[rldt1]

Hi,

I cannot enable Security Center in Windows 7 Ultimate 32 bit, or to enable my anti-virus which is Microsoft Security Essentials. I have run Rkill followed by MBAM and Superantispyware and removed what they found, but the problem persists. I can't do a system restore either.
My OTL report follows, can you help me please?

OTL logfile created on: 6/24/2011 12:19:07 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\OzsubasiRob\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 1.11 Gb Available Physical Memory | 55.66% Memory free
3.98 Gb Paging File | 2.89 Gb Available in Paging File | 72.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99.18 Gb Total Space | 62.83 Gb Free Space | 63.35% Space Free | Partition Type: NTFS
Drive D: | 49.48 Gb Total Space | 37.01 Gb Free Space | 74.79% Space Free | Partition Type: NTFS

Computer Name: OZSUBASIROB-PC | User Name: OzsubasiRob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\OzsubasiRob\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)
PRC - C:\Program Files\Expat Shield\bin\openvpntray.exe ()
PRC - C:\Program Files\Expat Shield\bin\openvpnas.exe ()
PRC - C:\Program Files\Expat Shield\bin\hsswd.exe ()
PRC - C:\Program Files\Expat Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
PRC - C:\Program Files\Wuala Dokan\mounter.exe ()
PRC - C:\Program Files\Visual Web Ripper\WebRipperService.exe (Sequentum)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\OzsubasiRob\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (ExpatTrayService) -- C:\Program Files\Expat Shield\bin\ExpatTrayService.exe ()
SRV - (ExpatShieldService) -- C:\Program Files\Expat Shield\bin\openvpnas.exe ()
SRV - (ExpatWd) -- C:\Program Files\Expat Shield\bin\hsswd.exe ()
SRV - (ExpatSrv) -- C:\Program Files\Expat Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (wDokanMounter) -- C:\Program Files\Wuala Dokan\mounter.exe ()
SRV - (VisualWebRipper) -- C:\Program Files\Visual Web Ripper\WebRipperService.exe (Sequentum)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)


========== Driver Services (SafeList) ==========

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (FNETTBOH) -- C:\Windows\System32\drivers\FNETTBOH.SYS (FNet Co., Ltd.)
DRV - (FNETURPX) -- C:\Windows\System32\drivers\FNETURPX.SYS (FNet Co., Ltd.)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (SmartDefragDriver) -- C:\Windows\System32\Drivers\SmartDefragDriver.sys ()
DRV - (cbfs3) -- C:\Windows\System32\drivers\cbfs3.sys (EldoS Corporation)
DRV - (vmbus) -- C:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (HssDrv) -- C:\Windows\System32\drivers\HssDrv.sys (AnchorFree Inc.)
DRV - (wDokan) -- C:\Windows\System32\drivers\wdokan.sys ()
DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys ()
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (GenericMount) -- C:\Windows\System32\drivers\GenericMount.sys (Symantec Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (ftvsport) -- C:\Windows\System32\drivers\ftvsport.sys (FabulaTech)
DRV - (ftvspenum) -- C:\Windows\System32\drivers\ftvspenum.sys (FabulaTech)
DRV - (ndiszapu) -- C:\Windows\System32\drivers\ndiszapu.sys (IPortent LTD)
DRV - (mpfilt) -- C:\Windows\System32\drivers\mpfilt.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/intl/en/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Avanquest App'-Anwendungsleiste Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...3DF&PC=DCF3&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=642886"
FF - prefs.js..browser.search.selectedEngine: "Web Search (powered by Google)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/intl/en/"
FF - prefs.js..extensions.enabledItems: {cda6db95-6aab-414b-803c-40cf34f589b5}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110316W
FF - prefs.js..extensions.enabledItems: [email protected]:2.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.8.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.11
FF - prefs.js..extensions.enabledItems: {317B5128-0B0B-49b2-B2DB-1E7560E16C74}:2.7.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: [email protected]:4.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18
FF - prefs.js..keyword.URL: "http://search.toolba...Ed1o5vZ00O9&q="
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/21 16:43:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/22 17:45:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/22 17:44:36 | 000,000,000 | ---D | M]

[2011/06/23 12:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Extensions
[2011/03/05 14:13:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/12/15 18:23:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2010/06/08 18:25:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/06/23 12:04:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Extensions\[email protected]
[2011/06/23 12:24:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions
[2011/05/16 12:16:40 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011/05/09 17:18:25 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/05/24 18:01:14 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011/03/26 18:49:52 | 000,000,000 | ---D | M] (AllowClipboard Helper) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\{cda6db95-6aab-414b-803c-40cf34f589b5}
[2011/05/14 09:24:14 | 000,000,000 | ---D | M] ("RankChecker") -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\[email protected]
[2011/05/14 09:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\[email protected]
[2011/05/14 09:25:59 | 000,000,000 | ---D | M] ("SEO For Firefox") -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\[email protected]
[2011/06/18 14:15:12 | 000,000,000 | ---D | M] ("Seo Toolbar") -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\[email protected]
[2011/06/21 11:50:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\staged-xpis
[2011/06/21 11:50:50 | 000,000,000 | ---D | M] ("Alexa Toolbar") -- C:\Users\OzsubasiRob\AppData\Roaming\mozilla\Firefox\Profiles\4cxsmvkl.default\extensions\[email protected]
[2010/10/02 15:48:32 | 000,001,832 | ---- | M] () -- C:\Users\OzsubasiRob\AppData\Roaming\Mozilla\Firefox\Profiles\4cxsmvkl.default\searchplugins\bing.xml
[2010/10/16 16:41:49 | 000,000,903 | ---- | M] () -- C:\Users\OzsubasiRob\AppData\Roaming\Mozilla\Firefox\Profiles\4cxsmvkl.default\searchplugins\conduit.xml
[2010/09/13 17:35:43 | 000,000,266 | ---- | M] () -- C:\Users\OzsubasiRob\AppData\Roaming\Mozilla\Firefox\Profiles\4cxsmvkl.default\searchplugins\Search.xml
[2011/06/21 12:00:55 | 000,001,538 | ---- | M] () -- C:\Users\OzsubasiRob\AppData\Roaming\Mozilla\Firefox\Profiles\4cxsmvkl.default\searchplugins\web-search-powered-by-google.xml
[2011/06/23 12:24:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/22 17:44:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/05/14 09:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/17 08:41:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/05/23 16:43:09 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/06/21 16:43:34 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2011/06/22 17:44:35 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2011/06/22 17:44:35 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/06/08 18:56:10 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2011/06/22 17:44:35 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/10/26 21:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2011/04/21 02:07:17 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2011/04/21 02:07:17 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/07/24 10:54:24 | 000,002,191 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2011/04/21 02:07:17 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2011/04/21 02:07:17 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2011/04/21 02:07:17 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2011/04/21 02:07:17 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2011/04/21 02:07:17 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2011/04/21 02:07:17 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
[2011/04/27 20:01:25 | 000,000,849 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2011/03/24 12:32:31 | 000,002,721 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 22 more lines...
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Expat Shield Class) - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files\Expat Shield\HssIE\ExpatIE.dll (AnchorFree Inc.)
O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IEButton Class) - {F81D52BF-F2F1-4F49-BF5F-05664E803039} - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - Startup: C:\Users\OzsubasiRob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Creative Element Power Tools Startup.lnk = C:\Program Files\Creative Element Power Tools\Startup.exe (Creative Element)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save Flash - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O8 - Extra context menu item: Save YouTube Video - C:\Program Files\UnH Solutions\Flash Saving Plugin\FlashSButton.dll (UnH Solutions)
O9 - Extra Button: Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - File not found
O9 - Extra 'Tools' menuitem : Edit with Altova X&MLSpy - {2222EF56-F49E-4d07-A14E-8D2B08766958} - File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: themovechannel.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: viewpoint.net.uk ([www] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 00:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{50bec5da-c47d-11df-bc19-00241d53a79a}\Shell - "" = AutoRun
O33 - MountPoints2\{55e46aa7-eca5-11df-a754-00241d53a79a}\Shell - "" = AutoRun
O33 - MountPoints2\{55e46aa7-eca5-11df-a754-00241d53a79a}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{8df10e28-40e0-11e0-893b-00241d53a79a}\Shell - "" = AutoRun
O33 - MountPoints2\{8df10e28-40e0-11e0-893b-00241d53a79a}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/24 10:30:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/06/24 10:30:36 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/06/23 12:04:22 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\MozSwing
[2011/06/23 12:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEO PowerSuite
[2011/06/23 12:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\SEO PowerSuite
[2011/06/23 12:01:25 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\Desktop\SEO PowerSuite
[2011/06/23 08:35:03 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{958977D8-8D3D-4E0A-A5EF-26A121D24AB9}
[2011/06/22 08:58:29 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{EDBD9E9E-BC34-4044-92CA-DC1314D4BBFD}
[2011/06/21 16:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2011/06/21 16:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2011/06/21 16:41:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2011/06/21 16:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2011/06/21 15:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2011/06/21 11:21:28 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
[2011/06/21 08:52:14 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{34AE9678-0A84-44CA-97E4-2C3F761C4372}
[2011/06/20 08:29:20 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{59579DF8-055C-486B-9748-A8C4DC0C8E03}
[2011/06/18 12:07:24 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{62AB6844-BEA2-4B80-8967-A7FC16E767CD}
[2011/06/18 09:06:57 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\.linkassistant
[2011/06/18 08:57:20 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\.ranktracker
[2011/06/18 08:34:00 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\.websiteauditor
[2011/06/17 11:43:08 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\.seospyglass
[2011/06/17 08:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/06/17 08:41:07 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/06/17 08:41:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/06/17 08:41:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/06/17 08:40:32 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{F6236076-C6F7-498E-B627-6805C59A8C27}
[2011/06/16 09:34:39 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/06/16 09:34:38 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/06/16 09:34:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/06/16 09:34:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/06/16 08:36:51 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{8F0ECDDA-0DC7-430C-96D5-39D24DBAD60D}
[2011/06/15 15:10:50 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\Desktop\New folder (2)
[2011/06/15 08:58:13 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{8081D88D-D75C-4D22-A254-806E0CA3701B}
[2011/06/14 09:30:26 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{C305BAF4-B6DF-4BD4-B63B-68F14D1FFB35}
[2011/06/11 13:52:43 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\Desktop\template
[2011/06/11 08:41:15 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{54181B38-64E8-4172-BF76-4A1B4FF9ADD5}
[2011/06/10 16:48:55 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\Paint.NET
[2011/06/10 08:49:32 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{836283DE-7465-4AC6-B7D9-19DCD01D3F5D}
[2011/06/09 18:21:23 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\Desktop\New folder
[2011/06/09 08:29:27 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{E360F9FD-3CD3-4207-B1D9-AF66D146A753}
[2011/06/08 09:01:59 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{C77B19C2-21A9-48DE-988E-A82018EE1469}
[2011/06/07 08:26:28 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{962B7976-4DE2-49FE-A4BD-EAF6D6410BAD}
[2011/06/06 17:02:54 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{FC14D554-0B38-4FEA-82D0-AD3FD24A3941}
[2011/06/05 10:21:26 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{6021C3AE-E479-4DA9-A365-8673D6291BCB}
[2011/06/04 12:18:03 | 000,645,120 | ---- | C] (MiTeC) -- C:\Users\OzsubasiRob\Desktop\EXE.exe
[2011/06/04 12:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIGOS Gsitemap 0.97a
[2011/06/04 12:04:33 | 000,000,000 | ---D | C] -- C:\Program Files\VIGOS Gsitemap 0.97a
[2011/06/04 09:41:08 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{D1822ED7-4B5F-40BF-A413-AF17C51C9E80}
[2011/06/04 08:28:12 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{CE137B3B-92E5-4CFE-80E1-9325043F5C1D}
[2011/06/03 11:37:49 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\Desktop\Elite Duplex
[2011/06/03 08:45:54 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{31677B86-A0D8-471A-B048-F17B84DB39DE}
[2011/06/02 17:54:27 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\Desktop\xml-feed-templates
[2011/06/02 15:24:26 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\Desktop\contactform
[2011/06/02 08:39:35 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{ADF68A7E-75AA-401A-93C0-6D522D64BF0E}
[2011/06/01 19:25:12 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\Documents\Downloads
[2011/06/01 17:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LencomShare
[2011/06/01 17:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lencom Software Inc
[2011/06/01 17:36:57 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\SysNucleus
[2011/06/01 16:55:08 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Roaming\SysNucleus
[2011/06/01 16:08:06 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Roaming\RealtyWare
[2011/06/01 16:07:41 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\Documents\RealtyWare
[2011/06/01 08:36:17 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{472FC002-EAC4-43D2-B7F2-D64AACEBD2E0}
[2011/05/31 18:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altova MissionKit 2011
[2011/05/31 18:53:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Altova
[2011/05/31 08:43:44 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{61417BB1-9C2F-4AD8-B00B-61063369D164}
[2011/05/30 16:05:13 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cliconfg.1
[2011/05/30 16:05:13 | 000,033,340 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbmsqlgc.dll
[2011/05/30 16:05:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbmsgnet.dll
[2011/05/30 16:05:13 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cliconfg.2
[2011/05/30 16:05:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cliconfg.3
[2011/05/30 16:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011/05/30 08:41:41 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{2B43954C-B884-43BC-8D1D-C501DD7218F2}
[2011/05/28 08:29:34 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{49FFF43F-6741-497C-A86C-46A78E6472A4}
[2011/05/28 08:26:54 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/05/27 08:29:55 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{F1CAB51C-3B98-446D-861E-FA983C873005}
[2011/05/26 08:39:16 | 000,000,000 | ---D | C] -- C:\Users\OzsubasiRob\AppData\Local\{FDDBC2FB-F51A-46D0-8CBB-1E0FC182BAB5}

========== Files - Modified Within 30 Days ==========

[2011/06/24 12:07:36 | 000,001,096 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\OTL.exe - Shortcut.lnk
[2011/06/24 11:53:42 | 000,016,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 11:53:42 | 000,016,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 11:46:36 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/24 11:46:34 | 000,000,316 | -HS- | M] () -- C:\Windows\tasks\MMBXVTSC.job
[2011/06/24 11:46:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/24 11:46:25 | 1602,347,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/24 10:30:36 | 000,002,991 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\HiJackThis.lnk
[2011/06/24 09:26:04 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/23 16:41:26 | 000,034,308 | ---- | M] () -- C:\Windows\System32\BASSMOD.dll
[2011/06/23 16:32:22 | 000,461,478 | ---- | M] () -- C:\Users\OzsubasiRob\.spyglass.properties
[2011/06/23 16:13:43 | 000,512,895 | ---- | M] () -- C:\Users\OzsubasiRob\.linkassistant.properties
[2011/06/23 16:13:40 | 000,067,166 | ---- | M] () -- C:\Users\OzsubasiRob\Documents\www.altinkumpropertyforsale.com.xch
[2011/06/23 15:01:26 | 000,382,927 | ---- | M] () -- C:\Users\OzsubasiRob\.ranktracker.properties
[2011/06/23 14:58:14 | 001,913,061 | ---- | M] () -- C:\Users\OzsubasiRob\.websiteauditor.properties
[2011/06/23 14:14:56 | 000,001,959 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2011/06/23 13:18:30 | 017,146,314 | ---- | M] () -- C:\Users\OzsubasiRob\Documents\www.altinkumpropertyforsale.com.wsa
[2011/06/23 12:02:31 | 000,002,246 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\SEO SpyGlass.lnk
[2011/06/23 12:02:21 | 000,002,271 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\LinkAssistant.lnk
[2011/06/23 12:02:12 | 000,002,300 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\WebSite Auditor.lnk
[2011/06/23 12:02:05 | 000,002,246 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\Rank Tracker.lnk
[2011/06/23 11:31:48 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/23 11:02:04 | 000,163,840 | RHS- | M] () -- C:\Windows\System32\AtBrokerz.dll
[2011/06/23 10:15:14 | 002,744,206 | ---- | M] () -- C:\Users\OzsubasiRob\.websiteauditor.properties.bak
[2011/06/22 15:51:20 | 000,500,794 | ---- | M] () -- C:\Users\OzsubasiRob\.spyglass.properties.bak
[2011/06/22 08:35:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\cd.dat
[2011/06/22 08:35:02 | 003,770,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/21 18:04:22 | 000,210,231 | ---- | M] () -- C:\Users\OzsubasiRob\.ranktracker.properties.bak
[2011/06/21 16:45:44 | 000,205,049 | ---- | M] () -- C:\Windows\hpwins26.dat
[2011/06/21 16:42:37 | 000,001,282 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/06/21 16:42:00 | 000,002,078 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/06/21 14:19:13 | 000,205,061 | ---- | M] () -- C:\Windows\hpwins26.dat.temp
[2011/06/18 09:13:15 | 000,453,954 | ---- | M] () -- C:\Users\OzsubasiRob\.linkassistant.properties.bak
[2011/06/18 08:33:34 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/17 09:49:59 | 000,635,121 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\ozsubasiiii.jpg
[2011/06/04 14:27:02 | 000,009,320 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\apfs1.php
[2011/06/04 14:12:32 | 000,000,903 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\new xml1.php
[2011/06/04 12:59:44 | 000,000,931 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\new xml.php
[2011/06/04 12:05:59 | 000,000,002 | ---- | M] () -- C:\Users\OzsubasiRob\Documents\sitemap.xml
[2011/06/03 17:49:06 | 000,719,306 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/03 17:49:06 | 000,716,740 | ---- | M] () -- C:\Windows\System32\perfh01F.dat
[2011/06/03 17:49:06 | 000,160,816 | ---- | M] () -- C:\Windows\System32\perfc01F.dat
[2011/06/03 17:49:06 | 000,141,360 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/02 14:27:47 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011/06/02 14:23:32 | 000,009,328 | ---- | M] () -- C:\Users\OzsubasiRob\Desktop\apfs.php
[2011/06/01 17:58:29 | 000,000,150 | ---- | M] () -- C:\Program Files\Common Files\Engines.lnl
[2011/06/01 10:57:02 | 000,000,143 | ---- | M] () -- C:\Users\OzsubasiRob\Documents\OpenWith.reg
[2011/05/31 18:54:18 | 000,003,021 | ---- | M] () -- C:\Users\OzsubasiRob\Application Data\Microsoft\Internet Explorer\Quick Launch\Altova XMLSpy.lnk
[2011/05/30 16:06:10 | 000,003,120 | ---- | M] () -- C:\Windows\System32\HE37GFEK.ocx
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/28 13:16:03 | 000,205,741 | ---- | M] () -- C:\Windows\hpoins46.dat
[2011/05/28 11:13:26 | 000,077,853 | ---- | M] () -- C:\Windows\hpqins05.dat
[2011/05/28 11:10:23 | 000,075,984 | ---- | M] () -- C:\Windows\hpqins01.dat

========== Files Created - No Company Name ==========

[2011/06/24 12:07:36 | 000,001,096 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\OTL.exe - Shortcut.lnk
[2011/06/24 10:30:36 | 000,002,991 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\HiJackThis.lnk
[2011/06/23 13:18:29 | 017,146,314 | ---- | C] () -- C:\Users\OzsubasiRob\Documents\www.altinkumpropertyforsale.com.wsa
[2011/06/23 12:24:16 | 000,067,166 | ---- | C] () -- C:\Users\OzsubasiRob\Documents\www.altinkumpropertyforsale.com.xch
[2011/06/23 12:10:24 | 000,512,895 | ---- | C] () -- C:\Users\OzsubasiRob\.linkassistant.properties
[2011/06/23 12:09:32 | 000,461,478 | ---- | C] () -- C:\Users\OzsubasiRob\.spyglass.properties
[2011/06/23 12:05:01 | 001,913,061 | ---- | C] () -- C:\Users\OzsubasiRob\.websiteauditor.properties
[2011/06/23 12:02:31 | 000,002,246 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\SEO SpyGlass.lnk
[2011/06/23 12:02:21 | 000,002,271 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\LinkAssistant.lnk
[2011/06/23 12:02:12 | 000,002,300 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\WebSite Auditor.lnk
[2011/06/23 12:02:05 | 000,002,246 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\Rank Tracker.lnk
[2011/06/23 11:02:04 | 000,163,840 | RHS- | C] () -- C:\Windows\System32\AtBrokerz.dll
[2011/06/23 11:02:04 | 000,000,316 | -HS- | C] () -- C:\Windows\tasks\MMBXVTSC.job
[2011/06/22 08:35:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2011/06/21 16:42:58 | 000,001,028 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2011/06/21 16:42:37 | 000,001,282 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2011/06/21 16:42:00 | 000,002,078 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/06/21 16:39:10 | 000,205,049 | ---- | C] () -- C:\Windows\hpwins26.dat
[2011/06/21 16:39:10 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat
[2011/06/21 14:20:48 | 000,205,061 | ---- | C] () -- C:\Windows\hpwins26.dat.temp
[2011/06/21 11:57:03 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat.temp
[2011/06/18 09:13:15 | 000,453,954 | ---- | C] () -- C:\Users\OzsubasiRob\.linkassistant.properties.bak
[2011/06/18 09:11:22 | 000,382,927 | ---- | C] () -- C:\Users\OzsubasiRob\.ranktracker.properties
[2011/06/18 09:11:22 | 000,210,231 | ---- | C] () -- C:\Users\OzsubasiRob\.ranktracker.properties.bak
[2011/06/18 08:53:14 | 002,744,206 | ---- | C] () -- C:\Users\OzsubasiRob\.websiteauditor.properties.bak
[2011/06/17 15:55:36 | 000,500,794 | ---- | C] () -- C:\Users\OzsubasiRob\.spyglass.properties.bak
[2011/06/17 09:49:55 | 000,635,121 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\ozsubasiiii.jpg
[2011/06/04 14:27:02 | 000,009,320 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\apfs1.php
[2011/06/04 13:00:10 | 000,000,903 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\new xml1.php
[2011/06/04 12:42:19 | 000,000,931 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\new xml.php
[2011/06/04 12:05:59 | 000,000,002 | ---- | C] () -- C:\Users\OzsubasiRob\Documents\sitemap.xml
[2011/06/02 14:31:58 | 000,009,328 | ---- | C] () -- C:\Users\OzsubasiRob\Desktop\apfs.php
[2011/06/02 14:24:47 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011/06/01 17:58:29 | 000,000,150 | ---- | C] () -- C:\Program Files\Common Files\Engines.lnl
[2011/06/01 10:57:02 | 000,000,143 | ---- | C] () -- C:\Users\OzsubasiRob\Documents\OpenWith.reg
[2011/05/31 18:54:18 | 000,003,021 | ---- | C] () -- C:\Users\OzsubasiRob\Application Data\Microsoft\Internet Explorer\Quick Launch\Altova XMLSpy.lnk
[2011/05/30 16:06:10 | 000,003,120 | ---- | C] () -- C:\Windows\System32\HE37GFEK.ocx
[2011/05/28 11:15:07 | 000,205,846 | ---- | C] () -- C:\Windows\hpoins46.dat.temp
[2011/05/28 11:12:27 | 000,077,853 | ---- | C] () -- C:\Windows\hpqins05.dat
[2011/05/28 11:09:19 | 000,075,984 | ---- | C] () -- C:\Windows\hpqins01.dat
[2011/05/21 11:27:47 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2011/05/21 10:07:34 | 000,205,741 | ---- | C] () -- C:\Windows\hpoins46.dat
[2011/05/21 10:07:34 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2011/05/10 12:31:28 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2011/04/27 20:00:50 | 000,029,008 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/04/27 20:00:50 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/03/24 12:58:54 | 000,039,424 | ---- | C] () -- C:\Windows\System32\rpiAccessProcess.dll
[2011/03/12 17:25:38 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/03/12 17:24:28 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/03/09 14:37:27 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/03/05 17:42:28 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011/01/25 12:23:17 | 000,001,024 | ---- | C] () -- C:\ProgramData\imgpdf2.dll
[2011/01/13 18:45:04 | 000,000,141 | ---- | C] () -- C:\Users\OzsubasiRob\AppData\Roaming\rsswriter.xml
[2011/01/13 12:38:55 | 000,000,167 | ---- | C] () -- C:\Users\OzsubasiRob\AppData\Roaming\default.rss
[2011/01/08 17:16:54 | 000,000,032 | ---- | C] () -- C:\Windows\RBuilder.ini
[2010/12/16 10:48:56 | 000,022,746 | ---- | C] () -- C:\Windows\hpqins15.dat.temp
[2010/12/15 18:35:42 | 000,000,080 | -H-- | C] () -- C:\Users\OzsubasiRob\AppData\Local\vwr_lic_p.dat
[2010/12/11 16:35:33 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/12/07 10:44:43 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/12/01 16:22:00 | 000,000,080 | RHS- | C] () -- C:\Windows\System32\917E3BB26D.dll
[2010/11/28 13:43:53 | 000,000,099 | ---- | C] () -- C:\Users\OzsubasiRob\AppData\Local\fusioncache.dat
[2010/10/07 16:31:18 | 000,010,588 | R--- | C] () -- C:\Windows\System32\drivers\mpfilt.sys
[2010/10/02 14:53:18 | 000,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll
[2010/10/02 14:17:35 | 001,774,720 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2010/10/02 14:17:35 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2010/10/02 14:17:35 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2010/10/02 14:17:35 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2010/10/02 14:17:35 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2010/09/17 15:41:28 | 000,187,432 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/09/07 09:42:03 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/08/11 17:57:16 | 000,011,264 | ---- | C] () -- C:\Windows\System32\wdokannp.dll
[2010/08/11 17:57:14 | 000,072,568 | ---- | C] () -- C:\Windows\System32\drivers\wdokan.sys
[2010/08/11 17:57:06 | 000,032,768 | ---- | C] () -- C:\Windows\System32\wdokanusr.dll
[2010/07/15 14:54:00 | 000,007,605 | ---- | C] () -- C:\Users\OzsubasiRob\AppData\Local\resmon.resmoncfg
[2010/07/10 18:53:49 | 000,001,856 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2010/06/30 18:03:07 | 000,000,000 | ---- | C] () -- C:\Windows\hpqEmlSz.INI
[2010/06/19 16:10:58 | 000,023,128 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/06/12 16:53:55 | 000,190,976 | ---- | C] () -- C:\Windows\System32\WgaLogon.dll
[2010/06/12 16:53:32 | 000,414,208 | ---- | C] () -- C:\Windows\System32\WgaTray.exe
[2010/06/10 11:38:37 | 000,018,420 | ---- | C] () -- C:\Windows\Q-Dir.ini
[2010/06/08 18:25:17 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/06/05 15:45:31 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/06/05 15:44:55 | 000,716,740 | ---- | C] () -- C:\Windows\System32\perfh01F.dat
[2010/06/05 15:44:55 | 000,285,034 | ---- | C] () -- C:\Windows\System32\perfi01F.dat
[2010/06/05 15:44:55 | 000,160,816 | ---- | C] () -- C:\Windows\System32\perfc01F.dat
[2010/06/05 15:44:55 | 000,037,160 | ---- | C] () -- C:\Windows\System32\perfd01F.dat
[2009/08/03 15:07:42 | 000,667,136 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/14 07:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 07:33:53 | 003,770,640 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 05:05:48 | 000,719,306 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 05:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 05:05:48 | 000,141,360 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 05:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 05:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 05:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 02:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 02:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 02:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 00:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[1996/08/20 22:37:20 | 000,015,840 | ---- | C] () -- C:\Windows\System32\Machnm1.exe

========== LOP Check ==========

[2010/12/08 15:02:11 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\A4DeskPro
[2011/02/16 19:32:52 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\authorPOINT
[2011/03/12 18:44:46 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\AVG10
[2011/06/24 10:58:33 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Azureus
[2011/05/07 18:39:09 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Bryxen Software
[2010/06/21 14:14:24 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Canneverbe Limited
[2010/12/08 15:04:44 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/03/28 15:54:33 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\ColTweak
[2011/02/25 18:39:56 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\DAEMON Tools Lite
[2010/11/09 17:54:24 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\DeviceDoctorSoftware
[2011/03/02 12:15:39 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\DriverFinder
[2011/02/17 10:25:23 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\DVDVideoSoft
[2010/06/27 13:14:12 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Easeware
[2010/07/24 10:15:41 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Eltima Software
[2011/05/03 18:39:43 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Emergency Soft
[2011/04/12 15:13:25 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\EurekaLog
[2010/12/01 16:24:22 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Feedreader
[2011/06/23 14:38:46 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\FileZilla
[2011/03/08 11:32:51 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Genie-Soft
[2011/06/01 19:25:49 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\GetRightToGo
[2011/05/09 19:12:46 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Helium
[2011/05/24 18:22:22 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\IBP
[2011/03/28 16:46:23 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\IObit
[2010/11/06 18:12:08 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\iolo
[2011/03/21 16:01:42 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\IrfanView
[2011/01/08 17:16:54 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Jade Tools
[2011/05/17 16:37:07 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\JAM Software
[2011/05/04 12:50:29 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Microsys
[2011/05/09 18:49:26 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Mozenda
[2011/04/07 16:53:08 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Notepad++
[2010/10/19 15:38:18 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\PhotoScape
[2010/06/10 11:42:47 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Q-Dir
[2010/12/14 18:16:18 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Recolored
[2010/11/27 15:24:46 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\RhinoSoft.com
[2010/12/15 17:53:27 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\ScrapePro.Designer
[2011/06/01 16:55:08 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\SysNucleus
[2010/10/05 14:39:58 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Systweak
[2011/03/05 14:13:18 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Thunderbird
[2010/06/26 18:06:46 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\VS Revo Group
[2010/06/27 13:32:09 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\WinBatch
[2011/01/26 10:11:44 | 000,000,000 | ---D | M] -- C:\Users\OzsubasiRob\AppData\Roaming\Windows Live Writer
[2011/06/24 11:46:34 | 000,000,316 | -HS- | M] () -- C:\Windows\Tasks\MMBXVTSC.job
[2011/05/25 08:39:15 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/11/20 09:26:10 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 143 bytes -> C:\Users\OzsubasiRob\Documents\default.rss:OECustomProperty
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:176C9C0E
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:F5A61FDD
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:5CB1E0D3
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:44807EFA

< End of report >

[Advertisements]

I managed to resolve this myself. I ran stopzilla which found 2 more infections that the others had missed, then I ran combofix. Thankfully everything seems ok now.

[rldt1]

I managed to resolve this myself. I ran stopzilla which found 2 more infections that the others had missed, then I ran combofix. Thankfully everything seems ok now.