Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Keylogger on my computer

Started by tr4962 , Nov 10 2010 04:27 AM

  • Please log in to reply

#1
tr4962
Posted 10 November 2010 - 04:27 AM

tr4962

    Member

  • Member
  • PipPip
  • 11 posts
Hi

Since last week i have been worried that there is something tracking my keystrokes on my computer. My Facebook account (and my girlfriends who shares the same PC) both have had strange things happening in them, such as friends being deleted, and it saying we have become fans of things when we haven't etc, but that seems to be all. Surely a keylogger/virus would do more damage that that?

But we are still worried, we have changed our passwords many times but strange things like i mentioned above still continue to happen. It may be some sort of facebook virus instead of a keylogger.

I have done scans with Malware bytes anti malware, Spybot S&D and Norton Antivirus 2011 and they didn't find anything.

Any help is appreciated

I have done the OTL scan as it said on the guide
Here it is

OTL logfile created on: 11/10/2010 10:21:07 AM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 255.00 Mb Available Physical Memory | 25.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 59.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 919.25 Gb Total Space | 712.28 Gb Free Space | 77.48% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 804.56 Gb Free Space | 86.37% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 266.01 Gb Free Space | 28.56% Space Free | Partition Type: NTFS

Computer Name: D6G4832J | User Name: Toby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/10 10:11:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
PRC - [2010/11/10 02:10:38 | 000,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Toby\Local Settings\Temp\clclean.0001
PRC - [2010/08/30 13:10:44 | 001,085,440 | ---- | M] (Locktime Software) -- C:\Program Files\NetLimiter 3\nlsvc.exe
PRC - [2010/07/23 05:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe
PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/12/23 19:14:50 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/10/16 18:42:54 | 000,904,840 | ---- | M] (Acronis) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
PRC - [2009/10/16 18:39:32 | 000,136,544 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2009/10/16 18:39:28 | 000,431,456 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2009/10/16 18:37:22 | 001,325,936 | ---- | M] (Seagate) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
PRC - [2009/09/30 19:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/06/03 14:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/01/30 00:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/06 15:20:24 | 001,097,728 | ---- | M] ( ) -- C:\Program Files\DrayTek Vigor N61\WlanMon.exe
PRC - [2007/01/19 10:49:04 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2006/02/09 22:06:04 | 000,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2005/09/19 07:42:06 | 001,159,168 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
PRC - [2005/09/15 09:47:22 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/09/08 05:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/03/22 10:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/12/02 18:23:34 | 000,102,400 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
PRC - [2004/07/19 07:51:24 | 000,306,688 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe


========== Modules (SafeList) ==========

MOD - [2010/11/10 10:11:55 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
MOD - [2010/08/23 16:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/17 03:39:11 | 000,413,552 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.1.0.37\asOEHook.dll
MOD - [2009/07/12 07:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.1.0.37\Microsoft.VC90.CRT\msvcr90.dll
MOD - [2009/07/12 07:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton Internet Security\Engine\18.1.0.37\Microsoft.VC90.CRT\msvcp90.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/30 13:10:44 | 001,085,440 | ---- | M] (Locktime Software) [Auto | Running] -- C:\Program Files\NetLimiter 3\nlsvc.exe -- (nlsvc)
SRV - [2010/07/23 05:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe -- (NIS)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/14 10:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/10 18:29:30 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/10/16 18:39:28 | 000,431,456 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/01/30 00:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2007/01/25 17:31:34 | 000,093,048 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2007/01/19 10:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006/02/09 22:06:04 | 000,069,632 | ---- | M] (Creative Labs) [On_Demand | Running] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\nlndis.sys -- (NLNdisPT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\nlndis.sys -- (NLNdisMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\nbdrv.sys -- (Nbdrv)
DRV - [2010/11/04 20:57:38 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20101109.040\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/11/04 20:57:38 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/11/04 20:57:38 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/11/04 20:57:38 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20101109.040\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/04 00:07:06 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/10/19 20:36:22 | 000,341,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20101108.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/10/04 09:30:11 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/08/30 13:24:02 | 005,281,672 | ---- | M] (Locktime Software) [Kernel | System | Running] -- C:\Program Files\NetLimiter 3\nltdi.sys -- (nltdi)
DRV - [2010/07/29 03:33:05 | 000,666,672 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1201000.025\SYMEFA.SYS -- (SymEFA)
DRV - [2010/07/29 02:54:36 | 000,489,008 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NIS\1201000.025\SRTSP.SYS -- (SRTSP)
DRV - [2010/07/29 02:54:36 | 000,050,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1201000.025\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/07/13 01:20:22 | 000,369,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1201000.025\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/06/27 04:05:55 | 000,134,704 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1201000.025\Ironx86.SYS -- (SymIRON)
DRV - [2010/06/13 10:50:57 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1201000.025\SYMDS.SYS -- (SymDS)
DRV - [2010/04/10 19:03:40 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/12/19 10:50:25 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/12/19 10:50:25 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/12/19 10:50:16 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/12/19 10:50:03 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/26 07:44:06 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2008/04/14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/14 00:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/14 00:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/16 02:56:26 | 000,550,272 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2007/01/25 17:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2006/02/09 22:14:27 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/02/09 20:57:46 | 001,502,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005/12/11 10:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2005/09/21 10:14:32 | 001,350,784 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sigfilt.sys -- (sigfilt)
DRV - [2005/09/12 03:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/17 06:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/08/12 05:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/05/25 09:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTUSFSYN.SYS -- (CTUSFSYN)
DRV - [2005/01/10 10:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2005/01/10 10:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTOSS2K.SYS -- (ossrv)
DRV - [2004/10/19 09:07:22 | 000,009,728 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PfModNT.sys -- (PfModNT)
DRV - [2004/08/20 19:09:14 | 000,062,865 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\odysseyIM3.sys -- (odysseyIM3)
DRV - [2004/08/20 19:09:14 | 000,016,292 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 91.121.208.6:8080

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.7.5
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.4
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.1
FF - prefs.js..network.proxy.ftp: "91.121.208.6"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "91.121.208.6"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "91.121.208.6"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "91.121.208.6"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "91.121.208.6"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0


FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2010/10/04 09:30:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn\ [2010/10/04 09:29:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/28 00:13:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/30 12:36:18 | 000,000,000 | ---D | M]

[2010/04/09 16:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Mozilla\Extensions
[2010/10/22 13:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Mozilla\Firefox\Profiles\tvgshe3c.default\extensions
[2010/07/18 18:37:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Toby\Application Data\Mozilla\Firefox\Profiles\tvgshe3c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/22 16:30:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Toby\Application Data\Mozilla\Firefox\Profiles\tvgshe3c.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010/08/10 22:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Mozilla\Firefox\Profiles\tvgshe3c.default\extensions\[email protected]
[2010/10/11 20:38:16 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/28 00:13:39 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/09/28 01:08:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/09/27 15:48:10 | 000,419,407 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14474 more lines...
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DrayTek Vigor N61 802.11n Wireless USB Adapter] C:\Program Files\DrayTek Vigor N61\WlanMon.exe ( )
O4 - HKLM..\Run: [MBMon] C:\WINDOWS\System32\CTMBHA.DLL ()
O4 - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [VoiceCenter] C:\Program Files\Creative\VoiceCenter\AndreaVC.exe (Andrea Electronics Corporation)
O4 - HKCU..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: pogo.com ([uk] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} http://www.king.com/ctl/kingcomie.cab (king.com)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1261579515156 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553552000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Toby\My Documents\New Folder (7)\H+A\H+A\Copy of DSCN1949.jpg
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Toby\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/12/15 07:01:46 | 000,000,113 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{564b56c2-d149-11df-84fa-00507f364a8e}\Shell\AutoRun\command - "" = F:\Setup.exe -- [2009/01/16 07:14:08 | 000,156,312 | ---- | M] (Seagate Technology LLC)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/07 21:07:03 | 000,000,000 | ---D | C] -- C:\Program Files\StreamingStar
[2010/11/06 16:56:05 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Toby\My Documents\My Data Sources
[2010/11/05 15:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/11/05 15:58:30 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager
[2010/11/05 15:25:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/11/04 16:06:02 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/11/04 16:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/11/03 16:30:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\Calibre Library
[2010/11/03 16:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\Application Data\calibre
[2010/11/03 15:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\My Documents\My eBooks
[2010/11/03 15:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\Application Data\Mobipocket
[2010/11/03 15:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\My Documents\Xilisoft
[2010/11/03 15:49:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\Application Data\Xilisoft
[2010/11/03 01:19:23 | 000,000,000 | ---D | C] -- C:\Program Files\Deal or No Deal6474
[2010/11/03 00:12:14 | 000,000,000 | ---D | C] -- C:\Program Files\Deal or No Deal22
[2010/11/03 00:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\BigJon PCGames Config Wizard
[2010/11/02 13:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\My Documents\Video from camera
[2010/10/30 14:20:09 | 000,090,112 | ---- | C] (MindVision Software) -- C:\WINDOWS\unvise32.exe
[2010/10/30 14:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\The Rosetta Stone
[2010/10/22 11:40:34 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/10/19 18:46:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\My Documents\Swedish
[2010/10/18 17:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\My Documents\World Contest 2010
[2010/10/16 14:49:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\My Documents\Music
[2010/10/14 21:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\Application Data\skypePM
[2010/10/14 21:04:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\Application Data\Skype
[2010/10/14 15:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\My Documents\Priv
[2010/10/11 21:05:46 | 000,302,080 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\lwd.exe
[2010/10/11 21:05:35 | 001,327,189 | ---- | C] (Funk Software, Inc.) -- C:\WINDOWS\System32\odSupp_M.dll
[2010/10/11 21:05:35 | 000,679,936 | ---- | C] (Wireless Service) -- C:\WINDOWS\System32\ANIWZCS2.dll
[2010/10/11 21:05:35 | 000,262,144 | ---- | C] (Wireless Service) -- C:\WINDOWS\System32\wnicapi.dll
[2010/10/11 21:05:35 | 000,217,088 | ---- | C] (Alpha Networks Inc.) -- C:\WINDOWS\System32\aIPH.dll
[2010/10/11 21:05:35 | 000,049,152 | ---- | C] (Alpha Networks Inc.) -- C:\WINDOWS\System32\AQCKGen.dll
[2010/10/11 21:05:35 | 000,045,115 | ---- | C] (Alpha Networks Inc.) -- C:\WINDOWS\System32\ANICtl.dll
[2010/10/11 21:05:04 | 000,048,128 | ---- | C] (Alpha Networks Inc.) -- C:\WINDOWS\System32\ANIO64.sys
[2010/10/11 21:05:04 | 000,028,195 | ---- | C] (Alpha Networks Inc.) -- C:\WINDOWS\System32\ANIO.sys
[2010/10/11 21:05:04 | 000,011,904 | ---- | C] (ANI ) -- C:\WINDOWS\System32\anio4.sys
[2010/10/11 21:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\ANI
[2010/10/11 21:04:48 | 000,036,864 | ---- | C] (Alpha Networks Inc.) -- C:\WINDOWS\System32\ANIOApi.dll
[2010/10/11 21:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\DrayTek Vigor N61
[2010/10/11 19:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toby\Application Data\TeamViewer
[2009/12/24 22:43:55 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Toby\Application Data\pcouffin.sys
[1998/04/27 06:00:00 | 000,570,128 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\DAO350.DLL
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/10 10:00:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/10 02:10:59 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{E8402386-B0D0-4620-ABC3-D773D0D2DA71}
[2010/11/10 02:10:51 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{E8402386-B0D0-4620-ABC3-D773D0D2DA71}
[2010/11/10 02:10:44 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2010/11/10 02:10:35 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/10 02:10:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/10 02:10:00 | 1071,796,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/10 01:27:31 | 000,001,041 | ---- | M] () -- C:\Documents and Settings\Toby\Application Data\vso_ts_preview.xml
[2010/11/09 22:19:07 | 000,131,584 | ---- | M] () -- C:\Documents and Settings\Toby\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/09 19:57:01 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\Toby\My Documents\screenshot.doc
[2010/11/08 16:04:28 | 000,016,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/11/07 21:13:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/05 15:48:16 | 000,000,722 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2010/11/05 15:31:22 | 000,002,080 | ---- | M] () -- C:\{EBCE7BC9-F8FC-4A34-9171-B07F085A316A}
[2010/11/05 15:15:51 | 000,340,056 | ---- | M] () -- C:\{9919670D-9503-4A49-97A5-1B508B366DAD}
[2010/11/03 17:14:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/03 13:04:53 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Toby\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/11/02 15:17:53 | 000,002,780 | ---- | M] () -- C:\WINDOWS\System32\OEMINFO.PNF
[2010/11/02 12:11:56 | 000,000,050 | ---- | M] () -- C:\WINDOWS\MegaManager.INI
[2010/10/31 13:08:49 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp03B32.FOT
[2010/10/31 13:08:48 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpC2932.FOT
[2010/10/31 13:08:48 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp6A732.FOT
[2010/10/31 13:08:48 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp00632.FOT
[2010/10/31 13:08:47 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp97432.FOT
[2010/10/31 13:08:47 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp4B232.FOT
[2010/10/31 13:08:46 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpE1132.FOT
[2010/10/31 13:08:46 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp88F22.FOT
[2010/10/31 13:08:46 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp2ED22.FOT
[2010/10/31 13:08:45 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmpC3C22.FOT
[2010/10/31 13:08:45 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp5BA22.FOT
[2010/10/31 13:08:44 | 000,001,409 | ---- | M] () -- C:\WINDOWS\System32\tmp00922.FOT
[2010/10/31 10:15:00 | 000,467,368 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/31 10:15:00 | 000,080,408 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/25 16:45:05 | 003,760,932 | ---- | M] () -- C:\Documents and Settings\Toby\My Documents\11-Vanilla Ninja - Looking For A Hero.mp3
[2010/10/24 22:35:24 | 000,002,552 | ---- | M] () -- C:\{8898A730-E5C9-4081-B7DA-EE971505F29D}
[2010/10/24 22:09:14 | 000,002,552 | ---- | M] () -- C:\{BC0AA8CB-C8C6-48F8-85C5-E2697B0345EB}
[2010/10/23 20:43:57 | 000,002,552 | ---- | M] () -- C:\{D03C1301-8989-4821-8DA8-19A6822AB541}
[2010/10/23 20:10:03 | 000,002,552 | ---- | M] () -- C:\{CD7678C4-B792-42C2-99F1-91561A53E550}
[2010/10/20 15:01:40 | 000,000,880 | ---- | M] () -- C:\{EDBC2425-434A-4665-B2D3-7826C7FD7A1C}
[2010/10/16 19:31:28 | 000,000,880 | ---- | M] () -- C:\{B2850D3C-8220-4A81-8AFC-B15DB95604EF}
[2010/10/14 21:04:41 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/10/14 01:23:43 | 000,305,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 01:05:52 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/09 19:57:01 | 000,085,504 | ---- | C] () -- C:\Documents and Settings\Toby\My Documents\screenshot.doc
[2010/11/07 21:13:24 | 1071,796,224 | -HS- | C] () -- C:\hiberfil.sys
[2010/11/05 15:48:16 | 000,000,722 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2010/11/05 15:31:22 | 000,002,080 | ---- | C] () -- C:\{EBCE7BC9-F8FC-4A34-9171-B07F085A316A}
[2010/11/05 15:26:20 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/11/05 15:15:50 | 000,340,056 | ---- | C] () -- C:\{9919670D-9503-4A49-97A5-1B508B366DAD}
[2010/11/03 13:04:52 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Toby\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2010/10/31 13:08:49 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp03B32.FOT
[2010/10/31 13:08:48 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpC2932.FOT
[2010/10/31 13:08:48 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp6A732.FOT
[2010/10/31 13:08:48 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp00632.FOT
[2010/10/31 13:08:47 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp97432.FOT
[2010/10/31 13:08:47 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp4B232.FOT
[2010/10/31 13:08:46 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpE1132.FOT
[2010/10/31 13:08:46 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp88F22.FOT
[2010/10/31 13:08:46 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp2ED22.FOT
[2010/10/31 13:08:45 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmpC3C22.FOT
[2010/10/31 13:08:45 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp5BA22.FOT
[2010/10/31 13:08:44 | 000,001,409 | ---- | C] () -- C:\WINDOWS\System32\tmp00922.FOT
[2010/10/25 16:44:39 | 003,760,932 | ---- | C] () -- C:\Documents and Settings\Toby\My Documents\11-Vanilla Ninja - Looking For A Hero.mp3
[2010/10/24 22:35:24 | 000,002,552 | ---- | C] () -- C:\{8898A730-E5C9-4081-B7DA-EE971505F29D}
[2010/10/24 22:09:14 | 000,002,552 | ---- | C] () -- C:\{BC0AA8CB-C8C6-48F8-85C5-E2697B0345EB}
[2010/10/23 20:43:57 | 000,002,552 | ---- | C] () -- C:\{D03C1301-8989-4821-8DA8-19A6822AB541}
[2010/10/23 20:10:03 | 000,002,552 | ---- | C] () -- C:\{CD7678C4-B792-42C2-99F1-91561A53E550}
[2010/10/20 15:01:40 | 000,000,880 | ---- | C] () -- C:\{EDBC2425-434A-4665-B2D3-7826C7FD7A1C}
[2010/10/16 19:31:28 | 000,000,880 | ---- | C] () -- C:\{B2850D3C-8220-4A81-8AFC-B15DB95604EF}
[2010/10/11 21:10:56 | 000,003,284 | ---- | C] () -- C:\WINDOWS\System32\ANIWZCS{E8402386-B0D0-4620-ABC3-D773D0D2DA71}
[2010/10/11 21:10:43 | 000,000,007 | ---- | C] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2010/10/11 21:06:04 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{E8402386-B0D0-4620-ABC3-D773D0D2DA71}
[2010/10/11 21:05:35 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\WlanApp.dll
[2010/10/11 21:05:35 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2010/10/11 21:05:04 | 000,016,997 | ---- | C] () -- C:\WINDOWS\System32\ANIO.VXD
[2010/08/31 17:14:47 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI
[2010/05/16 19:11:52 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2010/04/24 18:42:03 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2010/04/12 18:28:16 | 000,000,655 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010/04/12 17:30:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2010/04/10 18:43:47 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/03/03 18:48:41 | 000,000,059 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2010/03/03 18:48:41 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2010/03/03 18:48:41 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2009/12/25 23:25:29 | 000,000,048 | ---- | C] () -- C:\Documents and Settings\Toby\Local Settings\Application Data\73648-88365-27475-00IP7-22847
[2009/12/25 19:16:43 | 000,001,236 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/12/25 19:16:23 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2009/12/24 22:44:28 | 000,001,041 | ---- | C] () -- C:\Documents and Settings\Toby\Application Data\vso_ts_preview.xml
[2009/12/24 22:44:06 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Toby\Application Data\pcouffin.log
[2009/12/24 22:43:56 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Toby\Application Data\inst.exe
[2009/12/24 22:43:55 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Toby\Application Data\pcouffin.cat
[2009/12/24 22:43:55 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Toby\Application Data\pcouffin.inf
[2009/12/24 20:48:57 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Toby\Local Settings\Application Data\fusioncache.dat
[2009/12/23 20:39:49 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/12/23 20:39:49 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\F2A1CEB83F.sys
[2009/12/23 19:10:34 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/12/23 19:10:33 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/12/23 19:10:30 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/12/23 19:10:28 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/12/23 19:10:23 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/23 16:19:17 | 000,131,584 | ---- | C] () -- C:\Documents and Settings\Toby\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/23 13:46:08 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/20 22:23:29 | 000,000,347 | ---- | C] () -- C:\WINDOWS\CTWave32.INI
[2009/12/20 22:23:21 | 000,000,029 | ---- | C] () -- C:\WINDOWS\sfbm.INI
[2009/12/20 21:11:31 | 000,000,165 | ---- | C] () -- C:\WINDOWS\startUp manager.INI
[2009/12/18 08:26:17 | 000,000,072 | ---- | C] () -- C:\WINDOWS\sbwin.ini
[2009/12/18 07:25:28 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/11/06 09:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/01/25 17:31:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2006/02/09 22:22:45 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/02/09 22:15:04 | 000,000,124 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/02/09 22:07:12 | 000,005,811 | ---- | C] () -- C:\WINDOWS\System32\CTSBMB.INI
[2006/02/09 22:03:29 | 000,006,999 | ---- | C] () -- C:\WINDOWS\System32\Sigfilt.ini
[2006/02/09 22:03:29 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2006/02/09 21:47:04 | 001,345,520 | ---- | C] () -- C:\WINDOWS\System32\CTMBHA.DLL
[2006/02/09 21:46:32 | 000,000,402 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/11/10 08:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2010/09/28 00:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/02/09 22:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/04/10 18:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2010/10/07 21:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
[2010/03/28 12:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoldWave
[2010/11/05 15:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/10/09 13:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime
[2010/10/05 20:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2009/12/20 02:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
[2009/12/20 02:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2010/09/30 08:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/10/07 13:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegInOut
[2010/10/30 14:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2009/12/19 10:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/11/07 21:09:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2009/12/20 02:07:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/10/09 14:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/09/29 19:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2006/02/09 22:14:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/01/03 14:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2010/01/30 16:52:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/08/30 15:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoGen
[2010/06/26 23:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/22 11:07:33 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/12/23 16:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/09/29 19:18:08 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/08/10 22:14:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Applied Recognition Inc
[2010/10/22 13:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Azureus
[2010/11/03 16:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\calibre
[2010/04/10 18:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\DAEMON Tools Pro
[2010/08/10 22:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Downloaded Installations
[2009/12/26 00:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\EurekaLog
[2010/08/10 22:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Fotobounce.5A4B2D7CDB401C978E159E6BB968B150A9B58BC9.1
[2010/11/10 01:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Free Download Manager
[2010/01/08 20:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\ImTOO Software Studio
[2009/12/26 00:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\iPod2PC3
[2010/01/06 00:06:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Leadertech
[2010/10/05 20:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Ludia
[2010/11/03 16:07:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Mobipocket
[2010/02/06 15:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Moyea
[2010/03/02 21:13:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\MP3toiPodAudioBookConverter
[2010/10/08 22:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\SeriousBit
[2010/07/07 22:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Softplicity
[2010/01/08 17:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Sytexis Software
[2010/10/11 19:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\TeamViewer
[2010/10/03 14:51:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\TuneUp Software
[2010/11/09 22:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Vso
[2009/12/20 23:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Windows Desktop Search
[2009/12/23 16:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Windows Search
[2010/10/09 16:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Wireshark
[2010/11/03 15:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toby\Application Data\Xilisoft
[2010/10/07 13:02:48 | 000,000,330 | ---- | M] () -- C:\WINDOWS\Tasks\RegInOut Scheduled Scan - Toby.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP