Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

XP Home - boots / runs very slowly, data exchanged w unknown sites


  • This topic is locked This topic is locked

#16
sempai

sempai

    Trusted Helper

  • Malware Removal
  • 785 posts
That's good, please reinstall your anti virus program (AVG) after doing the scan below, I recommend AVAST free and you can try it if you want but make sure to install only one anti virus product at a time.


ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
  • 0

Advertisements


#17
franna

franna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
OK....

When geekstogo loads, there's communication with facebook, twitter, paypal and google analytics - which is probably fine. There's also communication with pixel.quantserve and fbcdn.net - should that be happening?

Also some settings in Firefox were probably reset in ComboFix because there are now all sorts of ads and pop-ups in geeks to go which I never saw before.

From ESET scan (these are probably all things I've downloaded while fixing past issues, haven't had any problems in a long time) but who knows. I'm happy to delete all that stuff if you think it's wise.

Found 5 threats, as follows:

C:\Antivirus and Antispyware\Registry Fix\registryfix-full.exe a variant of Win32/Adware.ErrorClean application
C:\Antivirus and Antispyware\smitfraud fix\SmitfraudFix\SmitfraudFix\Process.exe Win32/PrcView application
C:\Antivirus and Antispyware\smitfraud fix\SmitfraudFix\SmitfraudFix\restart.exe Win32/Shutdown.NAA application
C:\Antivirus and Antispyware\smitRem\Process.exe Win32/PrcView application
C:\Antivirus and Antispyware\smitRem\smitRem.exe Win32/PrcView application

Also, I think I had the checkbox marked to uninstall ESET but it's still on the desktop, I've gone to control panel to remove it but it's not listed there. Should I still re-install AVG now (with ESET still on the desktop)?

Thanks!

Edited by franna, 01 June 2011 - 06:10 AM.

  • 0

#18
sempai

sempai

    Trusted Helper

  • Malware Removal
  • 785 posts

There's also communication with pixel.quantserve and fbcdn.net - should that be happening?

Yes


Also some settings in Firefox were probably reset in ComboFix because there are now all sorts of ads and pop-ups in geeks to go which I never saw before.

Adds will disappear after you sign in, right?


From ESET scan (these are probably all things I've downloaded while fixing past issues, haven't had any problems in a long time) but who knows. I'm happy to delete all that stuff if you think it's wise.

Yes please delete them all specially registryfix-full.exe.


================================


1. Update Adobe Reader so you will not become vulnerable for infections.
  • Uninstall your old version of Adobe Reader.
  • Download the latest version of Adobe Reader. --> HERE
  • Click download to download the file and install it by following the prompts.


2. Microsoft has released the latest upgrades to the XP OS platform, which can be referenced HERE

It is critical to stay up to date with the latest upgrades to your Operating System, as this can help prevent future problems.
Windows XP Service Pack 3 (SP3) includes all previously released updates for the operating system.
I recommend that you visit the link above and apply the SP3 patch.
  • 0

#19
franna

franna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Sorry I was missing yesterday, I got caught up in some family stuff.

I've also noticed communication between geekstogo and kona.kontera as well as skimresources - are those OK too?

I rebooted and for some reason the popups and ads on the site weren't as bad this time to begin with. Yes, they do seem to go away after I sign in.

Can I delete the files that ESET found just by going to C:\Antivirus & Antispyware and deleting the files there, then emptying trash? Or do I need to run ESET again with a different setting and let ESET remove them, or ???

I still haven't re-installed AVG because I'm not sure if I can have it and ESET on the machine at the same time. If I do need to uninstall ESET first, how do I do that? It's not listed in Control Panel so I can't uninstall it from there.

I guess I should delete the files that ESET found first, then deal with re-installing AVG, and finally take care of updating Adobe Reader and downloading the Service Packs, correct?

Thanks again!
  • 0

#20
sempai

sempai

    Trusted Helper

  • Malware Removal
  • 785 posts
Please follow my instructions, I will not advice you to reinstall your anti virus product if I know that it will create a conflict, ESET online scanner does not have a real time protection and can be installed together with any anti virus product.

Did you choose the option "Uninstall application on close" after the completion of ESET scan? If yes then this is the reason why it's no longer listed in the Control Panel Add Remove Program list.


I've also noticed communication between geekstogo and kona.kontera as well as skimresources - are those OK too?

Please create a new topic here and ask any questions related to the site.


Run the below OTL script to delete those files found by ESET.

1. Please reopen OTL on your desktop.
  • Copy and Paste the following code into the Custom Scan/Fixes text box.

    :Files
    C:\Antivirus and Antispyware\Registry Fix\registryfix-full.exe 
    C:\Antivirus and Antispyware\smitfraud fix
    C:\Antivirus and Antispyware\smitRem
    
    :Commands
    [REBOOT] 
    
  • Push the Run Fix button.
  • OTL may ask to reboot the machine. Please do so if asked.
  • A massage box "Fix complete! Click OK to open the fix log." will pop-up.
  • Click the OK button and a report will open.
  • Copy and Paste that report in your next reply.


2. Follow the rest of my instruction as posted on post #18.
  • 0

#21
franna

franna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Good morning, Sempai!

Regarding ESET: Yes, I think I had the uninstall checkbox selected, which would explain why it's no longer in control panel - but it is still on the desktop. I didn't expect that and am not sure how to properly remove it.

I installed the latest AVG and Adobe Reader.

I ran the script in OTL, this is the log:

========== FILES ==========
C:\Antivirus and Antispyware\Registry Fix\registryfix-full.exe moved successfully.
C:\Antivirus and Antispyware\smitfraud fix\SmitfraudFix\SmitfraudFix folder moved successfully.
C:\Antivirus and Antispyware\smitfraud fix\SmitfraudFix folder moved successfully.
C:\Antivirus and Antispyware\smitfraud fix folder moved successfully.
C:\Antivirus and Antispyware\smitRem folder moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.23.0 log created on 06022011_163037


Re downloading Service Pack 3:
As I first noticed/mentioned in post 15, after I ran the script in ComboFix (when the machine hung on reboot and I didn't get a log), the Windows Update function seems to have been disabled.

I went to the Microsoft link you referenced, and tried unsuccessfully to download the service pack through MS Update (at approx 70mb). As an alternative I can get it through the Download Center, but that file will be 580mb and I don't have enough space. I'd need a day or so to move files around.

This is what's happening when I try Windows Update (there's no sign of a problem in Control Panel itself, but the automatic update feature is no longer working):

When I go to update.microsoft.com I get:

Keep your computer up to date
Check to see if you need updates for Windows, your hardware or your devices.
Express Get high-priority updates (recommended)



Click on that and get


Files required to use Windows Update are no longer registered or installed on your computer. To continue:
Register or reinstall the files for me now (Recommended)
Let me read about more steps that might be required to solve the problem


Click on 'register or reinstall' and and get a message that it's downloading and installing the latest updating software, which gets to 100% completed

but then I get ....

[Error number: 0x8007041D]

The website has encountered a problem and cannot display the page you are trying to view. The options provided below might help you solve the problem.
For self-help options:
• Frequently Asked Questions
• Find Solutions
• Windows Update Newsgroup
For assisted support options:
• Microsoft Online Assisted Support (no-cost for Windows Update issues)


So far I haven't been able to solve the problem. I can poke around in the MS FAQ and Solutions areas some more, or go to their online support.

Edited by franna, 03 June 2011 - 07:21 AM.

  • 0

#22
sempai

sempai

    Trusted Helper

  • Malware Removal
  • 785 posts

Regarding ESET: Yes, I think I had the uninstall checkbox selected, which would explain why it's no longer in control panel - but it is still on the desktop. I didn't expect that and am not sure how to properly remove it.

That's just the ESET installer, you can simple right click on it and choose delete.


There's nothing I can do about the SP3 upgrade if you're running out of disk space, how many free disk space do you have left on C:\? This may also be the reason why you can't install other updates.

Are you using Internet explorer when visiting the Microsoft Update site?

When you right click on My Computer > Properties > Automatic Updates, is it set to "Automatic (Recommended)"?
  • 0

#23
franna

franna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Yes, I was using IE on the MS Update site.
My Computer > Properties > Automatic Updates, was set to "Automatic (Recommended)"
For reasons that are a mystery to me, when I rebooted again this morning the Updates icon and alert re-appeared, so I'll try downloading the updates/SP3 again. Will let you know what happens.
Will also look around for stuff to delete to free up some space. I'm sure I have a bunch of old antivirus/antispyware utilities I no longer need, among other things.

Edited by franna, 04 June 2011 - 10:01 AM.

  • 0

#24
sempai

sempai

    Trusted Helper

  • Malware Removal
  • 785 posts
:)
  • 0

#25
franna

franna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Not great news. The SP3 install seemed to be going really slowly from the beginning, has been running for several hours, and seems to have hung on the "performing cleanup" step (from the progress bar, it looks like the installation process is about 85-90% completed).

I'll let it sit for several hours more (I have to leave the house for most of the day anyway) and see if it eventually completes. If nothing changes when I return many hours from now, should I hit cancel and reboot?

If I can get back to the stage I was at before I started the download, I'll free up some more space. Maybe that's still the problem.

I'm back on the Win98 laptop now to access the web. I have another XP laptop that suffered a browser hijack (on IE) over a year ago. I was working 60+ hours a week and didn't have time to take care of the problem, so I just stopped using it. Maybe I should start another thread and take care of that, too - because being limited to the Win98 machine is not a good thing. Also, that XP laptop is by far the newest/best piece of hardware of the bunch. The machine we've been working on fixing was my backup machine, until it became my primary (when the XP laptop went down).

I regret dropping the ball with all this, I should know better. *sigh*
  • 0

Advertisements


#26
franna

franna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
OK, so I let the installation run for more than 12 more hours, and nothing changed. I hit cancel and the installation window now says it's cancelling updates but still seems to be hanging in the same place.

I'll go to sleep and see if there's a change by morning, but I'm not optimistic.

When I go to the "start" menu to try and reboot by clicking on "turn off computer" and then "restart", I see that the "restart" option is no longer there. My only two choices are "switch user" or "log off" ... or pressing the power button for a "hard reboot."

What do you think is the best option?

Thanks!
  • 0

#27
sempai

sempai

    Trusted Helper

  • Malware Removal
  • 785 posts
Did you free some disk space before updating?

There are two more options to install SP3.

1.) You can download the .iso version and burn it on a CD.
http://www.microsoft...50-fe22559d164e

2.) Or Download this version.
http://www.microsoft...ckInfoContainer

You can try any of the two.
  • 0

#28
franna

franna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Yes, I did free some space before updating but it's possible that I didn't free enough.

Anyway, I logged off windows and then did a "hard" reboot.

After a number of very worrying screens saying variations of "WindowsXP - please wait", the machine booted. Service Pack 3 did apparently install. I'm not sure if it installed 100% properly, or if there is no such thing (meaning maybe it either is or is not installed, and there's no such thing as an improper install?) - but:

My Computer > Properties says SP3 is installed

On boot up, I got 2 DOS windows pop up regarding cmd.exe. The first window closed automatically (don't remember what it said), and then the second one listed something like "parameter incorrect" multiple times, I can't remember if it then closed automatically or if I closed it.

So far, the machine seems to be working properly - I can access the web and the one folder I tried which contains MS Word docs opened and I was able to view the docs. I haven't tried anything else yet.

Do you think the cmd.exe thing is a problem? I'm hoping it won't happen on the next reboot.
  • 0

#29
sempai

sempai

    Trusted Helper

  • Malware Removal
  • 785 posts
Nothing to worry about that 2 DOS window, they are part of the SP3 installation. :)

Please run OTL and click the "Quick Scan" button, post the new report for my final review.
  • 0

#30
franna

franna

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
OTL log (I'm surprised there are still a ton of strange hosts listed):

OTL logfile created on: 6/6/2011 11:53:29 AM - Run 4
OTL by OldTimer - Version 3.2.23.0 Folder = F:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

255.54 Mb Total Physical Memory | 130.49 Mb Available Physical Memory | 51.06% Memory free
619.82 Mb Paging File | 268.13 Mb Available in Paging File | 43.26% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS0 | %ProgramFiles% = C:\Program Files
Drive C: | 19.10 Gb Total Space | 0.91 Gb Free Space | 4.74% Space Free | Partition Type: FAT32
Drive D: | 104.96 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 15.01 Gb Total Space | 11.94 Gb Free Space | 79.57% Space Free | Partition Type: FAT32

Computer Name: DESKTOP | User Name: Fran | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/24 09:03:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/04/14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2008/04/13 20:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS0\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/24 09:03:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
MOD - [2008/04/13 20:12:52 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS0\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2005/10/06 18:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)


========== Driver Services (SafeList) ==========

DRV - [2011/04/14 21:28:42 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS0\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS0\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS0\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS0\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS0\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS0\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS0\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS0\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS0\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS0\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2001/08/17 12:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS0\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [2001/08/17 12:10:52 | 000,025,159 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS0\system32\drivers\elnk3.sys -- (ELNK3)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS0\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com"

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/02 17:22:34 | 000,000,000 | ---D | M]

[2007/08/29 07:12:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fran\Application Data\Mozilla\Firefox\Profiles\qqin5puy.default\extensions
[2011/06/02 19:57:16 | 000,000,000 | ---D | M] ("Adblock Plus") -- C:\Documents and Settings\Fran\Application Data\Mozilla\Firefox\Profiles\qqin5puy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2007/08/12 02:26:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/08/12 02:26:02 | 000,000,000 | ---D | M] ("Adblock Plus") -- C:\Program Files\Mozilla Firefox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2007/08/12 02:26:02 | 000,000,000 | ---D | M] ("Adblock Filterset.G Updater") -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2006/04/14 16:47:08 | 000,165,992 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2006/04/14 16:47:08 | 000,060,518 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2006/04/14 16:47:08 | 000,049,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2006/01/02 11:15:46 | 001,312,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
[2006/03/09 11:49:24 | 000,001,076 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.gif
[2006/03/09 11:49:24 | 000,000,718 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.src
[2006/03/06 10:23:02 | 000,000,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.png
[2006/04/14 16:48:08 | 000,001,081 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.src
[2006/03/19 08:50:02 | 000,001,019 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Wiktionary.png
[2006/03/19 09:15:46 | 000,000,717 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wiktionary.src

O1 HOSTS File: ([2007/09/28 20:39:50 | 000,186,191 | R--- | M]) - C:\WINDOWS0\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 hityou.com
O1 - Hosts: 127.0.0.1 www.hityou.com
O1 - Hosts: 127.0.0.1 180searchassistant.com
O1 - Hosts: 127.0.0.1 www.180searchassistant.com
O1 - Hosts: 127.0.0.1 180solutions.com
O1 - Hosts: 127.0.0.1 www.180solutions.com
O1 - Hosts: 127.0.0.1 bis.180solutions.com
O1 - Hosts: 127.0.0.1 config.180solutions.com
O1 - Hosts: 127.0.0.1 cts.180solutions.com
O1 - Hosts: 127.0.0.1 downloads.180solutions.com
O1 - Hosts: 127.0.0.1 installs.180solutions.com
O1 - Hosts: 127.0.0.1 nowhere.180solutions.com
O1 - Hosts: 127.0.0.1 ping.180solutions.com
O1 - Hosts: 127.0.0.1 tv.180solutions.com
O1 - Hosts: 127.0.0.1 uploads.180solutions.com
O1 - Hosts: 127.0.0.1 public.zangocash.com
O1 - Hosts: 127.0.0.1 www.public.zangocash.com
O1 - Hosts: 127.0.0.1 static.zangocash.com
O1 - Hosts: 127.0.0.1 www.static.zangocash.com
O1 - Hosts: 127.0.0.1 www.zangocash.com
O1 - Hosts: 127.0.0.1 zangocash.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 2search.com
O1 - Hosts: 6607 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (ElnkPubBHO Class) - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\New Earthlink Total Mailbox\EarthLink MailBox\Toolbar\ElnkPub.dll (EarthLink, Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Antivirus and Antispyware\Spybot Search and Destroy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ElnkProtectionBHO Class) - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\New Earthlink Total Mailbox\EarthLink MailBox\Toolbar\ProtctIE.dll (EarthLink, Inc.)
O2 - BHO: (ElnkLegacyUninstBHO Class) - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\New Earthlink Total Mailbox\EarthLink MailBox\Toolbar\uninsttb.dll (EarthLink, Inc.)
O3 - HKLM\..\Toolbar: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\New Earthlink Total Mailbox\EarthLink MailBox\Toolbar\Toolbar.dll (EarthLink, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EarthLink Toolbar) - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\New Earthlink Total Mailbox\EarthLink MailBox\Toolbar\Toolbar.dll (EarthLink, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS0\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS0\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: EarthLink Google Search - C:\New Earthlink Total Mailbox\EarthLink MailBox\Toolbar\SearchUI.dll (EarthLink, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Antivirus and Antispyware\Spybot Search and Destroy\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.micr...922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS0\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS0\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS0\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/12 03:22:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/06 09:39:09 | 000,000,000 | ---D | C] -- C:\WINDOWS0\Prefetch
[2011/06/05 06:52:54 | 000,000,000 | ---D | C] -- C:\WINDOWS0\System32\en-us
[2011/06/05 06:52:45 | 000,000,000 | ---D | C] -- C:\WINDOWS0\System32\scripting
[2011/06/05 06:52:42 | 000,000,000 | ---D | C] -- C:\WINDOWS0\l2schemas
[2011/06/05 06:52:36 | 000,000,000 | ---D | C] -- C:\WINDOWS0\System32\bits
[2011/06/05 06:24:40 | 000,000,000 | ---D | C] -- C:\WINDOWS0\network diagnostic
[2011/06/05 06:18:05 | 000,000,000 | ---D | C] -- C:\WINDOWS0\System32\ReinstallBackups
[2011/06/05 06:02:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS0\$NtServicePackUninstall$
[2011/06/05 06:02:05 | 000,000,000 | ---D | C] -- C:\WINDOWS0\EHome
[2011/06/04 14:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\Windows Genuine Advantage
[2011/06/03 18:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Desktop\Conflicts Forms
[2011/06/02 20:21:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Local Settings\Application Data\Temp
[2011/06/02 20:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\Adobe
[2011/06/02 20:05:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/06/02 18:25:25 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/06/02 17:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/06/02 17:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Application Data\AVG10
[2011/06/02 17:28:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS0\Start Menu\Programs\AVG 2011
[2011/06/02 17:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\AVG10
[2011/06/02 17:22:10 | 000,000,000 | ---D | C] -- C:\WINDOWS0\System32\drivers\AVG
[2011/06/02 17:08:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\Common Files
[2011/06/02 17:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\MFAData
[2011/05/31 11:13:49 | 002,322,184 | ---- | C] (ESET) -- C:\Documents and Settings\Fran\Desktop\esetsmartinstaller_enu.exe
[2011/05/30 11:44:11 | 000,000,000 | ---D | C] -- C:\WINDOWS0\temp
[2011/05/30 11:32:30 | 000,000,000 | -HSD | C] -- C:\Recycled
[2011/05/30 11:32:02 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/05/30 10:05:10 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/05/30 10:02:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS0\SWREG.exe
[2011/05/30 10:02:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS0\SWSC.exe
[2011/05/30 10:02:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS0\SWXCACLS.exe
[2011/05/30 10:02:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS0\NIRCMD.exe
[2011/05/30 10:02:32 | 000,000,000 | ---D | C] -- C:\WINDOWS0\ERDNT
[2011/05/30 10:02:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Fran\Start Menu\Programs\Administrative Tools
[2011/05/30 09:54:17 | 004,107,223 | R--- | C] (Swearware) -- C:\Documents and Settings\Fran\Desktop\ComboFix.exe
[2011/05/29 09:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fran\Application Data\Malwarebytes
[2011/05/29 09:45:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS0\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/29 09:45:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS0\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\Malwarebytes
[2011/05/29 09:44:40 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS0\System32\drivers\mbam.sys
[2004/04/05 08:44:22 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS0\System32\RCCOLLAB.DLL
[5 C:\WINDOWS0\*.tmp files -> C:\WINDOWS0\*.tmp -> ]
[1 C:\WINDOWS0\System32\*.tmp files -> C:\WINDOWS0\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/06 09:47:32 | 000,054,156 | -H-- | M] () -- C:\WINDOWS0\QTFont.qfn
[2011/06/06 09:45:30 | 000,311,604 | ---- | M] () -- C:\WINDOWS0\System32\perfh009.dat
[2011/06/06 09:45:30 | 000,039,992 | ---- | M] () -- C:\WINDOWS0\System32\perfc009.dat
[2011/06/06 09:44:56 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\Fran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/06 09:41:46 | 000,013,646 | ---- | M] () -- C:\WINDOWS0\System32\wpa.dbl
[2011/06/06 09:41:16 | 000,316,640 | ---- | M] () -- C:\WINDOWS0\WMSysPr9.prx
[2011/06/06 09:38:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS0\bootstat.dat
[2011/06/06 09:38:30 | 000,111,784 | ---- | M] () -- C:\WINDOWS0\System32\FNTCACHE.DAT
[2011/06/06 09:38:28 | 268,017,664 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/05 10:30:44 | 117,270,103 | ---- | M] () -- C:\WINDOWS0\System32\drivers\AVG\incavi.avm
[2011/06/05 06:21:46 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/06/03 18:50:46 | 000,000,069 | ---- | M] () -- C:\WINDOWS0\NeroDigital.ini
[2011/06/02 20:24:54 | 000,002,157 | ---- | M] () -- C:\Documents and Settings\Fran\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/06/02 20:13:46 | 000,001,647 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS0\Desktop\Adobe Reader X.lnk
[2011/06/02 17:28:58 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS0\Desktop\AVG 2011.lnk
[2011/05/31 20:43:14 | 000,000,284 | ---- | M] () -- C:\WINDOWS0\tasks\AppleSoftwareUpdate.job
[2011/05/31 11:14:20 | 002,322,184 | ---- | M] (ESET) -- C:\Documents and Settings\Fran\Desktop\esetsmartinstaller_enu.exe
[2011/05/30 10:05:16 | 000,000,329 | RHS- | M] () -- C:\boot.ini
[2011/05/30 09:53:44 | 004,107,223 | R--- | M] (Swearware) -- C:\Documents and Settings\Fran\Desktop\ComboFix.exe
[2011/05/29 09:45:06 | 000,000,446 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS0\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/22 11:39:04 | 000,001,744 | ---- | M] () -- C:\WINDOWS0\System32\d3d9caps.dat
[2011/05/21 20:34:12 | 000,168,283 | ---- | M] () -- C:\Documents and Settings\Fran\Desktop\antiangiogenic.jpg
[5 C:\WINDOWS0\*.tmp files -> C:\WINDOWS0\*.tmp -> ]
[1 C:\WINDOWS0\System32\*.tmp files -> C:\WINDOWS0\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/06 09:44:55 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\Fran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/06 09:44:50 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Fran\Start Menu\Programs\Internet Explorer.lnk
[2011/06/05 10:30:43 | 117,270,103 | ---- | C] () -- C:\WINDOWS0\System32\drivers\AVG\incavi.avm
[2011/06/02 20:13:41 | 000,001,647 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS0\Desktop\Adobe Reader X.lnk
[2011/06/02 20:13:32 | 000,001,806 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS0\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/02 17:28:57 | 000,000,601 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS0\Desktop\AVG 2011.lnk
[2011/05/30 10:05:13 | 000,000,215 | ---- | C] () -- C:\Boot.bak
[2011/05/30 10:05:11 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/30 10:02:41 | 000,256,512 | ---- | C] () -- C:\WINDOWS0\PEV.exe
[2011/05/30 10:02:41 | 000,208,896 | ---- | C] () -- C:\WINDOWS0\MBR.exe
[2011/05/30 10:02:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS0\sed.exe
[2011/05/30 10:02:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS0\grep.exe
[2011/05/30 10:02:41 | 000,068,096 | ---- | C] () -- C:\WINDOWS0\zip.exe
[2011/05/29 09:45:04 | 000,000,446 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS0\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/21 20:34:08 | 000,168,283 | ---- | C] () -- C:\Documents and Settings\Fran\Desktop\antiangiogenic.jpg
[2010/05/17 17:54:39 | 000,000,054 | ---- | C] () -- C:\WINDOWS0\System32\rp_stats.dat
[2010/05/17 17:54:39 | 000,000,039 | ---- | C] () -- C:\WINDOWS0\System32\rp_rules.dat
[2009/01/04 19:28:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS0\NeroDigital.ini
[2008/04/01 22:22:33 | 000,000,720 | ---- | C] () -- C:\WINDOWS0\mozver.dat
[2007/10/27 18:27:21 | 000,000,379 | ---- | C] () -- C:\WINDOWS0\ODBC.INI
[2007/10/02 22:03:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS0\WinInit.Ini
[2007/09/29 10:04:43 | 000,001,744 | ---- | C] () -- C:\WINDOWS0\System32\d3d9caps.dat
[2007/08/29 07:12:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS0\nsreg.dat
[2007/08/28 23:15:44 | 000,048,640 | ---- | C] () -- C:\Documents and Settings\Fran\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/18 16:08:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS0\bootstat.dat
[2007/08/18 16:00:25 | 000,021,640 | ---- | C] () -- C:\WINDOWS0\System32\emptyregdb.dat
[2007/08/18 13:45:34 | 000,004,205 | ---- | C] () -- C:\WINDOWS0\ODBCINST.INI
[2007/08/18 13:41:45 | 000,111,784 | ---- | C] () -- C:\WINDOWS0\System32\FNTCACHE.DAT
[2004/08/04 01:07:22 | 000,001,804 | ---- | C] () -- C:\WINDOWS0\System32\Dcache.bin
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS0\System32\secupd.dat
[2003/03/31 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS0\System32\oembios.bin
[2003/03/31 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS0\System32\mlang.dat
[2003/03/31 08:00:00 | 000,311,604 | ---- | C] () -- C:\WINDOWS0\System32\perfh009.dat
[2003/03/31 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS0\System32\perfi009.dat
[2003/03/31 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS0\System32\dssec.dat
[2003/03/31 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS0\System32\mib.bin
[2003/03/31 08:00:00 | 000,039,992 | ---- | C] () -- C:\WINDOWS0\System32\perfc009.dat
[2003/03/31 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS0\System32\perfd009.dat
[2003/03/31 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS0\System32\oembios.dat
[2003/03/31 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS0\System32\noise.dat
[2002/03/13 15:46:46 | 000,053,248 | R--- | C] () -- C:\WINDOWS0\System32\zlib.dll

========== LOP Check ==========

[2007/09/23 23:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\Grisoft
[2011/06/02 17:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\MFAData
[2011/06/02 17:08:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\Common Files
[2011/06/02 17:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\AVG10
[2007/10/01 22:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\EarthLink
[2009/06/01 20:56:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS0\Application Data\CanonBJ
[2007/09/28 12:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Application Data\Earthlink
[2007/09/28 13:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Application Data\EarthLink Toolbar
[2007/10/27 20:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Application Data\Canon
[2011/06/02 17:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fran\Application Data\AVG10

========== Purity Check ==========



< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP