Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Was my computer hacked?


  • Please log in to reply

#1
seelisilus

seelisilus

    Member

  • Member
  • PipPip
  • 14 posts
Just a few days ago as i was surfing the net, i noticed my internet slow down dramatically. I immediately logged off my user account and went to the admin account to do a scan. But after i entered the password and clicked enter, a message appeared and said i cannot access the said account because somebody else is using it. There's a timer on the right side, with 30 seconds on it. I waited for it to finish, then it reset again to 30 seconds and started again. I then clicked ok, and the account opened. But things looked different. There was a Windows Tour, like when you open a new account. Everything else looked the same. I immediately did a system restore and downloaded Malwarebytes and it found and quarantined 132 adwares from mywebsearch and funwebproducts, with 2 TROJAN.VUNDO and TROJAN.BHO and some Hijaker.intl or something. They're still in quarantine and i can post them here for later if you guys want. I'll just delete them all later if you think they're safe to remove. Was system restore the right thing to do? I'm just a basic PC user and don't know much about these things. There are so many questions running in my mind now, like what do i do after deleting all these threats. Do i remove some programs and download and reinstall them again? Do i do the same with my web browsers? It was in October when i noticed my computer slow down just a bit, from the startup to the internet surfing. It was running smoothly before. BTW, i can't access your site earlier with firefox. I used google...Thanks in advance for your help.


OTL logfile created on: 12/14/2010 5:50:11 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\User\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 483.00 Mb Available Physical Memory | 48.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 2 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.54 Gb Total Space | 16.56 Gb Free Space | 44.13% Space Free | Partition Type: NTFS
Drive E: | 36.99 Gb Total Space | 23.44 Gb Free Space | 63.36% Space Free | Partition Type: NTFS

Computer Name: USER-01 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\User\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\User\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll File not found
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe File not found
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (TNaviSrv) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\WINDOWS\system32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (CFSvcs) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)


========== Driver Services (SafeList) ==========

DRV - (hwdatacard) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys File not found
DRV - (CA561) ICatch (VI) -- C:\WINDOWS\System32\Drivers\SPCA561.SYS File not found
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (mf) -- C:\WINDOWS\system32\drivers\mf.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (qcusbser) -- C:\WINDOWS\system32\drivers\cmusbser.sys (Mobile Connector)
DRV - (cmusbser) -- C:\WINDOWS\system32\drivers\cmusbser.sys (Mobile Connector)
DRV - (CAM1690) -- C:\WINDOWS\system32\drivers\cam1690.sys ()
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()
DRV - (tos_sps32) -- C:\WINDOWS\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (RTL8187B) -- C:\WINDOWS\system32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation )
DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ialm) -- C:\WINDOWS\system32\drivers\igxpmp32.sys (Intel Corporation)
DRV - (SWUMX20) Sierra Wireless USB MUX Driver (UMTS20) -- C:\WINDOWS\system32\drivers\swumx20.sys (Sierra Wireless Inc.)
DRV - (SWNC8U20) Sierra Wireless MUX NDIS Driver (UMTS20) -- C:\WINDOWS\system32\drivers\swnc8u20.sys (Sierra Wireless Inc.)
DRV - (swivsp) -- C:\WINDOWS\system32\drivers\swivspnt.sys (Sierra Wireless Inc.)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (tdcmdpst) -- C:\WINDOWS\system32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (cmusbnet) WAN Driver @ 3GPP (6280) -- C:\WINDOWS\system32\drivers\cmusbnet.sys (Cmotech Co., Ltd)
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (NWADI) -- C:\WINDOWS\system32\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (windrvNT) -- C:\WINDOWS\system32\windrvNT.sys ()
DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..keyword.URL: "http://search.yahoo....r=ytff-msgr&p="


FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/12/04 02:39:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/04 02:39:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/04 02:39:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/12/12 05:49:49 | 000,000,000 | ---D | M]

[2008/09/18 06:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2010/12/12 02:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\0xy9zaaz.default\extensions
[2010/12/02 23:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\0xy9zaaz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/02 23:43:41 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\0xy9zaaz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/10/17 20:10:30 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\0xy9zaaz.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/12/12 02:22:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/11 00:39:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2004/08/07 03:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATKHOTKEY] C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 124.106.5.2 124.106.4.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/20 12:35:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/27 14:18:14 | 000,000,090 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{067ff24e-ccff-11de-8386-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{067ff24e-ccff-11de-8386-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{067ff24e-ccff-11de-8386-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{067ff24f-ccff-11de-8386-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{067ff24f-ccff-11de-8386-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{067ff24f-ccff-11de-8386-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{1b393492-498a-11dd-bf35-0016441ef375}\Shell - "" = Autorun
O33 - MountPoints2\{444b973a-b378-11df-85f9-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{444b973a-b378-11df-85f9-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{444b973a-b378-11df-85f9-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{444b973b-b378-11df-85f9-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{444b973b-b378-11df-85f9-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{444b973b-b378-11df-85f9-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{4afa3038-744e-11de-821c-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{4afa3038-744e-11de-821c-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4afa3038-744e-11de-821c-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{4afa3039-744e-11de-821c-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{4afa3039-744e-11de-821c-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4afa3039-744e-11de-821c-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{7087960e-b37b-11df-85fa-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{7087960e-b37b-11df-85fa-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7087960e-b37b-11df-85fa-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{99daf937-cae4-11de-8380-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{99daf937-cae4-11de-8380-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{99daf937-cae4-11de-8380-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{a200b9de-1330-11df-848e-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{a200b9de-1330-11df-848e-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a200b9de-1330-11df-848e-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{a8f85774-d1af-11dd-80d6-c6bf8d70c05b}\Shell\AutoRun\command - "" = F:\.\ShowModem.exe -- File not found
O33 - MountPoints2\{b8a3963a-1a37-11df-84ae-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{b8a3963a-1a37-11df-84ae-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b8a3963a-1a37-11df-84ae-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{b8a3963d-1a37-11df-84ae-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{b8a3963d-1a37-11df-84ae-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b8a3963d-1a37-11df-84ae-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{c5f8be74-7450-11de-821d-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{c5f8be74-7450-11de-821d-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c5f8be74-7450-11de-821d-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{c9fb521e-a72e-11de-82d7-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{c9fb521e-a72e-11de-82d7-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c9fb521e-a72e-11de-82d7-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{c9fb521f-a72e-11de-82d7-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{c9fb521f-a72e-11de-82d7-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c9fb521f-a72e-11de-82d7-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{cf2528f8-ca63-11dd-80c3-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{cf2528f8-ca63-11dd-80c3-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cf2528f8-ca63-11dd-80c3-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{cf252904-ca63-11dd-80c3-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{cf252904-ca63-11dd-80c3-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cf252904-ca63-11dd-80c3-0016441ef375}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{fff0b27c-c9d5-11de-8375-0016441ef375}\Shell - "" = AutoRun
O33 - MountPoints2\{fff0b27c-c9d5-11de-8375-0016441ef375}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fff0b27c-c9d5-11de-8375-0016441ef375}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/12 08:31:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\ESET
[2010/12/12 06:59:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Malwarebytes
[2010/12/12 06:59:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/12 06:59:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/12/12 06:59:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/12 06:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/12 05:49:47 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/12/12 05:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/12/04 02:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/12/04 02:38:04 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/12/04 02:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/12/04 02:37:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/12/04 02:37:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Real
[2010/12/04 02:03:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2010/12/04 02:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/12/04 01:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/12/03 02:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/12/03 02:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/11/29 05:45:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\User\My Documents\My Pictures
[2010/11/29 03:59:34 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/14 17:25:02 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/14 17:17:00 | 000,001,252 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-630328440-725345543-1006UA.job
[2010/12/14 17:05:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/14 17:05:16 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/14 17:05:14 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-630328440-725345543-1006.job
[2010/12/14 17:05:14 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-630328440-725345543-1003.job
[2010/12/14 17:05:13 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-630328440-725345543-1009.job
[2010/12/14 16:33:01 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/12/14 16:31:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/14 16:31:33 | 1064,554,496 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/13 23:00:45 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-630328440-725345543-1006.job
[2010/12/13 21:17:00 | 000,001,200 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-630328440-725345543-1006Core.job
[2010/12/12 06:59:16 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/12 06:59:16 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/12 05:21:44 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-630328440-725345543-1009.job
[2010/12/12 02:23:09 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-630328440-725345543-1003.job
[2010/12/04 02:39:16 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer SP.lnk
[2010/12/04 02:38:04 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/12/04 02:10:58 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Google Chrome.lnk
[2010/12/04 02:10:58 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/26 07:53:57 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010/11/15 04:59:43 | 000,362,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/15 03:23:09 | 000,345,152 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/15 03:23:09 | 000,053,442 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/12 06:59:16 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/12/12 06:59:16 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/12 02:27:04 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-630328440-725345543-1009.job
[2010/12/12 02:27:03 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-630328440-725345543-1009.job
[2010/12/04 23:44:14 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-630328440-725345543-1006.job
[2010/12/04 23:44:13 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-630328440-725345543-1006.job
[2010/12/04 02:39:18 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-630328440-725345543-1003.job
[2010/12/04 02:39:18 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-630328440-725345543-1003.job
[2010/12/04 02:39:16 | 000,000,929 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer SP.lnk
[2010/12/04 02:10:58 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Google Chrome.lnk
[2010/12/04 02:10:58 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/04 02:09:50 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/04 02:09:50 | 000,000,878 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/04 02:03:04 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/11/14 21:12:58 | 000,001,252 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-630328440-725345543-1006UA.job
[2010/11/14 21:12:58 | 000,001,200 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-630328440-725345543-1006Core.job
[2010/04/17 20:18:12 | 000,005,041 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/04/17 20:17:53 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009/11/04 21:06:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSBrow.INI
[2008/12/01 20:43:58 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008/12/01 20:42:06 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/10/22 15:32:40 | 000,035,363 | ---- | C] () -- C:\WINDOWS\System32\windrvNT.sys
[2008/10/22 15:32:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\suppdll.dll
[2008/10/13 09:52:34 | 000,387,381 | ---- | C] () -- C:\Documents and Settings\User\Application Data\NMM-MetaData.db
[2008/09/23 11:05:22 | 000,000,156 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008/09/23 11:04:45 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2008/04/21 22:13:56 | 000,000,127 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2008/04/18 08:43:28 | 000,124,928 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/07 15:39:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ToDisc.INI
[2008/01/20 17:58:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/01/13 19:16:24 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/12/22 17:56:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2007/12/22 13:21:12 | 000,005,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2007/12/20 20:29:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/12/20 13:37:51 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/12/20 13:37:50 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/12/20 13:37:50 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/12/20 13:37:50 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/12/20 13:37:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/12/20 13:37:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/12/20 13:23:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4833.dll
[2007/12/20 13:23:14 | 000,910,464 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007/12/20 13:20:02 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2007/12/20 13:20:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2007/12/20 13:20:02 | 000,010,150 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2007/12/20 13:20:02 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2007/12/20 13:16:07 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2007/09/20 18:03:46 | 000,177,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\cam1690.sys
[2007/09/19 21:11:52 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\cam1690.dll
[2006/11/01 14:54:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/11/01 14:52:38 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/06/02 06:10:25 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/06/02 06:06:32 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/05/26 21:29:14 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2005/12/27 16:17:32 | 000,122,939 | ---- | C] () -- C:\WINDOWS\System32\perf32.ini
[2005/06/16 16:15:34 | 000,327,680 | ---- | C] () -- C:\WINDOWS\System32\QFClient2.dll
[2003/05/15 14:39:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2002/05/15 12:58:38 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\v2k2_dec.dll

========== LOP Check ==========

[2009/03/24 16:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\10015
[2009/03/24 16:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\channels
[2010/09/01 12:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010/12/12 05:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/08/07 20:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2008/01/20 14:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Novatel Wireless
[2008/10/13 08:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/10/09 08:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Storm
[2007/12/20 13:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TOSHIBA
[2007/12/20 13:37:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/11/29 03:59:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2009/05/02 12:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/09/01 22:03:37 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\User\Application Data\.#
[2008/10/07 17:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Application Data
[2008/07/28 18:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\cald3
[2008/07/28 18:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\cepd17
[2008/05/11 20:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ChessBase
[2009/02/25 21:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Datalayer
[2010/04/22 06:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Image Zone Express
[2008/01/20 14:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Kingston
[2009/04/02 22:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2009/07/17 16:49:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Magic Academy
[2008/10/13 08:43:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Nokia
[2008/10/13 08:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Nokia Multimedia Player
[2008/10/13 08:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\PC Suite
[2010/09/01 12:17:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Samsung
[2008/01/26 18:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Sierra Wireless
[2010/09/09 14:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Tific
[2008/05/25 14:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TOSHIBA
[2008/02/24 21:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ulead Systems

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP