolsoftware.exe
PRC - [2009/09/16 11:40:28 | 01,086,232 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
PRC - [2009/09/13 23:29:56 | 00,346,168 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
PRC - [2007/02/10 05:29:54 | 29,178,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2007/02/10 05:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2009/09/15 18:39:56 | 01,595,016 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
PRC - [2009/04/11 00:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/04/11 00:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/09/28 11:05:02 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Users\Nate\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/09/28 11:05:02 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Users\Nate\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/09/28 11:05:02 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Users\Nate\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/04/11 00:28:15 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/10/03 16:35:24 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Users\Nate\Desktop\OTL.exe
========== Win32 Services (SafeList) ========== SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Disabled | Stopped])
SRV - [2009/09/13 23:31:30 | 00,183,880 | ---- | M] (BitDefender S.R.L.
http://www.bitdefender.com) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Arrakis3 [On_Demand | Stopped])
SRV - [2007/02/06 11:29:59 | 00,074,240 | R--- | M] (Cognizance Corporation) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll -- (ASBroker [Auto | Running])
SRV - [2006/06/21 04:13:59 | 00,131,584 | R--- | M] (Cognizance Corporation) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll -- (ASChannel [Auto | Running])
SRV - [2007/02/05 19:13:14 | 00,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService [Disabled | Stopped])
SRV - [2009/03/29 22:42:10 | 00,031,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2007/08/08 01:08:40 | 00,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv [Disabled | Stopped])
SRV - [2009/02/04 09:33:28 | 02,944,736 | ---- | M] (Bradford Networks) -- C:\Program Files\Bradford Networks\Persistent Agent\bndaemon.exe -- (BNPagent [Disabled | Stopped])
SRV - [2009/03/29 22:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/01/20 20:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 06:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 06:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/04/11 00:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2007/06/01 12:00:20 | 00,647,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng [Disabled | Stopped])
SRV - [2008/08/31 10:46:12 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [Disabled | Stopped])
SRV - [2009/02/18 12:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/03/24 15:51:36 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2007/10/23 20:02:15 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Disabled | Stopped])
SRV - [2009/02/18 12:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [Disabled | Stopped])
SRV - [2008/03/17 19:07:02 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Disabled | Stopped])
SRV - [2009/09/13 23:29:56 | 00,346,168 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe -- (LIVESRV [Auto | Running])
SRV - [2006/10/27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2007/02/10 05:29:54 | 29,178,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ [Auto | Running])
SRV - [2005/10/14 02:50:20 | 00,045,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper [Disabled | Stopped])
SRV - [2009/02/18 12:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/08/30 13:17:30 | 03,407,412 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des -- (npggsvc [Disabled | Stopped])
SRV - [2006/10/26 20:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 15:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/03/13 05:50:20 | 00,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3 [Disabled | Stopped])
SRV - [2008/10/07 09:58:53 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA [Disabled | Stopped])
SRV - [2008/10/07 09:59:18 | 00,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB [Disabled | Stopped])
SRV - [2007/06/01 11:41:30 | 00,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc [Disabled | Stopped])
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Disabled | Stopped])
SRV - [2009/07/13 20:28:18 | 00,323,584 | ---- | M] (S.C. BitDefender S.R.L) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll -- (scan [On_Demand | Stopped])
SRV - [2007/08/03 13:24:54 | 00,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr [Disabled | Stopped])
SRV - [2007/02/10 05:29:48 | 00,242,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser [Disabled | Stopped])
SRV - [2007/02/10 05:29:56 | 00,089,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter [Auto | Running])
SRV - [2007/01/04 15:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Disabled | Stopped])
SRV - [2009/09/15 18:39:56 | 01,595,016 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe -- (VSSERV [Auto | Running])
SRV - [2008/01/20 20:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2008/01/20 20:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.asus.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.asus.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.asus.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\BitDefender\BitDefender 2009\FFToolbar\
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/23 19:10:09 | 00,000,000 | ---D | M]
[2009/09/30 09:51:29 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\mozilla\Extensions
[2009/09/30 09:51:29 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/09/30 10:54:05 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\mozilla\Firefox\Profiles\apeb6cgj.default\extensions
[2009/09/30 10:54:05 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\mozilla\Firefox\Profiles\apeb6cgj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/09/30 09:51:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/30 09:51:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/17 03:44:22 | 00,049,664 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2009/08/24 12:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/08/24 12:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/08/24 12:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/08/24 12:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/08/24 12:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/24 12:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/08/24 12:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (338164 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 11597 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PE_IE_Helper Class) - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files\IBM\Lotus Forms\Viewer\3.0\PEhelper.dll (IBM Corporation)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKCU..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe (Sammsoft)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -Mozilla\4.0 ( File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E}
http://www.systemreq...sreqlab_srl.cab (System Requirements Lab Class)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B}
http://www.fileplane...C_2.3.9.113.cab (CDownloadCtrl Object)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx...owserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.85.102 68.87.69.150
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: Nla - Service key not found. File not found
NetSvcs: Ntmssvc - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: SRService - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: LogonHours - Service key not found. File not found
NetSvcs: PCAudit - Service key not found. File not found
NetSvcs: helpsvc - Service key not found. File not found
NetSvcs: uploadmgr - Service key not found. File not found
========== Files/Folders - Created Within 14 Days ========== [2009/10/03 16:18:17 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/01 19:54:16 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/10/03 16:18:22 | 00,000,000 | ---D | C] -- C:\Users\Nate\AppData\Roaming\Malwarebytes
[2009/09/30 20:46:15 | 00,000,000 | ---D | C] -- C:\Users\Nate\AppData\Roaming\Sammsoft
[2009/09/30 20:46:02 | 00,000,000 | ---D | C] -- C:\Program Files\Advanced Registry Optimizer
[2009/09/30 22:46:29 | 00,000,000 | ---D | C] -- C:\Program Files\Eusing Free Registry Cleaner
[2009/10/03 16:18:17 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/09/30 20:46:05 | 00,000,000 | ---D | C] -- C:\Program Files\MemTurbo 4
[2009/10/01 19:54:16 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/10/03 16:35:24 | 00,519,168 | ---- | C] (OldTimer Tools) -- C:\Users\Nate\Desktop\OTL.exe
[2009/10/03 16:32:09 | 00,472,064 | ---- | C] ( ) -- C:\Users\Nate\Desktop\RootRepeal.exe
[2009/10/03 16:18:18 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/10/03 16:18:17 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/10/03 16:15:49 | 04,045,536 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Nate\Desktop\mbam-setup.exe
[2009/10/03 16:14:55 | 00,271,872 | ---- | C] (OldTimer Tools) -- C:\Users\Nate\Desktop\TFC.exe
[2009/10/03 15:39:27 | 00,000,000 | --SD | C] -- C:\ComboFix
[2009/10/03 15:21:50 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2009/10/03 15:21:50 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2009/10/03 15:21:50 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2009/10/03 15:21:50 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2009/10/03 15:21:37 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/10/03 15:19:26 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/10/03 13:05:36 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/10/02 12:55:41 | 00,000,000 | ---D | C] -- C:\Windows\pss
[2009/10/01 20:19:21 | 00,000,000 | -HSD | C] -- C:\found.000
========== Files - Modified Within 14 Days ========== [1 C:\Users\Nate\Documents\*.tmp files]
[2009/10/03 16:36:31 | 00,816,830 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/10/03 16:36:31 | 00,683,700 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/10/03 16:36:31 | 00,135,610 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/10/03 16:35:24 | 00,519,168 | ---- | M] (OldTimer Tools) -- C:\Users\Nate\Desktop\OTL.exe
[2009/10/03 16:35:10 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1760DD21-BEA6-46DE-8969-B7A39D6071B2}.job
[2009/10/03 16:32:49 | 00,000,000 | ---- | M] () -- C:\Users\Nate\Desktop\settings.dat
[2009/10/03 16:32:36 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/10/03 16:32:09 | 00,472,064 | ---- | M] ( ) -- C:\Users\Nate\Desktop\RootRepeal.exe
[2009/10/03 16:29:35 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/03 16:29:35 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/03 16:29:33 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/03 16:29:31 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/03 16:29:28 | 32,204,30848 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/03 16:24:32 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/10/03 16:24:25 | 02,217,787 | -H-- | M] () -- C:\Users\Nate\AppData\Local\IconCache.db
[2009/10/03 16:18:21 | 00,000,825 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/03 16:15:55 | 04,045,536 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Nate\Desktop\mbam-setup.exe
[2009/10/03 16:14:55 | 00,271,872 | ---- | M] (OldTimer Tools) -- C:\Users\Nate\Desktop\TFC.exe
[2009/10/03 15:19:10 | 03,324,455 | R--- | M] () -- C:\Users\Nate\Desktop\ComboFix.exe
[2009/10/03 13:59:20 | 00,000,132 | ---- | M] () -- C:\Windows\System32\rezumatenoi.dat
[2009/10/03 13:54:00 | 00,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3200097402-3979270671-3123131934-1000UA.job
[2009/10/03 13:50:37 | 00,069,652 | ---- | M] () -- C:\Users\Nate\AppData\Roaming\nvModes.001
[2009/10/03 13:34:25 | 00,000,016 | ---- | M] () -- C:\Windows\System32\asdict.dat
[2009/10/03 13:34:25 | 00,000,004 | ---- | M] () -- C:\Windows\System32\aspdict-en.dat
[2009/10/03 13:34:25 | 00,000,000 | ---- | M] () -- C:\Windows\System32\ab_bl.sig
[2009/10/03 13:34:25 | 00,000,000 | ---- | M] () -- C:\pcwords2.dat
[2009/10/03 13:34:25 | 00,000,000 | ---- | M] () -- C:\pcwords.dat
[2009/10/03 13:34:25 | 00,000,000 | ---- | M] () -- C:\pcconf.ini
[2009/10/03 13:34:25 | 00,000,000 | ---- | M] () -- C:\pc_sign.slf
[2009/10/03 13:21:11 | 00,002,016 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus 2010.lnk
[2009/10/03 13:05:39 | 00,081,984 | ---- | M] () -- C:\Windows\System32\bdod.bin
[2009/10/03 12:33:27 | 00,000,020 | ---- | M] () -- C:\Users\Nate\Documents\aionmemo_bb6e cc5.dat
[2009/10/03 08:31:33 | 00,000,050 | ---- | M] () -- C:\Windows\MegaManager.INI
[2009/10/02 12:53:05 | 00,000,004 | ---- | M] () -- C:\Windows\win.cnt
[2009/10/02 11:08:11 | 00,338,164 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2009/10/02 10:55:07 | 00,338,164 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20091002-110811.backup
[2009/10/01 20:14:07 | 00,000,177 | ---- | M] () -- C:\Windows\wininit.ini
[2009/10/01 19:54:24 | 00,001,062 | ---- | M] () -- C:\Users\Nate\Desktop\Spybot - Search & Destroy.lnk
[2009/09/30 22:46:30 | 00,000,869 | ---- | M] () -- C:\Users\Nate\Desktop\Eusing Free Registry Cleaner.lnk
[2009/09/30 20:47:15 | 00,000,248 | ---- | M] () -- C:\Windows\system.ini
[2009/09/30 20:46:06 | 00,001,847 | ---- | M] () -- C:\Users\Nate\Desktop\Check PC For Errors.lnk
[2009/09/30 19:32:04 | 00,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2009/09/30 19:09:43 | 00,000,132 | ---- | M] () -- C:\httpdwl.dat
[2009/09/30 10:57:01 | 00,164,172 | ---- | M] () -- C:\Users\Nate\Desktop\websngprof.zip
[2009/09/29 09:08:20 | 00,069,652 | ---- | M] () -- C:\Users\Nate\AppData\Roaming\nvModes.dat
[2009/09/28 15:14:23 | 00,053,225 | ---- | M] () -- C:\Users\Nate\Desktop\pyramidcostume.jpg
[2009/09/27 12:56:08 | 00,000,680 | ---- | M] () -- C:\Users\Nate\AppData\Local\d3d9caps.dat
[2009/09/27 07:09:15 | 00,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3200097402-3979270671-3123131934-1000Core.job
[2009/09/23 09:19:23 | 00,031,232 | ---- | M] () -- C:\Users\Nate\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/20 10:23:22 | 00,061,078 | ---- | M] () -- C:\Users\Nate\Desktop\crack.jpg
========== Files - No Company Name ==========[2009/10/03 16:32:49 | 00,000,000 | ---- | C] () -- C:\Users\Nate\Desktop\settings.dat
[2009/10/03 16:24:25 | 02,217,787 | -H-- | C] () -- C:\Users\Nate\AppData\Local\IconCache.db
[2009/10/03 16:18:21 | 00,000,825 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/03 15:21:50 | 00,229,888 | ---- | C] () -- C:\Windows\PEV.exe
[2009/10/03 15:21:50 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2009/10/03 15:21:50 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2009/10/03 15:21:50 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009/10/03 15:19:03 | 03,324,455 | R--- | C] () -- C:\Users\Nate\Desktop\ComboFix.exe
[2009/10/03 14:57:49 | 32,204,30848 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/03 13:59:20 | 00,000,132 | ---- | C] () -- C:\Windows\System32\rezumatenoi.dat
[2009/10/03 13:34:25 | 00,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2009/10/03 13:34:25 | 00,000,004 | ---- | C] () -- C:\Windows\System32\aspdict-en.dat
[2009/10/03 13:34:25 | 00,000,000 | ---- | C] () -- C:\Windows\System32\ab_bl.sig
[2009/10/03 13:34:25 | 00,000,000 | ---- | C] () -- C:\pcwords2.dat
[2009/10/03 13:34:25 | 00,000,000 | ---- | C] () -- C:\pcwords.dat
[2009/10/03 13:34:25 | 00,000,000 | ---- | C] () -- C:\pcconf.ini
[2009/10/03 13:34:25 | 00,000,000 | ---- | C] () -- C:\pc_sign.slf
[2009/10/03 13:21:11 | 00,002,016 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Antivirus 2010.lnk
[2009/10/03 08:31:33 | 00,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2009/10/01 20:14:07 | 00,000,177 | ---- | C] () -- C:\Windows\wininit.ini
[2009/10/01 19:54:24 | 00,001,062 | ---- | C] () -- C:\Users\Nate\Desktop\Spybot - Search & Destroy.lnk
[2009/09/30 22:46:30 | 00,000,869 | ---- | C] () -- C:\Users\Nate\Desktop\Eusing Free Registry Cleaner.lnk
[2009/09/30 20:46:06 | 00,001,847 | ---- | C] () -- C:\Users\Nate\Desktop\Check PC For Errors.lnk
[2009/09/30 19:09:43 | 00,000,132 | ---- | C] () -- C:\httpdwl.dat
[2009/09/30 10:56:52 | 00,164,172 | ---- | C] () -- C:\Users\Nate\Desktop\websngprof.zip
[2009/09/28 14:50:17 | 00,053,225 | ---- | C] () -- C:\Users\Nate\Desktop\pyramidcostume.jpg
[2009/09/27 12:56:08 | 00,000,680 | ---- | C] () -- C:\Users\Nate\AppData\Local\d3d9caps.dat
[2009/09/20 10:23:21 | 00,061,078 | ---- | C] () -- C:\Users\Nate\Desktop\crack.jpg
[2009/09/08 05:14:07 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/10/07 09:59:31 | 00,022,328 | ---- | C] () -- C:\Users\Nate\AppData\Roaming\PnkBstrK.sys
[2008/08/10 09:58:07 | 00,031,232 | ---- | C] () -- C:\Users\Nate\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/29 19:21:13 | 00,069,652 | ---- | C] () -- C:\Users\Nate\AppData\Roaming\nvModes.001
[2008/07/29 19:21:06 | 00,069,652 | ---- | C] () -- C:\Users\Nate\AppData\Roaming\nvModes.dat
[2008/07/29 19:20:12 | 00,000,092 | ---- | C] () -- C:\Users\Nate\AppData\Local\fusioncache.dat
[2008/07/29 15:23:24 | 00,116,928 | ---- | C] () -- C:\Users\Nate\AppData\Local\GDIPFONTCACHEV1.DAT
[2006/11/02 06:50:50 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
========== LOP Check ========== [2009/10/03 16:18:22 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming
[2009/08/26 10:53:29 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Absolute Poker
[2008/07/29 16:01:31 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\acccore
[2008/09/20 16:05:23 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Actual Tools
[2008/12/04 13:33:09 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\BitDefender
[2009/03/01 15:44:51 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\DriverCure
[2009/03/29 15:56:03 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\GetRightToGo
[2009/09/08 16:00:29 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\IGN_DLM
[2008/08/04 16:50:06 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Intel
[2009/03/03 14:49:55 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\JAM Software
[2006/11/02 06:37:34 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Media Center Programs
[2009/01/07 15:48:22 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Megaupload
[2009/09/30 09:51:42 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Move Networks
[2009/08/13 11:53:11 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Pokerazor
[2008/11/04 18:32:54 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\PureEdge
[2009/09/30 20:46:15 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Sammsoft
[2008/07/29 19:20:15 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Turbine
[2009/09/15 19:12:27 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\uTorrent
[2008/12/23 19:24:22 | 00,000,000 | ---D | M] -- C:\Users\Nate\AppData\Roaming\Ventrilo
[2009/10/03 16:32:36 | 00,000,868 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2009/09/27 07:09:15 | 00,000,852 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3200097402-3979270671-3123131934-1000Core.job
[2009/10/03 13:54:00 | 00,000,904 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3200097402-3979270671-3123131934-1000UA.job
[2009/10/03 16:29:33 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/10/03 16:24:32 | 00,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/10/03 16:35:10 | 00,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1760DD21-BEA6-46DE-8969-B7A39D6071B2}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %systemroot%\system32\eventlog.dll > < %systemroot%\system32\scecli.dll >[2009/04/11 00:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scecli.dll
< %systemroot%\netlogon.dll > < %systemroot%\system32\cngaudit.dll >[2006/11/02 03:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngaudit.dll
< %systemroot%\system32\sceclt.dll > < %systemroot%\ntelogon.dll > < %systemroot%\system32\logevent.dll > ========== Alternate Data Streams ========== @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:8CEFE51A
< End of report >