Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Possible suspected PDFCreator Problem

Started by cdaarch , Dec 04 2010 09:10 PM

  • Please log in to reply

#1
cdaarch
Posted 04 December 2010 - 09:10 PM

cdaarch

    Member

  • Member
  • PipPip
  • 36 posts
OTL logfile created on: 04/12/2010 10:58:10 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Linda\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00002C09 | Country: Trinidad and Tobago | Language: ENT | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 35.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.69 Gb Total Space | 243.73 Gb Free Space | 54.08% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 6.38 Gb Free Space | 42.51% Space Free | Partition Type: NTFS

Computer Name: LINDA-PC | User Name: Linda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found -- Q:\140062.enu\Office14\ONENOTEM.EXE
PRC - [2010/12/04 22:57:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Linda\Downloads\OTL.exe
PRC - [2010/11/30 19:02:35 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\Linda\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010/11/17 20:45:20 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010/11/17 20:44:17 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\games\Steam\Steam.exe
PRC - [2010/10/28 18:45:28 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/28 18:45:26 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/10/25 15:13:42 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/08/09 18:21:54 | 001,873,336 | ---- | M] (Code Systems Corporation) -- C:\Users\Linda\AppData\Local\Spoon\3.22.0.1\Spoon-Sandbox.exe
PRC - [2010/05/03 04:20:00 | 006,872,976 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
PRC - [2010/05/03 04:20:00 | 002,065,296 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2009/07/07 10:23:00 | 001,779,952 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/06/17 07:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009/04/17 10:17:02 | 000,636,144 | ---- | M] (SoftThinks) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2009/04/13 09:50:14 | 000,497,496 | ---- | M] (Dell Inc.) -- C:\Program Files (x86)\Dell Remote Access\ezi_ra.exe
PRC - [2009/04/13 09:48:12 | 000,828,656 | ---- | M] (Dell Inc.) -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
PRC - [2009/02/09 09:34:32 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
PRC - [2009/02/04 21:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2008/12/18 14:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/12/18 00:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/11/12 19:59:30 | 001,122,304 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2008/10/24 11:44:34 | 000,872,448 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2008/07/20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/07/20 17:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/07/09 23:07:00 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe


========== Modules (SafeList) ==========

MOD - [2010/12/04 22:57:03 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Linda\Downloads\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/10/17 18:43:02 | 000,099,048 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/30 14:39:24 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/03/13 02:24:10 | 000,949,760 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2009/02/24 05:12:04 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/12/18 14:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/29 16:17:19 | 003,020,376 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_5632d69.dll -- (Akamai)
SRV - [2010/11/17 20:45:20 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/05/03 04:20:00 | 002,065,296 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/04/17 10:17:02 | 000,636,144 | ---- | M] (SoftThinks) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2009/04/13 09:48:12 | 000,828,656 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010/10/17 18:42:58 | 000,145,512 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/04/24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/12/17 18:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/09 17:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VClone.sys -- (VClone)
DRV:64bit: - [2009/03/13 04:25:56 | 005,265,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2009/03/13 04:25:56 | 005,265,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/12/18 01:43:24 | 000,062,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/12/15 04:37:38 | 000,098,144 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2008/12/15 01:09:30 | 000,174,592 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/12/11 04:58:54 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/06/18 17:48:54 | 000,029,184 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\packet.sys -- (Packet)
DRV:64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 22:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/11/14 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2008/06/17 12:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\WINDOWS\SysWOW64\drivers\packet.sys -- (Packet)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 62 F6 A4 53 71 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..extensions.enabledItems: [email protected]:1.54
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://search.yahoo....type=302398&p="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2010/11/15 07:30:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/16 02:06:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/16 02:06:48 | 000,000,000 | ---D | M]

[2010/06/28 22:05:32 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Mozilla\Extensions
[2010/11/28 19:58:56 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\tqbe26he.default\extensions
[2010/07/20 21:25:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\tqbe26he.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/03 13:39:24 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\tqbe26he.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/20 22:23:20 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\tqbe26he.default\extensions\[email protected]
[2010/07/20 22:23:46 | 000,001,492 | ---- | M] () -- C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\tqbe26he.default\searchplugins\web-search-powered-by-google.xml
[2010/11/10 17:27:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/07 12:42:31 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/29 08:45:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/24 02:29:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/03 06:28:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/11/10 22:03:49 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

O1 HOSTS File: ([2010/09/29 20:02:51 | 000,000,859 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2 - BHO: (no name) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WPCUMI] C:\Windows\SysNative\WpcUmi.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe File not found
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe File not found
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKCU..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKCU..\Run: [Steam] C:\Games\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
O4 - Startup: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.22.lnk = C:\Users\Linda\AppData\Local\Spoon\3.22.0.1\Spoon-Sandbox-Native.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{57ed01ec-8373-11df-b612-0023aee73afb}\Shell - "" = AutoRun
O33 - MountPoints2\{57ed01ec-8373-11df-b612-0023aee73afb}\Shell\AutoRun\command - "" = K:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/01 04:19:08 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\My
[2010/11/28 20:19:43 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\My Kingston CDAG Office Back Up
[2010/11/27 23:22:06 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\My ME
[2010/11/27 19:01:59 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\My Projects - Interior Architecture
[2010/11/27 19:01:35 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\My Projects - Architecture
[2010/11/27 18:53:17 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\My Web Marketing
[2010/11/27 18:41:42 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\My Programs to Install
[2010/11/23 13:44:10 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\IGC
[2010/11/23 13:44:09 | 000,000,000 | ---D | C] -- C:\Users\Linda\IGC
[2010/11/23 13:42:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IGC
[2010/11/23 13:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2010/11/23 12:34:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/11/16 09:26:34 | 000,000,000 | ---D | C] -- C:\CDAG
[2010/11/16 03:11:17 | 000,000,000 | ---D | C] -- C:\Users\Linda\Graphisoft
[2010/11/16 03:11:17 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Graphisoft
[2010/11/16 03:11:17 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Local\Graphisoft
[2010/11/16 03:06:24 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\Print Styles
[2010/11/16 03:06:24 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\Color Books
[2010/11/16 03:01:03 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Local\Xenocode
[2010/11/16 03:01:03 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Local\Spoon
[2010/11/16 02:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\WIBU-SYSTEMS
[2010/11/16 02:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\CodeMeter
[2010/11/16 02:07:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CodeMeter
[2010/11/16 02:06:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/11/16 02:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/11/16 02:05:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010/11/16 02:05:37 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Local\Apple
[2010/11/16 02:05:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/11/16 02:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/11/16 02:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Graphisoft Shared
[2010/11/16 02:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\Graphisoft
[2010/11/16 01:17:18 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\Chief Architect Premier X3 Trial Version Data
[2010/11/16 01:16:29 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Chief Architect Premier X3 Trial Version
[2010/11/16 01:15:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chief Architect
[2010/11/16 01:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Chief Architect Premier X3 Trial Version
[2010/11/16 01:05:54 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\Downloads
[2010/11/16 01:05:47 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\GetRightToGo
[2010/11/16 00:16:13 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Google
[2010/11/15 07:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2010/11/10 22:05:28 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Foxit Software
[2010/11/10 22:03:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2010/11/10 15:58:38 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Local\PackageAware
[2010/11/08 01:01:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/11/07 12:43:48 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\skypePM
[2010/11/07 12:42:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/11/07 12:42:02 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/11/07 12:42:01 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Skype
[2010/11/07 12:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

========== Files - Modified Within 30 Days ==========

[2010/12/04 22:59:59 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{65F0C81B-413D-4BFF-85B9-695CBD604716}.job
[2010/12/04 22:40:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/04 22:26:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2338955765-3492591456-2483999292-1001UA.job
[2010/12/04 22:20:31 | 000,000,632 | RHS- | M] () -- C:\Users\Linda\ntuser.pol
[2010/12/04 22:19:11 | 000,704,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/04 22:19:11 | 000,609,814 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/04 22:19:11 | 000,109,250 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/04 22:14:42 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/04 22:13:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 22:13:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 22:13:14 | 000,285,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/12/04 22:13:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/04 21:11:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2338955765-3492591456-2483999292-1000UA.job
[2010/12/04 18:11:16 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2338955765-3492591456-2483999292-1000Core.job
[2010/12/04 11:26:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2338955765-3492591456-2483999292-1001Core.job
[2010/12/03 15:12:33 | 000,002,006 | ---- | M] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/03 15:12:32 | 000,002,044 | ---- | M] () -- C:\Users\Linda\Desktop\Google Chrome.lnk
[2010/11/27 23:32:41 | 000,009,216 | ---- | M] () -- C:\Users\Linda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/25 18:43:39 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2010/11/23 13:42:22 | 000,001,605 | ---- | M] () -- C:\Users\Public\Desktop\Free DWG Viewer.lnk
[2010/11/18 18:07:50 | 000,003,200 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2010/11/16 03:01:04 | 000,001,009 | ---- | M] () -- C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.22.lnk
[2010/11/16 02:07:57 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Start ArchiCAD 14.lnk
[2010/11/16 02:07:57 | 000,001,014 | ---- | M] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Start ArchiCAD 14.lnk
[2010/11/16 02:07:32 | 000,002,182 | ---- | M] () -- C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk
[2010/11/16 02:06:42 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/11/16 02:03:54 | 000,009,161 | ---- | M] () -- C:\Windows\vpd.properties
[2010/11/16 01:16:13 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Chief Architect Premier X3 Trial Version.lnk
[2010/11/15 07:30:55 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2010/11/14 11:54:23 | 000,000,680 | ---- | M] () -- C:\Users\Linda\AppData\Local\d3d9caps.dat
[2010/11/10 22:04:01 | 000,001,103 | ---- | M] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Phantom.lnk
[2010/11/10 22:04:01 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Phantom.lnk
[2010/11/08 01:01:44 | 355,290,716 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/07 12:43:59 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/11/07 12:42:06 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2010/11/23 13:42:22 | 000,001,605 | ---- | C] () -- C:\Users\Public\Desktop\Free DWG Viewer.lnk
[2010/11/16 03:01:04 | 000,001,009 | ---- | C] () -- C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spoon Sandbox Manager 3.22.lnk
[2010/11/16 02:07:57 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Start ArchiCAD 14.lnk
[2010/11/16 02:07:57 | 000,001,014 | ---- | C] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Start ArchiCAD 14.lnk
[2010/11/16 02:07:32 | 000,002,182 | ---- | C] () -- C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk
[2010/11/16 02:06:42 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/11/16 02:03:54 | 000,009,161 | ---- | C] () -- C:\Windows\vpd.properties
[2010/11/16 01:16:13 | 000,002,342 | ---- | C] () -- C:\Users\Public\Desktop\Chief Architect Premier X3 Trial Version.lnk
[2010/11/15 07:30:55 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2010/11/15 07:25:01 | 000,076,288 | ---- | C] () -- C:\Users\Linda\Desktop\1031.mst
[2010/11/15 07:25:01 | 000,074,752 | ---- | C] () -- C:\Users\Linda\Desktop\1036.mst
[2010/11/15 07:25:01 | 000,003,584 | ---- | C] () -- C:\Users\Linda\Desktop\1033.mst
[2010/11/15 07:25:01 | 000,001,772 | ---- | C] () -- C:\Users\Linda\Desktop\ABCPY.INI
[2010/11/15 07:25:01 | 000,000,347 | ---- | C] () -- C:\Users\Linda\Desktop\Setup.ini
[2010/11/15 07:25:00 | 008,297,472 | ---- | C] () -- C:\Users\Linda\Desktop\AcroPro.msi
[2010/11/10 22:04:01 | 000,001,103 | ---- | C] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Phantom.lnk
[2010/11/10 22:04:01 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Phantom.lnk
[2010/11/08 01:01:44 | 355,290,716 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/11/07 12:43:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/11/07 12:42:06 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/10/17 10:53:12 | 000,000,732 | ---- | C] () -- C:\Users\Linda\AppData\Local\d3d9caps64.dat
[2010/08/25 03:05:30 | 000,000,680 | ---- | C] () -- C:\Users\Linda\AppData\Local\d3d9caps.dat
[2010/08/08 14:05:04 | 000,438,530 | ---- | C] () -- C:\Users\Linda\AppData\Local\dd_vcredistMSI28B5.txt
[2010/08/08 14:05:04 | 000,011,462 | ---- | C] () -- C:\Users\Linda\AppData\Local\dd_vcredistUI28B5.txt
[2010/07/01 08:57:26 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/07/01 08:54:50 | 000,000,233 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010/07/01 08:54:50 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010/07/01 08:51:28 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2010/07/01 08:51:28 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2010/07/01 08:51:25 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2010/07/01 08:51:24 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2010/07/01 08:49:09 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini
[2010/06/30 14:32:17 | 000,012,978 | ---- | C] () -- C:\Users\Linda\AppData\Local\dd_vcredistUI5659.txt
[2010/06/30 14:32:11 | 000,012,978 | ---- | C] () -- C:\Users\Linda\AppData\Local\dd_vcredistUI5646.txt
[2010/06/29 00:26:47 | 000,009,216 | ---- | C] () -- C:\Users\Linda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/28 22:55:55 | 000,713,386 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/28 20:02:57 | 000,003,200 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010/06/28 19:58:44 | 000,001,708 | ---- | C] () -- C:\Users\Linda\AppData\Roaming\wklnhst.dat
[2010/06/28 16:48:01 | 001,783,328 | ---- | C] () -- C:\Users\Linda\AppData\Local\dd_NET_Framework35_x64_MSI21F8.txt
[2010/06/28 16:47:18 | 000,159,642 | ---- | C] () -- C:\Users\Linda\AppData\Local\dd_depcheck_NETFX_EXP_35.txt
[2010/06/28 16:47:05 | 000,378,284 | ---- | C] () -- C:\Users\Linda\AppData\Local\dd_dotnetfx35install.txt
[2010/06/28 16:47:05 | 000,019,312 | ---- | C] () -- C:\Users\Linda\AppData\Local\uxeventlog.txt
[2010/06/28 16:47:05 | 000,000,002 | ---- | C] () -- C:\Users\Linda\AppData\Local\dd_dotnetfx35error.txt
[2010/06/28 12:20:05 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/06/28 12:19:18 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/01 18:59:26 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009/09/01 18:59:26 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

========== LOP Check ==========

[2010/09/08 16:25:46 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Amazon
[2010/08/18 12:01:13 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Autodesk
[2010/11/16 01:23:25 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Chief Architect Premier X3 Trial Version
[2010/10/27 02:34:11 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\FileZilla
[2010/11/10 22:56:57 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Foxit Software
[2010/11/16 01:10:24 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\GetRightToGo
[2010/11/16 03:20:12 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Graphisoft
[2010/11/23 13:44:10 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\IGC
[2010/11/16 02:08:31 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\SoftGrid Client
[2010/06/28 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Template
[2010/09/06 23:18:45 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\TP
[2010/11/03 06:28:46 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Windows Live Writer
[2010/11/16 02:10:00 | 000,032,562 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2010/12/04 22:59:59 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{65F0C81B-413D-4BFF-85B9-695CBD604716}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:5D432CE3

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP