Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Confused (re Windows XP Recovery Virus)

Started by Channeal , Jul 02 2011 04:36 PM

  • This topic is locked This topic is locked

#1
Channeal
Posted 02 July 2011 - 04:36 PM

Channeal

    Member

  • Member
  • PipPipPip
  • 879 posts
I am a 60-year-old female who does not know very much about computers!

On Wednsday I clicked on a site from which I have in the past downloaded some free music from around the world. This time though, as soon as I went into the site I got some virus alerts from my Avast antivirus (paid version) and some stuff to do with Windows XP Recovery came up. I realised right away that this was a rogue program - but couldn't stop it causing me big headaches!

To cut a long story short, as I couldn't get into my existing anti-malware programs I ended up paying for a program called Spy Hunter. I regret paying for this program now as, despite it telling me it had got rid of the virus, the problems persisted. I eventually managed to delete some of the rubbish it had left on here manually. Fortunately, I also came across your site and found your page on the virus which enabled me to get back all my start menu items which were missing.

I now have several new anti-malware programs on here (I already had the free version of Malwarebytes Anti-Malware) and have run scans on them. Most of them show everything is now clear, but a couple of them (Stopzilla and something I think began with CA) still came up with the Windows XP Recovery virus. I have deleted both of these programs now as they both wanted me to pay for them, but I am totally confused about whether or not I still have a problem! Any ideas how I can find out once and for all if I am clear? Malwarebytes Anti-Malware does not find anything - but I am still not at all sure.

Even before the recent events, I had a problem with some kind of redirection virus which sent me to sites different from the one I was searching for. I think Stopzilla did detect this redirection virus - but interestingly none of the other programs came up with it. I downloaded and ran Ad-Aware last night though and I think that might have got rid of the redirection problem. I find the whole malware/spware thing so incredibly confusing, as all the detection programs seem to find different things! At the moment, I am left with 6 different detection programs on here, as well as my anti-virus program - and I still don't know if I am clear!

Can anyone help, please?

Chris.

Edited by Channeal, 03 July 2011 - 05:24 AM.

  • 0

Advertisements

#2
Channeal
Posted 03 July 2011 - 05:22 AM

Channeal

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 879 posts
I forgot to say that I now know that StopZilla is itself not good! I managed to delete it okay, but I remain concerned about it finding the Windows XP Recovery virus again, once I thought it was all sorted!

I also forgot to mention that I got reports from Hijack This & OTL, but think I read somewhere on here not to post them until asked.

I apologise for not choosing a more explicit topic for this question - I just noticed that it says that the title is important!

Chris.
  • 0

#3
Essexboy
Posted 03 July 2011 - 05:23 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi Chris, OK age is no barrier. What I will do first is look at your system and restore any files and folders still missing, then we will remove any malware and get your protection to the right level without overkill

Download Unhide.exe to your desktop and run

FOLLOWED BY

Download RogueKiller to your desktop

  • Quit all running programs
  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  • When prompted, type 6 and validate
  • The RKreport.txt shall be generated next to the executable.
  • If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Please post the contents of the RKreport.txt in your next Reply.


THEN

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    %USERPROFILE%\..|smtmp;true;true;true /FP
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

Download aswMBR.exe ( 1.8mb ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#4
Channeal
Posted 03 July 2011 - 05:46 AM

Channeal

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 879 posts
Thanks so very much for your reply.

Okay, I am going to do this step-by-step, if I may! I have to get ready to go out now so will do most of it another time, but I have done the RogueKiller thing and the report is as follows: -

RogueKiller V5.2.7 [06/30/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-to...-Remontees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: nealfamily [Admin rights]
Mode: Shortcuts HJfix -- Date : 07/03/2011 12:39:15

Bad processes: 1
[SUSP PATH] rpchrome10browserrecordhelper.dll -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome10browserrecordhelper.dll -> UNLOADED

File attributes restored:
Desktop: Success 3 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 42613 / Fail 0
Start menu: Success 78 / Fail 0
User folder: Success 618 / Fail 0
My documents: Success 1366 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 35431 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[E:] \Device\Harddisk2\DP(1)0-0+8 -- 0x2 --> Restored
[F:] \Device\Harddisk3\DP(1)0-0+9 -- 0x2 --> Restored
[G:] \Device\Harddisk4\DP(1)0-0+a -- 0x2 --> Restored
[H:] \Device\Harddisk5\DP(1)0-0+b -- 0x2 --> Restored
[I:] \Device\Harddisk6\DP(1)0-0+d -- 0x2 --> Restored
[J:] \Device\CdRom0 -- 0x5 --> Skipped
[K:] \Device\CdRom1 -- 0x5 --> Skipped

Finished : << RKreport[1].txt >>
RKreport[1].txt
  • 0

#5
Essexboy
Posted 03 July 2011 - 05:49 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK that looks good as it should have now restored all your files and folders :)

Taking it step by step is not a problem, whichever is better for you. Any problems or queries then just stop and shout
  • 0

#6
Channeal
Posted 03 July 2011 - 02:36 PM

Channeal

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 879 posts
Ok..... I did the OTL scan - but for some reason I only got one report from it (I guess it is the Extras.Txt one that is missing). Anyway, here are the results of the one that I did get. I will wait to hear from you before I do the final bit, in case you need me to get the Extras.Txt report as well.

BTW I notice there are some odd Unicode files showing up with Greeek text in - that is because we are learning Greek! Lol!


OTL logfile created on: 03/07/2011 21:15:48 - Run 2
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Documents and Settings\nealfamily\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.50 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 63.40% Memory free
6.84 Gb Paging File | 5.75 Gb Available in Paging File | 84.13% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.99 Gb Total Space | 60.02 Gb Free Space | 40.28% Space Free | Partition Type: NTFS
Drive D: | 148.99 Gb Total Space | 147.17 Gb Free Space | 98.77% Space Free | Partition Type: NTFS

Computer Name: NEALFAMI-ED0CE4 | User Name: nealfamily | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/03 21:13:13 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\nealfamily\My Documents\Downloads\OTL(1).exe
PRC - [2011/06/28 12:19:47 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/06/28 12:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011/06/05 11:56:09 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/05/17 17:45:56 | 000,735,648 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
PRC - [2011/03/25 13:34:00 | 004,371,768 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe
PRC - [2011/03/23 14:12:58 | 001,406,264 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
PRC - [2011/03/23 14:12:54 | 002,032,952 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/23 20:45:50 | 000,607,616 | ---- | M] (iExpert Software) -- C:\Program Files\Registry Clean Expert\RCHelper.exe
PRC - [2009/11/25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/23 14:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/22 07:36:12 | 000,037,888 | R--- | M] () -- C:\Program Files\Corel\Corel Photo Album 7\CorelIOMonitor.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/12/12 11:46:52 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exe
PRC - [2006/10/16 21:13:28 | 000,230,944 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2006/10/12 09:45:58 | 000,061,529 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVC.exe
PRC - [2006/10/12 09:44:48 | 000,385,113 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVR.exe
PRC - [2005/07/22 20:45:16 | 000,430,080 | ---- | M] (Dell) -- C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe
PRC - [2005/06/27 18:05:06 | 000,282,624 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 944\memcard.exe
PRC - [2005/06/21 21:19:38 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\dlcdcoms.exe


========== Modules (SafeList) ==========

MOD - [2011/07/03 21:13:13 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\nealfamily\My Documents\Downloads\OTL(1).exe
MOD - [2011/06/05 11:56:50 | 000,043,520 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome10browserrecordhelper.dll
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/11/25 00:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2009/07/12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008/04/14 01:11:58 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008/04/14 01:11:48 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2004/08/10 12:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
MOD - [2004/08/10 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/06/28 12:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/05/17 17:45:56 | 000,735,648 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe -- (ServicepointService)
SRV - [2011/03/23 14:12:58 | 001,406,264 | ---- | M] (Virgin Media) [Auto | Running] -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe -- (HsdService)
SRV - [2011/03/01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2009/11/25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/05/29 13:36:37 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/16 21:13:28 | 000,230,944 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006/10/12 09:45:58 | 000,061,529 | R--- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\WINDOWS\system32\PRISMSVC.exe -- (PRISMSVC)
SRV - [2005/06/21 21:19:38 | 000,491,520 | ---- | M] () [On_Demand | Running] -- C:\WINDOWS\System32\dlcdcoms.exe -- (dlcd_device)


========== Driver Services (SafeList) ==========

DRV - [2011/06/20 10:31:32 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/06/20 10:31:32 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/05/09 12:32:14 | 000,057,144 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\26762\RapportCerberus_26762.sys -- (RapportCerberus_26762)
DRV - [2011/05/06 09:57:10 | 000,013,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2011/04/28 14:34:50 | 000,066,360 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/04/28 14:34:50 | 000,053,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/04/28 14:34:48 | 000,158,904 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/06/10 19:16:32 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/06/01 15:49:05 | 000,395,744 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/06/01 15:49:05 | 000,039,264 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/06/01 15:48:28 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008/05/14 00:08:04 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/06/18 04:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2006/12/19 09:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006/12/19 09:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/12/19 09:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/12/19 09:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/12/19 09:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/12/19 09:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/10/26 12:22:00 | 000,357,344 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PRISMA02.sys -- (DELL_A02)
DRV - [2005/08/30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/08/30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/08/30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005/08/30 01:49:38 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2005/08/30 01:49:34 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2005/08/30 01:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2005/07/13 17:18:00 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2003/12/08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003/12/08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003/11/17 21:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 21:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 21:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.rd.yahoo.c...earch.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.c...earch.yahoo.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.my.yahoo.com/
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A E1 DA 10 A1 E0 C9 01 [binary data]
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\..\URLSearchHook: {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://uk.search.yah...ch?fr=ffsp1&p="
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://uk.my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: [email protected]:2.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: [email protected]:2.9.5.9
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {92E6396C-1D59-4D9B-B5E6-57529E904A9D}:1.9.1
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"


FF - HKLM\software\mozilla\Firefox\Extensions\\{92E6396C-1D59-4D9B-B5E6-57529E904A9D}: C:\Documents and Settings\nealfamily\Local Settings\Application Data\{92E6396C-1D59-4D9B-B5E6-57529E904A9D} [2011/02/09 13:25:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/05 11:56:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/29 19:30:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/16 09:15:04 | 000,000,000 | ---D | M]

[2009/05/30 10:06:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Extensions
[2011/06/30 00:15:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions
[2010/06/25 13:51:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/10 12:10:24 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2011/03/18 17:26:31 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2011/06/23 12:27:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/24 12:16:43 | 000,000,000 | ---D | M] (Surf Canyon - Search Engine Assistant) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
[2011/03/06 22:57:23 | 000,000,000 | ---D | M] ("Amazon Toolbar") -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\[email protected]
[2010/10/22 18:26:20 | 000,000,000 | ---D | M] ("TurnTool Viewer") -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\[email protected]
[2011/04/09 20:37:15 | 000,002,572 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\searchplugins\informative-google-search.xml
[2011/06/29 19:30:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/02/09 13:25:40 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\NEALFAMILY\LOCAL SETTINGS\APPLICATION DATA\{92E6396C-1D59-4D9B-B5E6-57529E904A9D}
[2009/09/19 13:22:20 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/06/16 05:32:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/08/16 17:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2008/08/16 17:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2008/08/16 17:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2008/05/21 08:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2008/05/21 08:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2008/05/21 08:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2008/08/16 17:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2008/08/16 17:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/04/08 13:41:38 | 000,427,243 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14716 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Wanadoo) - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\Program Files\Wanadoo\WSBar\WSBar.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-527237240-606747145-725345543-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Photo Album 7\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DHSClient.exe] C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media)
O4 - HKLM..\Run: [DLCDCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.DLL ()
O4 - HKLM..\Run: [dlcdmon.exe] C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 944\memcard.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ServiceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-527237240-606747145-725345543-1003..\Run: [iLike] C:\Program Files\iLike\1.2.17\ilikesidebar.exe (iLike)
O4 - HKU\S-1-5-21-527237240-606747145-725345543-1003..\Run: [RegClean Expert Scheduler] C:\Program Files\Registry Clean Expert\RCHelper.exe (iExpert Software)
O4 - HKU\S-1-5-21-527237240-606747145-725345543-1003..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKU\S-1-5-21-527237240-606747145-725345543-1003..\RunOnce: [Shockwave Updater] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKU\S-1-5-21-527237240-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O8 - Extra context menu item: Search with Wanadoo - C:\Program Files\Wanadoo\WSBar\WSBar.dll ()
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-527237240-606747145-725345543-1003\..Trusted Domains: horsham.gov.uk ([remoteaccess] https in Trusted sites)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} Reg Error: Value error. (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\PRISMAPI.DLL: DllName - PRISMAPI.DLL - C:\WINDOWS\System32\PRISMAPI.dll (Conexant Systems, Inc.)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\nealfamily\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\nealfamily\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/28 15:05:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-527237240-606747145-725345543-1003\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/07/03 12:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Desktop\RK_Quarantine
[2011/07/03 00:41:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Application Data\QuickScan
[2011/07/02 11:15:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\HiJackThis
[2011/07/02 11:15:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/07/01 20:27:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2011/07/01 20:23:27 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/07/01 20:20:03 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/07/01 20:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/07/01 20:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/07/01 20:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/07/01 18:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Desktop\Computer Health
[2011/07/01 17:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/30 22:04:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Yahoo!
[2011/06/30 22:04:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\xerox
[2011/06/30 22:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Plus
[2011/06/30 22:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows NT
[2011/06/30 22:04:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Media Player
[2011/06/30 22:04:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Media Connect 2
[2011/06/30 22:04:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Live SkyDrive
[2011/06/30 22:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Live
[2011/06/30 22:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Desktop Search
[2011/06/30 22:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Web Publish
[2011/06/30 22:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Wanadoo
[2011/06/30 22:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Virgin Media
[2011/06/30 22:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Veetle
[2011/06/30 22:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\US Digital Media
[2011/06/30 22:04:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Uniblue
[2011/06/30 22:04:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\TurnTool
[2011/06/30 22:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Trusteer
[2011/06/30 22:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Transparent
[2011/06/30 22:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Tesco
[2011/06/30 22:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\SystemRequirementsLab
[2011/06/30 22:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\SUPERAntiSpyware
[2011/06/30 22:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Spybot - Search & Destroy
[2011/06/30 22:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Sonic
[2011/06/30 22:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Skype
[2011/06/30 22:04:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\SigmaTel
[2011/06/30 22:04:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Shared
[2011/06/30 22:03:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Samsung
[2011/06/30 22:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Safari
[2011/06/30 22:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Registry Clean Expert
[2011/06/30 22:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Reference Assemblies
[2011/06/30 22:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\real
[2011/06/30 22:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\QuickTime
[2011/06/30 22:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Perfect Uninstaller
[2011/06/30 22:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\PCPitstop
[2011/06/30 22:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Outlook Express
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Opera
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Online Services
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\OJOsoft
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\NetMeeting
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\NCH Swift Sound
[2011/06/30 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\NCH Software
[2011/06/30 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\MSN Gaming Zone
[2011/06/30 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\MSN
[2011/06/30 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\MSBuild
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Mozilla Firefox
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Movie Maker
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\MixMeister EZ Vinyl Converter
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft.NET
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Works
[2011/06/30 22:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Visual Studio 8
[2011/06/30 22:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Visual Studio
[2011/06/30 22:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Sync Framework
[2011/06/30 22:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft SQL Server Compact Edition
[2011/06/30 22:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Silverlight
[2011/06/30 22:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Office Outlook Connector
[2011/06/30 22:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Office
[2011/06/30 22:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Money 2005
[2011/06/30 22:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\microsoft frontpage
[2011/06/30 22:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft
[2011/06/30 22:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Messenger
[2011/06/30 22:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/30 22:02:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Java
[2011/06/30 22:02:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Jasc Software Inc
[2011/06/30 22:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\iTunes
[2011/06/30 22:01:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\iPod
[2011/06/30 22:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Intel
[2011/06/30 22:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\InstallShield Installation Information
[2011/06/30 22:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\iLike
[2011/06/30 22:01:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\ICQ7.5
[2011/06/30 22:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\ICQ6Toolbar
[2011/06/30 22:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Hitman Pro 3.5
[2011/06/30 22:01:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Google
[2011/06/30 22:01:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\GemMaster
[2011/06/30 22:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\FileZilla FTP Client
[2011/06/30 22:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\ESPNMotion
[2011/06/30 22:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Enigma Software Group
[2011/06/30 22:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\EnglishOtto
[2011/06/30 22:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Dl_cats
[2011/06/30 22:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\DIGStream
[2011/06/30 22:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Dell Wireless
[2011/06/30 22:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Dell Support Center
[2011/06/30 22:01:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Dell Photo AIO Printer 944
[2011/06/30 22:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Corel
[2011/06/30 22:00:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Copernic Agent
[2011/06/30 22:00:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\CONEXANT
[2011/06/30 22:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Common Files
[2011/06/30 22:00:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Citrix
[2011/06/30 22:00:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Broderbund
[2011/06/30 22:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Bonjour
[2011/06/30 22:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Axis Communications
[2011/06/30 22:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Auslogics
[2011/06/30 22:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\AudioLabel
[2011/06/30 22:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Audacity
[2011/06/30 22:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Apple Software Update
[2011/06/30 22:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Amazon
[2011/06/30 22:00:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Alwil Software
[2011/06/30 22:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Adobe
[2011/06/30 22:00:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\PIF
[2011/06/30 22:00:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Acronis
[2011/06/30 22:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Desktop\recovery
[2011/06/30 22:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Abbyy FineReader 6.0 Sprint
[2011/06/30 21:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information
[2011/06/30 19:49:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\nealfamily\Recent
[2011/06/30 18:42:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hitman Pro 3.5
[2011/06/30 18:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/06/30 18:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Application Data\SUPERAntiSpyware.com
[2011/06/30 18:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/06/30 18:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/06/30 18:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/06/30 00:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/06/29 16:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\SpyHunter
[2011/06/29 16:41:13 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2011/06/29 16:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2011/06/29 16:40:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/06/19 22:49:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/06/11 13:48:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\Babylon
[2011/06/11 13:48:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Application Data\Babylon
[2011/06/11 13:48:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2011/06/05 11:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/06/05 11:56:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/05/29 14:36:37 | 000,009,216 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[2009/05/29 14:36:33 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2006/12/20 17:58:02 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdiesc.dll
[2006/12/20 17:47:32 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdinpa.dll
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/03 21:15:40 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-527237240-606747145-725345543-1003.job
[2011/07/03 21:15:40 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-527237240-606747145-725345543-1003.job
[2011/07/03 20:46:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/03 20:35:58 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/03 20:35:05 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/07/03 20:34:50 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/03 20:34:40 | 000,044,799 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/07/03 20:34:39 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2011/07/03 20:34:36 | 000,000,388 | ---- | M] () -- C:\WINDOWS\tasks\Registry Reviver-nealfamily-Startup.job
[2011/07/03 20:34:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/03 17:47:43 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000004-00001102-00000005-10031102}.rfx
[2011/07/03 17:47:43 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000004-00001102-00000005-10031102}.rfx
[2011/07/03 17:47:43 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000004-00001102-00000005-10031102}.rfx
[2011/07/03 17:47:43 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/07/03 17:47:43 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011/07/03 09:39:08 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2011/07/03 09:21:50 | 000,020,552 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/07/02 14:29:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/02 11:15:46 | 000,002,457 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\HiJackThis.lnk
[2011/07/02 10:39:23 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\housecall.guid.cache
[2011/07/01 20:27:12 | 000,004,520 | ---- | M] () -- C:\WINDOWS\System32\entitlement.xml
[2011/07/01 20:23:25 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/07/01 20:23:24 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/07/01 18:50:53 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\WINWORD.lnk
[2011/07/01 18:48:56 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Notepad.lnk
[2011/07/01 14:33:19 | 000,031,536 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\vicars (2).jpg
[2011/07/01 10:04:59 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Dell Wireless.lnk
[2011/06/30 19:50:13 | 000,026,814 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\cc_20110630_195005.reg
[2011/06/30 19:13:37 | 000,000,680 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2011/06/30 18:31:12 | 000,000,022 | ---- | M] () -- C:\WINDOWS\tpcsd
[2011/06/29 22:37:44 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk
[2011/06/29 22:07:44 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/29 22:07:14 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Windows Media Player.lnk
[2011/06/29 21:55:49 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Safari.lnk
[2011/06/29 21:55:28 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Safari.lnk
[2011/06/29 21:44:58 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/06/29 21:44:07 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Opera.lnk
[2011/06/29 21:40:24 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/06/29 21:36:08 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Google Chrome.lnk
[2011/06/29 21:36:08 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/29 21:03:22 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Windows Explorer.lnk
[2011/06/29 19:35:59 | 000,000,536 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Show Desktop.lnk
[2011/06/29 19:30:20 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/29 19:30:20 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/29 16:34:22 | 000,196,096 | ---- | M] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/27 19:09:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2011/06/26 00:02:54 | 003,023,473 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Approaching Arundel Castle.jpg
[2011/06/25 23:59:48 | 003,490,037 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Banners.jpg
[2011/06/25 23:55:12 | 003,396,871 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Fr Weston & Fr Kevin at Arundel Castle.jpg
[2011/06/25 23:54:02 | 003,436,303 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Procession to Arundel Castle.jpg
[2011/06/25 23:48:35 | 004,028,964 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Carpet of Flowers.jpg
[2011/06/25 23:43:19 | 004,305,127 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi 2011 Procession leaving Arundel Castle.jpg
[2011/06/25 23:27:45 | 003,707,227 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Fr Weston and others.jpg
[2011/06/25 11:28:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/06/25 00:45:44 | 000,132,509 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1713.JPG
[2011/06/25 00:45:22 | 000,125,516 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1712.JPG
[2011/06/23 20:19:04 | 019,222,888 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1711.AVI
[2011/06/23 20:05:16 | 029,049,304 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1710.AVI
[2011/06/23 19:52:52 | 003,174,843 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1709.JPG
[2011/06/23 19:51:28 | 003,552,005 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1708.JPG
[2011/06/23 19:43:26 | 003,504,249 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1707.JPG
[2011/06/23 19:42:30 | 003,125,122 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1706.JPG
[2011/06/23 19:37:30 | 002,324,060 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1705.JPG
[2011/06/23 19:31:46 | 003,157,322 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1704.JPG
[2011/06/23 19:31:02 | 003,500,115 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1703.JPG
[2011/06/23 19:30:50 | 003,594,031 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1702.JPG
[2011/06/23 19:30:38 | 003,304,770 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1701.JPG
[2011/06/23 19:30:12 | 003,009,582 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1700.JPG
[2011/06/23 19:29:50 | 003,494,698 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1699.JPG
[2011/06/23 19:29:20 | 003,513,911 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1698.JPG
[2011/06/23 19:28:48 | 003,128,976 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1697.JPG
[2011/06/23 19:27:10 | 003,127,412 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1696.JPG
[2011/06/23 19:24:10 | 003,548,177 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1695.JPG
[2011/06/23 19:21:16 | 003,590,343 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1694.JPG
[2011/06/23 19:18:22 | 003,365,558 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1691.JPG
[2011/06/23 19:17:48 | 003,540,329 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1690.JPG
[2011/06/23 19:13:48 | 003,236,636 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1688.JPG
[2011/06/23 19:03:52 | 027,107,616 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1687.AVI
[2011/06/23 16:42:50 | 003,148,489 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1686.JPG
[2011/06/23 16:33:58 | 003,072,704 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1685.JPG
[2011/06/23 16:33:46 | 003,095,973 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1684.JPG
[2011/06/22 10:18:45 | 000,000,538 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics Console Defragmentation.job
[2011/06/20 10:31:32 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/06/18 15:15:27 | 000,107,316 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Chequers Menu.pdf
[2011/06/16 01:27:39 | 000,465,826 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/16 01:27:39 | 000,079,728 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/11 16:24:32 | 214,190,946 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1648.AVI
[2011/06/09 20:42:24 | 000,002,258 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Repair.vbs
[2011/06/05 11:56:14 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011/06/04 19:58:23 | 000,000,252 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Yahoo! Babel Fish - Text Translation and Web Page Translation.url
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/02 11:15:10 | 000,002,457 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\HiJackThis.lnk
[2011/07/02 10:39:23 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\housecall.guid.cache
[2011/07/02 00:40:01 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/07/01 20:27:12 | 000,004,520 | ---- | C] () -- C:\WINDOWS\System32\entitlement.xml
[2011/07/01 20:20:15 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/01 18:50:53 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\WINWORD.lnk
[2011/07/01 14:33:19 | 000,031,536 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\vicars (2).jpg
[2011/07/01 10:04:59 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Dell Wireless.lnk
[2011/06/30 19:50:10 | 000,026,814 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\cc_20110630_195005.reg
[2011/06/30 19:13:37 | 000,000,680 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2011/06/30 18:31:12 | 000,000,022 | ---- | C] () -- C:\WINDOWS\tpcsd
[2011/06/30 00:20:26 | 000,020,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/06/29 22:37:44 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk
[2011/06/29 22:07:44 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/29 22:07:14 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Windows Media Player.lnk
[2011/06/29 21:55:49 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Safari.lnk
[2011/06/29 21:55:28 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Safari.lnk
[2011/06/29 21:44:58 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/06/29 21:44:07 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Opera.lnk
[2011/06/29 21:40:24 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/06/29 21:39:32 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/29 21:36:08 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Google Chrome.lnk
[2011/06/29 19:35:59 | 000,000,536 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Show Desktop.lnk
[2011/06/29 19:30:20 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/29 19:30:20 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/29 19:30:20 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/29 14:26:27 | 000,055,284 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\changing.JPG
[2011/06/26 00:02:54 | 003,023,473 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Approaching Arundel Castle.jpg
[2011/06/25 23:59:47 | 003,490,037 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Banners.jpg
[2011/06/25 23:55:11 | 003,396,871 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Fr Weston & Fr Kevin at Arundel Castle.jpg
[2011/06/25 23:54:00 | 003,436,303 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Procession to Arundel Castle.jpg
[2011/06/25 23:48:33 | 004,028,964 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Carpet of Flowers.jpg
[2011/06/25 23:43:17 | 004,305,127 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi 2011 Procession leaving Arundel Castle.jpg
[2011/06/25 23:27:44 | 003,707,227 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Fr Weston and others.jpg
[2011/06/25 23:16:51 | 019,222,888 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1711.AVI
[2011/06/25 23:16:44 | 029,049,304 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1710.AVI
[2011/06/25 23:16:37 | 027,107,616 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1687.AVI
[2011/06/25 23:15:45 | 214,190,946 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1648.AVI
[2011/06/25 23:15:40 | 018,514,288 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1589.AVI
[2011/06/25 23:14:29 | 290,165,808 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_0776.AVI
[2011/06/25 23:14:29 | 003,174,843 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1709.JPG
[2011/06/25 23:14:28 | 003,552,005 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1708.JPG
[2011/06/25 23:14:28 | 003,504,249 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1707.JPG
[2011/06/25 23:14:28 | 003,125,122 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1706.JPG
[2011/06/25 23:14:27 | 003,157,322 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1704.JPG
[2011/06/25 23:14:27 | 002,324,060 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1705.JPG
[2011/06/25 23:14:26 | 003,594,031 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1702.JPG
[2011/06/25 23:14:26 | 003,500,115 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1703.JPG
[2011/06/25 23:14:26 | 003,304,770 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1701.JPG
[2011/06/25 23:14:25 | 003,494,698 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1699.JPG
[2011/06/25 23:14:25 | 003,009,582 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1700.JPG
[2011/06/25 23:14:24 | 003,513,911 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1698.JPG
[2011/06/25 23:14:24 | 003,128,976 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1697.JPG
[2011/06/25 23:14:24 | 003,127,412 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1696.JPG
[2011/06/25 23:14:23 | 003,590,343 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1694.JPG
[2011/06/25 23:14:23 | 003,548,177 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1695.JPG
[2011/06/25 23:14:22 | 003,540,329 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1690.JPG
[2011/06/25 23:14:22 | 003,365,558 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1691.JPG
[2011/06/25 23:14:21 | 003,236,636 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1688.JPG
[2011/06/25 23:14:21 | 003,148,489 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1686.JPG
[2011/06/25 23:14:20 | 003,095,973 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1684.JPG
[2011/06/25 23:14:20 | 003,072,704 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1685.JPG
[2011/06/25 23:14:20 | 000,132,509 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1713.JPG
[2011/06/25 23:14:20 | 000,125,516 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1712.JPG
[2011/06/09 20:42:24 | 000,002,258 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Repair.vbs
[2011/05/21 23:22:20 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2011/03/03 01:07:00 | 000,404,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/09 13:25:41 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Fkusuvonejec.dat
[2011/02/09 13:25:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Qvadohitozofaney.bin
[2010/07/16 20:05:36 | 000,000,048 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/29 14:24:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/10 05:31:30 | 002,974,071 | ---- | C] () -- C:\WINDOWS\System32\bgd.dll
[2010/01/31 01:12:08 | 000,000,736 | ---- | C] () -- C:\WINDOWS\SamsungMaster.INI
[2010/01/30 18:09:24 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/01/30 18:09:23 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/01/30 18:09:23 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\vidccleaner.exe
[2010/01/26 23:02:12 | 000,000,138 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2010/01/22 11:34:23 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\dlcdcfg.dll
[2010/01/22 11:33:47 | 000,638,976 | ---- | C] () -- C:\WINDOWS\System32\dlcdpmui.dll
[2010/01/22 11:33:47 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcdins.dll
[2010/01/22 11:33:47 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcdinsr.dll
[2010/01/22 11:33:46 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\dlcdih.exe
[2010/01/22 11:33:46 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\dlcdcfg.exe
[2010/01/22 11:33:46 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlcdpplc.dll
[2010/01/22 11:33:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcdvs.dll
[2010/01/22 11:33:45 | 001,134,592 | ---- | C] () -- C:\WINDOWS\System32\dlcdusb1.dll
[2010/01/22 11:33:45 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\dlcdhbn3.dll
[2010/01/22 11:33:45 | 000,483,328 | ---- | C] () -- C:\WINDOWS\System32\dlcdlmpm.dll
[2010/01/22 11:33:45 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\dlcdcomm.dll
[2010/01/22 11:33:44 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\dlcdserv.dll
[2010/01/22 11:33:44 | 000,704,512 | ---- | C] () -- C:\WINDOWS\System32\dlcdcomc.dll
[2010/01/22 11:33:44 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\dlcdcoms.exe
[2010/01/22 11:33:44 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcdprox.dll
[2010/01/22 11:33:42 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlcdutil.dll
[2010/01/22 11:33:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcdcu.dll
[2010/01/22 11:33:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcdcur.dll
[2010/01/22 11:33:40 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcdinsb.dll
[2010/01/22 11:33:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcdcub.dll
[2010/01/22 11:33:39 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlcdjswr.dll
[2009/11/24 02:40:31 | 000,000,066 | -H-- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/09/01 13:13:38 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\StopSrvr.exe
[2009/06/18 12:34:25 | 000,000,022 | ---- | C] () -- C:\Program Files\clean202.zip
[2009/06/10 20:50:47 | 000,003,140 | --S- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/06/10 20:50:47 | 000,000,088 | R-S- | C] () -- C:\WINDOWS\System32\B46683A6B3.sys
[2009/06/10 19:19:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/06/10 19:18:28 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/06/10 19:04:12 | 002,729,472 | ---- | C] () -- C:\WINDOWS\System32\fun_avcodec.dll
[2009/06/06 22:38:58 | 000,196,096 | ---- | C] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/05 11:29:11 | 000,109,782 | ---- | C] () -- C:\WINDOWS\CopernicAgentUninstall.exe
[2009/05/30 10:06:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/05/29 23:46:40 | 000,071,156 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/05/29 14:37:01 | 000,050,432 | -H-- | C] () -- C:\WINDOWS\System32\claptn.ini
[2009/05/29 14:37:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2009/05/29 14:37:01 | 000,000,054 | -H-- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/05/29 14:36:43 | 000,366,255 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2009/05/29 14:36:43 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2009/05/29 14:36:43 | 000,265,066 | ---- | C] () -- C:\WINDOWS\System32\CTSBAS2W.DAT
[2009/05/29 14:36:43 | 000,231,821 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2009/05/29 14:36:43 | 000,140,643 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2009/05/29 14:36:43 | 000,113,221 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2009/05/29 14:36:43 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2009/05/29 14:36:38 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2009/05/29 14:36:38 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2009/05/29 14:36:37 | 000,034,304 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2009/05/29 14:36:35 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2009/05/29 12:48:27 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2009/05/28 16:42:27 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\CoPrism.dll
[2009/05/28 15:50:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/05/28 15:49:28 | 000,341,832 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/28 15:18:05 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\fusioncache.dat
[2009/05/28 15:09:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/05/28 15:01:29 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | -H-- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | -H-- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | -H-- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/17 08:07:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2007/06/05 13:20:32 | 000,177,704 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2007/01/03 18:58:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlcdcoin.dll
[2006/12/19 08:15:20 | 000,065,154 | -H-- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2006/12/12 11:39:02 | 000,046,273 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/03/22 23:38:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 23:38:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/09/22 19:47:00 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:00:00 | 000,465,826 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:00:00 | 000,079,728 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2009/06/19 13:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/06/11 13:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2009/12/17 11:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/05/29 13:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/05/28 15:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/01/05 22:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2010/03/28 11:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2011/06/30 19:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/05/01 14:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010/03/28 10:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/01/05 20:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/01/05 19:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
[2011/05/25 18:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2011/07/01 07:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011/02/20 20:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2009/09/01 14:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Prism
[2011/05/08 20:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/11/10 15:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2011/07/01 18:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2009/06/20 16:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/10/14 22:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent
[2009/11/09 19:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2010/08/26 19:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virgin Broadband
[2011/05/12 21:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virgin Media
[2009/08/26 12:56:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirginMedia
[2010/05/12 01:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/05 22:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}
[2009/09/15 11:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/10/14 22:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7D4B3D1D-104E-4507-9123-568BC721B7E2}
[2009/05/31 22:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010/02/23 22:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Trusteer
[2009/08/31 09:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2011/05/09 19:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Windows Search
[2009/10/30 12:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Acronis
[2009/07/11 21:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Amazon
[2010/11/10 15:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\AnvSoft
[2009/05/29 19:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Auslogics
[2011/06/29 23:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Azumvi
[2011/06/11 13:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Babylon
[2009/06/05 11:29:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Copernic
[2010/01/05 20:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\DriverCure
[2011/04/24 12:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Dropbox
[2009/08/21 19:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\ErrorExpert
[2010/03/24 01:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Facebook
[2011/05/20 17:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\FileZilla
[2010/12/07 16:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Gycyen
[2009/06/05 15:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\ICAClient
[2011/06/11 07:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\ICQ
[2009/06/26 14:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\iLike
[2011/05/17 20:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Imfua
[2010/01/26 23:09:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Leadertech
[2010/11/10 15:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\OpenCandy
[2010/06/24 17:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Opera
[2011/03/02 23:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\PCDr
[2011/02/20 20:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\PPlive
[2010/12/19 23:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Qaulu
[2011/05/18 01:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Quep
[2011/07/03 00:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\QuickScan
[2010/06/23 00:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Qyvufi
[2010/08/26 19:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Radialpoint
[2009/06/10 19:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Samsung
[2009/09/21 22:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Suah
[2010/01/05 22:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\System Tweaker
[2009/11/09 19:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Trusteer
[2010/01/05 20:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Uniblue
[2010/08/26 19:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Virgin Broadband
[2011/05/12 21:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Virgin Media
[2011/02/17 16:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Windows Desktop Search
[2009/06/01 14:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Windows Search
[2009/11/09 19:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Trusteer
[2011/07/03 20:35:58 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/06/22 10:18:45 | 000,000,538 | ---- | M] () -- C:\WINDOWS\Tasks\Auslogics Console Defragmentation.job
[2011/06/25 11:28:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/07/03 20:34:36 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Reviver-nealfamily-Startup.job
[2011/07/03 09:39:08 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %USERPROFILE%\..|smtmp;true;true;true /FP >


< MD5 for: EXPLORER.EXE >
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/10 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 01:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2004/08/10 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/10 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/10 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 13:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 13:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 13:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/05/23 12:08:15 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/05/23 12:08:15 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/05/23 12:08:15 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/05/23 12:08:15 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/16 05:32:40 | 000,712,976 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/16 05:32:38 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/06/24 07:25:50 | 001,012,792 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 13:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 13:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 13:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/05/23 12:08:15 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/05/23 12:08:15 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/05/23 12:08:15 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/05/23 12:08:15 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)

========== Files - Unicode (All) ==========
[2011/06/01 17:01:30 | 000,012,899 | ---- | M] ()(C:\Documents and Settings\nealfamily\Desktop\? ??sta? e??a? ? p?? ????? ap? t??? t?sse???.docx) -- C:\Documents and Settings\nealfamily\Desktop\Ο Κώστας είναι ο πιο ψηλος από τους τέσσερις.docx
[2011/06/01 17:01:30 | 000,012,899 | ---- | C] ()(C:\Documents and Settings\nealfamily\Desktop\? ??sta? e??a? ? p?? ????? ap? t??? t?sse???.docx) -- C:\Documents and Settings\nealfamily\Desktop\Ο Κώστας είναι ο πιο ψηλος από τους τέσσερις.docx
[2011/03/02 18:50:02 | 000,012,607 | ---- | M] ()(C:\Documents and Settings\nealfamily\Desktop\p??aµe ??a µ?a ß??ta st?? pa?a??a.docx) -- C:\Documents and Settings\nealfamily\Desktop\πήγαμε για μια βόλτα στην παραλία.docx
[2011/03/01 20:29:48 | 000,012,607 | ---- | C] ()(C:\Documents and Settings\nealfamily\Desktop\p??aµe ??a µ?a ß??ta st?? pa?a??a.docx) -- C:\Documents and Settings\nealfamily\Desktop\πήγαμε για μια βόλτα στην παραλία.docx
[2010/11/17 18:46:35 | 000,010,843 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\??? pe?asµ??? ??µpt? ? ???? µa? Lucy ???d?se d?? e?s?t???a ??a t?.docx) -- C:\Documents and Settings\nealfamily\My Documents\Την περασμένη Πέμπτη η κόρη μας Lucy κέρδισε δύο εισιτήρια για το.docx
[2010/11/17 18:46:35 | 000,010,843 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\??? pe?asµ??? ??µpt? ? ???? µa? Lucy ???d?se d?? e?s?t???a ??a t?.docx) -- C:\Documents and Settings\nealfamily\My Documents\Την περασμένη Πέμπτη η κόρη μας Lucy κέρδισε δύο εισιτήρια για το.docx
[2010/11/17 14:23:39 | 000,012,781 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\??a d?aµ???sµa ???t? st? ???t??.docx) -- C:\Documents and Settings\nealfamily\My Documents\Ένα διαμἐρισμα κοντά στο κέντρο.docx
[2010/11/16 18:43:42 | 000,012,781 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\??a d?aµ???sµa ???t? st? ???t??.docx) -- C:\Documents and Settings\nealfamily\My Documents\Ένα διαμἐρισμα κοντά στο κέντρο.docx
[2010/10/20 18:49:17 | 000,012,075 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\?? p????? µa?e?t??e.docx) -- C:\Documents and Settings\nealfamily\My Documents\Το πλήθος μαζεύτηκε.docx
[2010/10/20 18:49:17 | 000,012,075 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\?? p????? µa?e?t??e.docx) -- C:\Documents and Settings\nealfamily\My Documents\Το πλήθος μαζεύτηκε.docx
[2010/05/25 16:14:30 | 000,013,405 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\??s 2 & 3.docx) -- C:\Documents and Settings\nealfamily\My Documents\Νοσ 2 & 3.docx
[2010/05/25 14:03:33 | 000,013,405 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\??s 2 & 3.docx) -- C:\Documents and Settings\nealfamily\My Documents\Νοσ 2 & 3.docx
[2010/05/25 13:04:17 | 000,012,858 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\?? 1.docx) -- C:\Documents and Settings\nealfamily\My Documents\Νο 1.docx
[2010/05/24 18:52:27 | 000,012,858 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\?? 1.docx) -- C:\Documents and Settings\nealfamily\My Documents\Νο 1.docx
[2010/02/09 22:06:39 | 000,016,478 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\?e??t??.docx) -- C:\Documents and Settings\nealfamily\My Documents\Πελάτης.docx
[2010/02/08 23:33:44 | 000,016,478 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\?e??t??.docx) -- C:\Documents and Settings\nealfamily\My Documents\Πελάτης.docx
[2009/12/02 19:37:36 | 000,012,062 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\? ?????.docx) -- C:\Documents and Settings\nealfamily\My Documents\Η Ελἐνη.docx
[2009/11/24 19:42:14 | 000,012,062 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\? ?????.docx) -- C:\Documents and Settings\nealfamily\My Documents\Η Ελἐνη.docx

========== Alternate Data Streams ==========

@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

< End of report >
  • 0

#7
Essexboy
Posted 03 July 2011 - 03:13 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No there will be no extras text as this was run 2, it only produces it on the initial run :unsure:

You are doing well so far :) What are your current problems ?

I will remove a few elements with OTL now and once this has run could you continue with the aswMBR run. The aswMBR may take about half an hour as you have Avast installed, and the Avast engine will be invoked to do a quick system scan

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
    IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
    IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
    IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
    IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
    IE - HKU\S-1-5-21-527237240-606747145-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
    [2011/02/09 13:25:40 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\NEALFAMILY\LOCAL SETTINGS\APPLICATION DATA\{92E6396C-1D59-4D9B-B5E6-57529E904A9D}
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKU\S-1-5-21-527237240-606747145-725345543-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} Reg Error: Value error. (Reg Error: Key error.)
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} Reg Error: Value error. (Reg Error: Key error.)
    [2011/02/09 13:25:41 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Fkusuvonejec.dat
    [2011/02/09 13:25:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Qvadohitozofaney.bin

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#8
Channeal
Posted 04 July 2011 - 03:43 AM

Channeal

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 879 posts
Sorry.... I thought I had made it clear that I am not actually having any problems as such at the moment - I was just freaked out by the fact that 2 programs (StopZilla and CA Internet Security) were saying the virus was still present. Is it possible they were picking up some small, unimportant element that the virus might have left behind? Maybe my registry cleaner has now got rid of this element? I have no idea about these things really and was only trying to ensure that the problem does not suddenly re-emerge again at a later date!

One good thing is that the redirection problem I had been having for some time seems to have been solved now. Ad-Aware was the only program of the many I ran(including Malwarebytes) which picked up this Trojan.JS.Redirector.cd(v) along with another one called Trojan.Win32.Adware. It seems to me that, even if you think you have a good anti-malware program, there are lots of things that can get through! Nobody is really safe in cyberland!

Anyway, I did the remaining scans late last night and here are the results: -

OTL logfile created on: 03/07/2011 22:45:42 - Run 4
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Documents and Settings\nealfamily\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.50 Gb Total Physical Memory | 2.73 Gb Available Physical Memory | 78.11% Memory free
6.84 Gb Paging File | 6.18 Gb Available in Paging File | 90.48% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.99 Gb Total Space | 60.87 Gb Free Space | 40.86% Space Free | Partition Type: NTFS
Drive D: | 148.99 Gb Total Space | 147.17 Gb Free Space | 98.77% Space Free | Partition Type: NTFS

Computer Name: NEALFAMI-ED0CE4 | User Name: nealfamily | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/02 17:54:21 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\nealfamily\My Documents\Downloads\OTL.exe
PRC - [2011/06/28 12:19:47 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/06/28 12:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/06/05 11:56:09 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/05/17 17:45:56 | 000,735,648 | ---- | M] (Enigma Software Group USA, LLC.) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
PRC - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe
PRC - [2011/03/25 13:34:00 | 004,371,768 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe
PRC - [2011/03/23 14:12:58 | 001,406,264 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe
PRC - [2011/03/23 14:12:54 | 002,032,952 | ---- | M] (Virgin Media) -- C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/23 20:45:50 | 000,607,616 | ---- | M] (iExpert Software) -- C:\Program Files\Registry Clean Expert\RCHelper.exe
PRC - [2009/11/25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/02/23 14:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/08/22 07:36:12 | 000,037,888 | R--- | M] () -- C:\Program Files\Corel\Corel Photo Album 7\CorelIOMonitor.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/12/12 11:46:52 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exe
PRC - [2006/10/16 21:13:28 | 000,230,944 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2006/10/12 09:45:58 | 000,061,529 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVC.exe
PRC - [2006/10/12 09:44:48 | 000,385,113 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\PRISMSVR.exe
PRC - [2005/07/22 20:45:16 | 000,430,080 | ---- | M] (Dell) -- C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe
PRC - [2005/06/27 18:05:06 | 000,282,624 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 944\memcard.exe
PRC - [2005/06/21 21:19:38 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\dlcdcoms.exe
PRC - [2004/01/07 02:01:00 | 000,110,592 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe


========== Modules (SafeList) ==========

MOD - [2011/07/02 17:54:21 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\nealfamily\My Documents\Downloads\OTL.exe
MOD - [2011/06/05 11:56:50 | 000,043,520 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome10browserrecordhelper.dll
MOD - [2010/08/23 17:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/11/25 00:50:32 | 000,139,264 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll
MOD - [2009/07/12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008/04/14 01:11:58 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008/04/14 01:11:48 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2004/08/10 12:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
MOD - [2004/08/10 12:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/06/28 12:19:39 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/05/17 17:45:56 | 000,735,648 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2011/04/28 14:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/03/25 13:34:04 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Virgin Media\Service Manager\ServicepointService.exe -- (ServicepointService)
SRV - [2011/03/23 14:12:58 | 001,406,264 | ---- | M] (Virgin Media) [Auto | Running] -- C:\Program Files\Virgin Media\Digital Home Support\HsdService.exe -- (HsdService)
SRV - [2011/03/01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2009/11/25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/05/29 13:36:37 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/16 21:13:28 | 000,230,944 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006/10/12 09:45:58 | 000,061,529 | R--- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\WINDOWS\system32\PRISMSVC.exe -- (PRISMSVC)
SRV - [2005/06/21 21:19:38 | 000,491,520 | ---- | M] () [On_Demand | Running] -- C:\WINDOWS\System32\dlcdcoms.exe -- (dlcd_device)


========== Driver Services (SafeList) ==========

DRV - [2011/06/20 10:31:32 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/06/20 10:31:32 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/05/09 12:32:14 | 000,057,144 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\26762\RapportCerberus_26762.sys -- (RapportCerberus_26762)
DRV - [2011/05/06 09:57:10 | 000,013,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2011/04/28 14:34:50 | 000,066,360 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/04/28 14:34:50 | 000,053,816 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/04/28 14:34:48 | 000,158,904 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/11/25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/11/25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/11/25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/06/10 19:16:32 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/06/01 15:49:05 | 000,395,744 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/06/01 15:49:05 | 000,039,264 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/06/01 15:48:28 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008/05/14 00:08:04 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/06/18 04:01:28 | 000,514,560 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2006/12/19 09:36:54 | 001,160,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006/12/19 09:36:46 | 000,090,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006/12/19 09:36:42 | 000,156,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006/12/19 09:36:36 | 000,014,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006/12/19 09:36:32 | 000,128,312 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006/12/19 09:35:40 | 000,511,288 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/10/26 12:22:00 | 000,357,344 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PRISMA02.sys -- (DELL_A02)
DRV - [2005/08/30 17:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005/08/30 17:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005/08/30 17:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2005/08/30 01:49:38 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2005/08/30 01:49:34 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2005/08/30 01:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2005/07/13 17:18:00 | 000,340,704 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2003/12/08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003/12/08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003/11/17 21:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 21:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 21:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.rd.yahoo.c...earch.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.c...earch.yahoo.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A E1 DA 10 A1 E0 C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://uk.search.yah...ch?fr=ffsp1&p="
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://uk.my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: [email protected]:2.12
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: [email protected]:2.9.5.9
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {92E6396C-1D59-4D9B-B5E6-57529E904A9D}:1.9.1
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"


FF - HKLM\software\mozilla\Firefox\Extensions\\{92E6396C-1D59-4D9B-B5E6-57529E904A9D}: C:\Documents and Settings\nealfamily\Local Settings\Application Data\{92E6396C-1D59-4D9B-B5E6-57529E904A9D}
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/05 11:56:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/29 19:30:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/16 09:15:04 | 000,000,000 | ---D | M]

[2009/05/30 10:06:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Extensions
[2011/06/30 00:15:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions
[2010/06/25 13:51:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/10 12:10:24 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2011/03/18 17:26:31 | 000,000,000 | ---D | M] (FoxyTunes) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}
[2011/06/23 12:27:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/24 12:16:43 | 000,000,000 | ---D | M] (Surf Canyon - Search Engine Assistant) -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
[2011/03/06 22:57:23 | 000,000,000 | ---D | M] ("Amazon Toolbar") -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\[email protected]
[2010/10/22 18:26:20 | 000,000,000 | ---D | M] ("TurnTool Viewer") -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\extensions\[email protected]
[2011/04/09 20:37:15 | 000,002,572 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Mozilla\Firefox\Profiles\ky2x688f.default\searchplugins\informative-google-search.xml
[2011/06/29 19:30:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2009/09/19 13:22:20 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/06/16 05:32:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/08/16 17:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2008/08/16 17:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2008/08/16 17:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2008/05/21 08:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2008/05/21 08:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2008/05/21 08:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2008/08/16 17:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2008/08/16 17:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2011/07/03 22:37:37 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Wanadoo) - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\Program Files\Wanadoo\WSBar\WSBar.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Photo Album 7\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DHSClient.exe] C:\Program Files\Virgin Media\Digital Home Support\DHSClient.exe (Virgin Media)
O4 - HKLM..\Run: [DLCDCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.DLL ()
O4 - HKLM..\Run: [dlcdmon.exe] C:\Program Files\Dell Photo AIO Printer 944\dlcdmon.exe (Dell)
O4 - HKLM..\Run: [HitmanPro35] C:\Program Files\Hitman Pro 3.5\HitmanPro35.exe (SurfRight B.V.)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 944\memcard.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ServiceManager.exe] C:\Program Files\Virgin Media\Service Manager\ServiceManager.exe (Virgin Media)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [iLike] C:\Program Files\iLike\1.2.17\ilikesidebar.exe (iLike)
O4 - HKCU..\Run: [RegClean Expert Scheduler] C:\Program Files\Registry Clean Expert\RCHelper.exe (iExpert Software)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O8 - Extra context menu item: Search with Wanadoo - C:\Program Files\Wanadoo\WSBar\WSBar.dll ()
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: horsham.gov.uk ([remoteaccess] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} Reg Error: Value error. (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\PRISMAPI.DLL: DllName - PRISMAPI.DLL - C:\WINDOWS\System32\PRISMAPI.dll (Conexant Systems, Inc.)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\nealfamily\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\nealfamily\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/28 15:05:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/07/03 22:37:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/03 12:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Desktop\RK_Quarantine
[2011/07/03 00:41:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Application Data\QuickScan
[2011/07/02 11:15:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\HiJackThis
[2011/07/02 11:15:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/07/01 20:27:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2011/07/01 20:23:27 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/07/01 20:20:03 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/07/01 20:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/07/01 20:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/07/01 20:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/07/01 18:52:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Desktop\Computer Health
[2011/07/01 17:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/30 22:04:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Yahoo!
[2011/06/30 22:04:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\xerox
[2011/06/30 22:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Plus
[2011/06/30 22:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows NT
[2011/06/30 22:04:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Media Player
[2011/06/30 22:04:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Media Connect 2
[2011/06/30 22:04:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Live SkyDrive
[2011/06/30 22:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Live
[2011/06/30 22:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Windows Desktop Search
[2011/06/30 22:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Web Publish
[2011/06/30 22:04:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Wanadoo
[2011/06/30 22:04:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Virgin Media
[2011/06/30 22:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Veetle
[2011/06/30 22:04:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\US Digital Media
[2011/06/30 22:04:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Uniblue
[2011/06/30 22:04:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\TurnTool
[2011/06/30 22:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Trusteer
[2011/06/30 22:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Transparent
[2011/06/30 22:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Tesco
[2011/06/30 22:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\SystemRequirementsLab
[2011/06/30 22:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\SUPERAntiSpyware
[2011/06/30 22:04:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Spybot - Search & Destroy
[2011/06/30 22:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Sonic
[2011/06/30 22:04:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Skype
[2011/06/30 22:04:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\SigmaTel
[2011/06/30 22:04:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Shared
[2011/06/30 22:03:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Samsung
[2011/06/30 22:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Safari
[2011/06/30 22:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Registry Clean Expert
[2011/06/30 22:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Reference Assemblies
[2011/06/30 22:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\real
[2011/06/30 22:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\QuickTime
[2011/06/30 22:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Perfect Uninstaller
[2011/06/30 22:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\PCPitstop
[2011/06/30 22:03:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Outlook Express
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Opera
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Online Services
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\OJOsoft
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\NetMeeting
[2011/06/30 22:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\NCH Swift Sound
[2011/06/30 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\NCH Software
[2011/06/30 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\MSN Gaming Zone
[2011/06/30 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\MSN
[2011/06/30 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\MSBuild
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Mozilla Firefox
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Movie Maker
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\MixMeister EZ Vinyl Converter
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft.NET
[2011/06/30 22:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Works
[2011/06/30 22:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Visual Studio 8
[2011/06/30 22:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Visual Studio
[2011/06/30 22:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Sync Framework
[2011/06/30 22:03:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft SQL Server Compact Edition
[2011/06/30 22:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Silverlight
[2011/06/30 22:03:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Office Outlook Connector
[2011/06/30 22:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Office
[2011/06/30 22:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft Money 2005
[2011/06/30 22:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\microsoft frontpage
[2011/06/30 22:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Microsoft
[2011/06/30 22:02:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Messenger
[2011/06/30 22:02:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/30 22:02:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Java
[2011/06/30 22:02:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Jasc Software Inc
[2011/06/30 22:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\iTunes
[2011/06/30 22:01:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\iPod
[2011/06/30 22:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Intel
[2011/06/30 22:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\InstallShield Installation Information
[2011/06/30 22:01:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\iLike
[2011/06/30 22:01:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\ICQ7.5
[2011/06/30 22:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\ICQ6Toolbar
[2011/06/30 22:01:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Hitman Pro 3.5
[2011/06/30 22:01:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Google
[2011/06/30 22:01:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\GemMaster
[2011/06/30 22:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\FileZilla FTP Client
[2011/06/30 22:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\ESPNMotion
[2011/06/30 22:01:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Enigma Software Group
[2011/06/30 22:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\EnglishOtto
[2011/06/30 22:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Dl_cats
[2011/06/30 22:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\DIGStream
[2011/06/30 22:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Dell Wireless
[2011/06/30 22:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Dell Support Center
[2011/06/30 22:01:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Dell Photo AIO Printer 944
[2011/06/30 22:00:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Corel
[2011/06/30 22:00:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Copernic Agent
[2011/06/30 22:00:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\CONEXANT
[2011/06/30 22:00:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Common Files
[2011/06/30 22:00:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Citrix
[2011/06/30 22:00:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Broderbund
[2011/06/30 22:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Bonjour
[2011/06/30 22:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Axis Communications
[2011/06/30 22:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Auslogics
[2011/06/30 22:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\AudioLabel
[2011/06/30 22:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Audacity
[2011/06/30 22:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Apple Software Update
[2011/06/30 22:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Amazon
[2011/06/30 22:00:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Alwil Software
[2011/06/30 22:00:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Adobe
[2011/06/30 22:00:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\PIF
[2011/06/30 22:00:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Acronis
[2011/06/30 22:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Desktop\recovery
[2011/06/30 22:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\Abbyy FineReader 6.0 Sprint
[2011/06/30 21:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information
[2011/06/30 19:49:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\nealfamily\Recent
[2011/06/30 18:42:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hitman Pro 3.5
[2011/06/30 18:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2011/06/30 18:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Application Data\SUPERAntiSpyware.com
[2011/06/30 18:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/06/30 18:07:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/06/30 18:07:13 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/06/30 00:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/06/29 16:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Start Menu\Programs\SpyHunter
[2011/06/29 16:41:13 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2011/06/29 16:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2011/06/29 16:40:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2011/06/19 22:49:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/06/11 13:48:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\Babylon
[2011/06/11 13:48:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Application Data\Babylon
[2011/06/11 13:48:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2011/06/05 11:56:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/06/05 11:56:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2009/05/29 14:36:37 | 000,009,216 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
[2009/05/29 14:36:33 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2006/12/20 17:58:02 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdiesc.dll
[2006/12/20 17:47:32 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlcdinpa.dll
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/03 22:46:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/03 22:45:38 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-527237240-606747145-725345543-1003.job
[2011/07/03 22:45:37 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-527237240-606747145-725345543-1003.job
[2011/07/03 22:41:30 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/03 22:40:24 | 000,044,799 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/07/03 22:40:18 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/07/03 22:39:59 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/03 22:39:58 | 000,000,388 | ---- | M] () -- C:\WINDOWS\tasks\Registry Reviver-nealfamily-Startup.job
[2011/07/03 22:39:58 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2011/07/03 22:39:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/03 22:38:54 | 000,064,756 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000004-00001102-00000005-10031102}.rfx
[2011/07/03 22:38:54 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000004-00001102-00000005-10031102}.rfx
[2011/07/03 22:38:54 | 000,053,968 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000004-00001102-00000005-10031102}.rfx
[2011/07/03 22:38:54 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/07/03 22:38:54 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011/07/03 22:37:37 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/07/03 09:39:08 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2011/07/03 09:21:50 | 000,020,552 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/07/02 14:29:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/07/02 11:15:46 | 000,002,457 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\HiJackThis.lnk
[2011/07/02 10:39:23 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\housecall.guid.cache
[2011/07/01 20:27:12 | 000,004,520 | ---- | M] () -- C:\WINDOWS\System32\entitlement.xml
[2011/07/01 20:23:25 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/07/01 20:23:24 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/07/01 18:50:53 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\WINWORD.lnk
[2011/07/01 18:48:56 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Notepad.lnk
[2011/07/01 14:33:19 | 000,031,536 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\vicars (2).jpg
[2011/07/01 10:04:59 | 000,000,667 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Dell Wireless.lnk
[2011/06/30 19:50:13 | 000,026,814 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\cc_20110630_195005.reg
[2011/06/30 19:13:37 | 000,000,680 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2011/06/30 18:31:12 | 000,000,022 | ---- | M] () -- C:\WINDOWS\tpcsd
[2011/06/29 22:37:44 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk
[2011/06/29 22:07:44 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/29 22:07:14 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Windows Media Player.lnk
[2011/06/29 21:55:49 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Safari.lnk
[2011/06/29 21:55:28 | 000,000,598 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Safari.lnk
[2011/06/29 21:44:58 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/06/29 21:44:07 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Opera.lnk
[2011/06/29 21:40:24 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/06/29 21:36:08 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Google Chrome.lnk
[2011/06/29 21:36:08 | 000,000,783 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/29 21:03:22 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Windows Explorer.lnk
[2011/06/29 19:35:59 | 000,000,536 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Show Desktop.lnk
[2011/06/29 19:30:20 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/29 19:30:20 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/29 16:34:22 | 000,196,096 | ---- | M] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/27 19:09:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2011/06/26 00:02:54 | 003,023,473 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Approaching Arundel Castle.jpg
[2011/06/25 23:59:48 | 003,490,037 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Banners.jpg
[2011/06/25 23:55:12 | 003,396,871 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Fr Weston & Fr Kevin at Arundel Castle.jpg
[2011/06/25 23:54:02 | 003,436,303 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Procession to Arundel Castle.jpg
[2011/06/25 23:48:35 | 004,028,964 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Carpet of Flowers.jpg
[2011/06/25 23:43:19 | 004,305,127 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi 2011 Procession leaving Arundel Castle.jpg
[2011/06/25 23:27:45 | 003,707,227 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Fr Weston and others.jpg
[2011/06/25 11:28:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/06/25 00:45:44 | 000,132,509 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1713.JPG
[2011/06/25 00:45:22 | 000,125,516 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1712.JPG
[2011/06/23 20:19:04 | 019,222,888 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1711.AVI
[2011/06/23 20:05:16 | 029,049,304 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1710.AVI
[2011/06/23 19:52:52 | 003,174,843 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1709.JPG
[2011/06/23 19:51:28 | 003,552,005 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1708.JPG
[2011/06/23 19:43:26 | 003,504,249 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1707.JPG
[2011/06/23 19:42:30 | 003,125,122 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1706.JPG
[2011/06/23 19:37:30 | 002,324,060 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1705.JPG
[2011/06/23 19:31:46 | 003,157,322 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1704.JPG
[2011/06/23 19:31:02 | 003,500,115 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1703.JPG
[2011/06/23 19:30:50 | 003,594,031 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1702.JPG
[2011/06/23 19:30:38 | 003,304,770 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1701.JPG
[2011/06/23 19:30:12 | 003,009,582 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1700.JPG
[2011/06/23 19:29:50 | 003,494,698 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1699.JPG
[2011/06/23 19:29:20 | 003,513,911 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1698.JPG
[2011/06/23 19:28:48 | 003,128,976 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1697.JPG
[2011/06/23 19:27:10 | 003,127,412 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1696.JPG
[2011/06/23 19:24:10 | 003,548,177 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1695.JPG
[2011/06/23 19:21:16 | 003,590,343 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1694.JPG
[2011/06/23 19:18:22 | 003,365,558 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1691.JPG
[2011/06/23 19:17:48 | 003,540,329 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1690.JPG
[2011/06/23 19:13:48 | 003,236,636 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1688.JPG
[2011/06/23 19:03:52 | 027,107,616 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1687.AVI
[2011/06/23 16:42:50 | 003,148,489 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1686.JPG
[2011/06/23 16:33:58 | 003,072,704 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1685.JPG
[2011/06/23 16:33:46 | 003,095,973 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1684.JPG
[2011/06/22 10:18:45 | 000,000,538 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics Console Defragmentation.job
[2011/06/20 10:31:32 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/06/18 15:15:27 | 000,107,316 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Chequers Menu.pdf
[2011/06/16 01:27:39 | 000,465,826 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/16 01:27:39 | 000,079,728 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/11 16:24:32 | 214,190,946 | ---- | M] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1648.AVI
[2011/06/09 20:42:24 | 000,002,258 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Repair.vbs
[2011/06/05 11:56:14 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2011/06/04 19:58:23 | 000,000,252 | ---- | M] () -- C:\Documents and Settings\nealfamily\Desktop\Yahoo! Babel Fish - Text Translation and Web Page Translation.url
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/02 11:15:10 | 000,002,457 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\HiJackThis.lnk
[2011/07/02 10:39:23 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\housecall.guid.cache
[2011/07/02 00:40:01 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/07/01 20:27:12 | 000,004,520 | ---- | C] () -- C:\WINDOWS\System32\entitlement.xml
[2011/07/01 20:20:15 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/07/01 18:50:53 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\WINWORD.lnk
[2011/07/01 14:33:19 | 000,031,536 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\vicars (2).jpg
[2011/07/01 10:04:59 | 000,000,667 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Dell Wireless.lnk
[2011/06/30 19:50:10 | 000,026,814 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\cc_20110630_195005.reg
[2011/06/30 19:13:37 | 000,000,680 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2011/06/30 18:31:12 | 000,000,022 | ---- | C] () -- C:\WINDOWS\tpcsd
[2011/06/30 00:20:26 | 000,020,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011/06/29 22:37:44 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Outlook Express.lnk
[2011/06/29 22:07:44 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/29 22:07:14 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Windows Media Player.lnk
[2011/06/29 21:55:49 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Safari.lnk
[2011/06/29 21:55:28 | 000,000,598 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Safari.lnk
[2011/06/29 21:44:58 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2011/06/29 21:44:07 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Opera.lnk
[2011/06/29 21:40:24 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
[2011/06/29 21:39:32 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/29 21:36:08 | 000,000,783 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Google Chrome.lnk
[2011/06/29 19:35:59 | 000,000,536 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Show Desktop.lnk
[2011/06/29 19:30:20 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\nealfamily\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/29 19:30:20 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/29 19:30:20 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/29 14:26:27 | 000,055,284 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\changing.JPG
[2011/06/26 00:02:54 | 003,023,473 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Approaching Arundel Castle.jpg
[2011/06/25 23:59:47 | 003,490,037 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Banners.jpg
[2011/06/25 23:55:11 | 003,396,871 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Fr Weston & Fr Kevin at Arundel Castle.jpg
[2011/06/25 23:54:00 | 003,436,303 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Procession to Arundel Castle.jpg
[2011/06/25 23:48:33 | 004,028,964 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Carpet of Flowers.jpg
[2011/06/25 23:43:17 | 004,305,127 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi 2011 Procession leaving Arundel Castle.jpg
[2011/06/25 23:27:44 | 003,707,227 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\Corpus Christi - Fr Weston and others.jpg
[2011/06/25 23:16:51 | 019,222,888 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1711.AVI
[2011/06/25 23:16:44 | 029,049,304 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1710.AVI
[2011/06/25 23:16:37 | 027,107,616 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1687.AVI
[2011/06/25 23:15:45 | 214,190,946 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1648.AVI
[2011/06/25 23:15:40 | 018,514,288 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1589.AVI
[2011/06/25 23:14:29 | 290,165,808 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_0776.AVI
[2011/06/25 23:14:29 | 003,174,843 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1709.JPG
[2011/06/25 23:14:28 | 003,552,005 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1708.JPG
[2011/06/25 23:14:28 | 003,504,249 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1707.JPG
[2011/06/25 23:14:28 | 003,125,122 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1706.JPG
[2011/06/25 23:14:27 | 003,157,322 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1704.JPG
[2011/06/25 23:14:27 | 002,324,060 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1705.JPG
[2011/06/25 23:14:26 | 003,594,031 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1702.JPG
[2011/06/25 23:14:26 | 003,500,115 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1703.JPG
[2011/06/25 23:14:26 | 003,304,770 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1701.JPG
[2011/06/25 23:14:25 | 003,494,698 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1699.JPG
[2011/06/25 23:14:25 | 003,009,582 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1700.JPG
[2011/06/25 23:14:24 | 003,513,911 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1698.JPG
[2011/06/25 23:14:24 | 003,128,976 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1697.JPG
[2011/06/25 23:14:24 | 003,127,412 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1696.JPG
[2011/06/25 23:14:23 | 003,590,343 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1694.JPG
[2011/06/25 23:14:23 | 003,548,177 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1695.JPG
[2011/06/25 23:14:22 | 003,540,329 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1690.JPG
[2011/06/25 23:14:22 | 003,365,558 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1691.JPG
[2011/06/25 23:14:21 | 003,236,636 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1688.JPG
[2011/06/25 23:14:21 | 003,148,489 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1686.JPG
[2011/06/25 23:14:20 | 003,095,973 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1684.JPG
[2011/06/25 23:14:20 | 003,072,704 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1685.JPG
[2011/06/25 23:14:20 | 000,132,509 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1713.JPG
[2011/06/25 23:14:20 | 000,125,516 | ---- | C] () -- C:\Documents and Settings\nealfamily\My Documents\SAM_1712.JPG
[2011/06/09 20:42:24 | 000,002,258 | ---- | C] () -- C:\Documents and Settings\nealfamily\Desktop\Repair.vbs
[2011/05/21 23:22:20 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2011/03/03 01:07:00 | 000,404,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/07/16 20:05:36 | 000,000,048 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/29 14:24:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/10 05:31:30 | 002,974,071 | ---- | C] () -- C:\WINDOWS\System32\bgd.dll
[2010/01/31 01:12:08 | 000,000,736 | ---- | C] () -- C:\WINDOWS\SamsungMaster.INI
[2010/01/30 18:09:24 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/01/30 18:09:23 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/01/30 18:09:23 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\vidccleaner.exe
[2010/01/26 23:02:12 | 000,000,138 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2010/01/22 11:34:23 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\dlcdcfg.dll
[2010/01/22 11:33:47 | 000,638,976 | ---- | C] () -- C:\WINDOWS\System32\dlcdpmui.dll
[2010/01/22 11:33:47 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcdins.dll
[2010/01/22 11:33:47 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlcdinsr.dll
[2010/01/22 11:33:46 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\dlcdih.exe
[2010/01/22 11:33:46 | 000,368,640 | ---- | C] () -- C:\WINDOWS\System32\dlcdcfg.exe
[2010/01/22 11:33:46 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlcdpplc.dll
[2010/01/22 11:33:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlcdvs.dll
[2010/01/22 11:33:45 | 001,134,592 | ---- | C] () -- C:\WINDOWS\System32\dlcdusb1.dll
[2010/01/22 11:33:45 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\dlcdhbn3.dll
[2010/01/22 11:33:45 | 000,483,328 | ---- | C] () -- C:\WINDOWS\System32\dlcdlmpm.dll
[2010/01/22 11:33:45 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\dlcdcomm.dll
[2010/01/22 11:33:44 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\dlcdserv.dll
[2010/01/22 11:33:44 | 000,704,512 | ---- | C] () -- C:\WINDOWS\System32\dlcdcomc.dll
[2010/01/22 11:33:44 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\dlcdcoms.exe
[2010/01/22 11:33:44 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\dlcdprox.dll
[2010/01/22 11:33:42 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\dlcdutil.dll
[2010/01/22 11:33:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\dlcdcu.dll
[2010/01/22 11:33:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dlcdcur.dll
[2010/01/22 11:33:40 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlcdinsb.dll
[2010/01/22 11:33:40 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlcdcub.dll
[2010/01/22 11:33:39 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\dlcdjswr.dll
[2009/11/24 02:40:31 | 000,000,066 | -H-- | C] () -- C:\WINDOWS\cdplayer.ini
[2009/09/01 13:13:38 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\StopSrvr.exe
[2009/06/18 12:34:25 | 000,000,022 | ---- | C] () -- C:\Program Files\clean202.zip
[2009/06/10 20:50:47 | 000,003,140 | --S- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/06/10 20:50:47 | 000,000,088 | R-S- | C] () -- C:\WINDOWS\System32\B46683A6B3.sys
[2009/06/10 19:19:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/06/10 19:18:28 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/06/10 19:04:12 | 002,729,472 | ---- | C] () -- C:\WINDOWS\System32\fun_avcodec.dll
[2009/06/06 22:38:58 | 000,196,096 | ---- | C] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/05 11:29:11 | 000,109,782 | ---- | C] () -- C:\WINDOWS\CopernicAgentUninstall.exe
[2009/05/30 10:06:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/05/29 23:46:40 | 000,071,156 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/05/29 14:37:01 | 000,050,432 | -H-- | C] () -- C:\WINDOWS\System32\claptn.ini
[2009/05/29 14:37:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2009/05/29 14:37:01 | 000,000,054 | -H-- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/05/29 14:36:43 | 000,366,255 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2009/05/29 14:36:43 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2009/05/29 14:36:43 | 000,265,066 | ---- | C] () -- C:\WINDOWS\System32\CTSBAS2W.DAT
[2009/05/29 14:36:43 | 000,231,821 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2009/05/29 14:36:43 | 000,140,643 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2009/05/29 14:36:43 | 000,113,221 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2009/05/29 14:36:43 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2009/05/29 14:36:38 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2009/05/29 14:36:38 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2009/05/29 14:36:37 | 000,034,304 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2009/05/29 14:36:35 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2009/05/29 12:48:27 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2009/05/28 16:42:27 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\CoPrism.dll
[2009/05/28 15:50:56 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/05/28 15:49:28 | 000,341,832 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/05/28 15:18:05 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\nealfamily\Local Settings\Application Data\fusioncache.dat
[2009/05/28 15:09:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/05/28 15:01:29 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | -H-- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | -H-- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | -H-- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/17 08:07:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2007/06/05 13:20:32 | 000,177,704 | ---- | C] () -- C:\WINDOWS\System32\PSIService.exe
[2007/01/03 18:58:58 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlcdcoin.dll
[2006/12/19 08:15:20 | 000,065,154 | -H-- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2006/12/12 11:39:02 | 000,046,273 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2005/08/05 14:01:54 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/03/22 23:38:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 23:38:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/09/22 19:47:00 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:00:00 | 000,465,826 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:00:00 | 000,079,728 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2009/06/19 13:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2011/06/11 13:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2009/12/17 11:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/05/29 13:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/05/28 15:18:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/01/05 22:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2010/03/28 11:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2011/06/30 19:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/05/01 14:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010/03/28 10:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/01/05 20:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/01/05 19:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
[2011/05/25 18:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2011/07/01 07:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011/02/20 20:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2009/09/01 14:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Prism
[2011/05/08 20:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/11/10 15:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2011/07/01 18:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2009/06/20 16:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/10/14 22:00:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent
[2009/11/09 19:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2010/08/26 19:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virgin Broadband
[2011/05/12 21:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virgin Media
[2009/08/26 12:56:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirginMedia
[2010/05/12 01:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/05 22:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{5A76C6B3-3FA8-46D0-AA81-62C3805E38BC}
[2009/09/15 11:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/10/14 22:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7D4B3D1D-104E-4507-9123-568BC721B7E2}
[2009/05/31 22:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/10/30 12:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Acronis
[2009/07/11 21:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Amazon
[2010/11/10 15:09:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\AnvSoft
[2009/05/29 19:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Auslogics
[2011/06/29 23:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Azumvi
[2011/06/11 13:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Babylon
[2009/06/05 11:29:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Copernic
[2010/01/05 20:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\DriverCure
[2011/04/24 12:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Dropbox
[2009/08/21 19:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\ErrorExpert
[2010/03/24 01:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Facebook
[2011/05/20 17:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\FileZilla
[2010/12/07 16:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Gycyen
[2009/06/05 15:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\ICAClient
[2011/06/11 07:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\ICQ
[2009/06/26 14:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\iLike
[2011/05/17 20:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Imfua
[2010/01/26 23:09:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Leadertech
[2010/11/10 15:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\OpenCandy
[2010/06/24 17:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Opera
[2011/03/02 23:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\PCDr
[2011/02/20 20:29:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\PPlive
[2010/12/19 23:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Qaulu
[2011/05/18 01:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Quep
[2011/07/03 21:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\QuickScan
[2010/06/23 00:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Qyvufi
[2010/08/26 19:02:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Radialpoint
[2009/06/10 19:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Samsung
[2009/09/21 22:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Suah
[2010/01/05 22:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\System Tweaker
[2009/11/09 19:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Trusteer
[2010/01/05 20:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Uniblue
[2010/08/26 19:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Virgin Broadband
[2011/05/12 21:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Virgin Media
[2011/02/17 16:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Windows Desktop Search
[2009/06/01 14:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nealfamily\Application Data\Windows Search
[2011/07/03 22:41:30 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/06/22 10:18:45 | 000,000,538 | ---- | M] () -- C:\WINDOWS\Tasks\Auslogics Console Defragmentation.job
[2011/06/25 11:28:06 | 000,000,564 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/07/03 22:39:58 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\Registry Reviver-nealfamily-Startup.job
[2011/07/03 09:39:08 | 000,000,432 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/06/01 17:01:30 | 000,012,899 | ---- | M] ()(C:\Documents and Settings\nealfamily\Desktop\? ??sta? e??a? ? p?? ????? ap? t??? t?sse???.docx) -- C:\Documents and Settings\nealfamily\Desktop\Ο Κώστας είναι ο πιο ψηλος από τους τέσσερις.docx
[2011/06/01 17:01:30 | 000,012,899 | ---- | C] ()(C:\Documents and Settings\nealfamily\Desktop\? ??sta? e??a? ? p?? ????? ap? t??? t?sse???.docx) -- C:\Documents and Settings\nealfamily\Desktop\Ο Κώστας είναι ο πιο ψηλος από τους τέσσερις.docx
[2011/03/02 18:50:02 | 000,012,607 | ---- | M] ()(C:\Documents and Settings\nealfamily\Desktop\p??aµe ??a µ?a ß??ta st?? pa?a??a.docx) -- C:\Documents and Settings\nealfamily\Desktop\πήγαμε για μια βόλτα στην παραλία.docx
[2011/03/01 20:29:48 | 000,012,607 | ---- | C] ()(C:\Documents and Settings\nealfamily\Desktop\p??aµe ??a µ?a ß??ta st?? pa?a??a.docx) -- C:\Documents and Settings\nealfamily\Desktop\πήγαμε για μια βόλτα στην παραλία.docx
[2010/11/17 18:46:35 | 000,010,843 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\??? pe?asµ??? ??µpt? ? ???? µa? Lucy ???d?se d?? e?s?t???a ??a t?.docx) -- C:\Documents and Settings\nealfamily\My Documents\Την περασμένη Πέμπτη η κόρη μας Lucy κέρδισε δύο εισιτήρια για το.docx
[2010/11/17 18:46:35 | 000,010,843 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\??? pe?asµ??? ??µpt? ? ???? µa? Lucy ???d?se d?? e?s?t???a ??a t?.docx) -- C:\Documents and Settings\nealfamily\My Documents\Την περασμένη Πέμπτη η κόρη μας Lucy κέρδισε δύο εισιτήρια για το.docx
[2010/11/17 14:23:39 | 000,012,781 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\??a d?aµ???sµa ???t? st? ???t??.docx) -- C:\Documents and Settings\nealfamily\My Documents\Ένα διαμἐρισμα κοντά στο κέντρο.docx
[2010/11/16 18:43:42 | 000,012,781 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\??a d?aµ???sµa ???t? st? ???t??.docx) -- C:\Documents and Settings\nealfamily\My Documents\Ένα διαμἐρισμα κοντά στο κέντρο.docx
[2010/10/20 18:49:17 | 000,012,075 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\?? p????? µa?e?t??e.docx) -- C:\Documents and Settings\nealfamily\My Documents\Το πλήθος μαζεύτηκε.docx
[2010/10/20 18:49:17 | 000,012,075 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\?? p????? µa?e?t??e.docx) -- C:\Documents and Settings\nealfamily\My Documents\Το πλήθος μαζεύτηκε.docx
[2010/05/25 16:14:30 | 000,013,405 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\??s 2 & 3.docx) -- C:\Documents and Settings\nealfamily\My Documents\Νοσ 2 & 3.docx
[2010/05/25 14:03:33 | 000,013,405 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\??s 2 & 3.docx) -- C:\Documents and Settings\nealfamily\My Documents\Νοσ 2 & 3.docx
[2010/05/25 13:04:17 | 000,012,858 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\?? 1.docx) -- C:\Documents and Settings\nealfamily\My Documents\Νο 1.docx
[2010/05/24 18:52:27 | 000,012,858 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\?? 1.docx) -- C:\Documents and Settings\nealfamily\My Documents\Νο 1.docx
[2010/02/09 22:06:39 | 000,016,478 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\?e??t??.docx) -- C:\Documents and Settings\nealfamily\My Documents\Πελάτης.docx
[2010/02/08 23:33:44 | 000,016,478 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\?e??t??.docx) -- C:\Documents and Settings\nealfamily\My Documents\Πελάτης.docx
[2009/12/02 19:37:36 | 000,012,062 | ---- | M] ()(C:\Documents and Settings\nealfamily\My Documents\? ?????.docx) -- C:\Documents and Settings\nealfamily\My Documents\Η Ελἐνη.docx
[2009/11/24 19:42:14 | 000,012,062 | ---- | C] ()(C:\Documents and Settings\nealfamily\My Documents\? ?????.docx) -- C:\Documents and Settings\nealfamily\My Documents\Η Ελἐνη.docx

========== Alternate Data Streams ==========

@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

< End of report >

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

aswMBR version 0.9.7.675 Copyright© 2011 AVAST Software
Run date: 2011-07-03 22:52:42
-----------------------------
22:52:42.859 OS Version: Windows 5.1.2600 Service Pack 3
22:52:42.859 Number of processors: 2 586 0x403
22:52:42.859 ComputerName: NEALFAMI-ED0CE4 UserName: nealfamily
22:52:43.593 Initialize success
22:56:27.609 AVAST engine defs: 11070301
22:56:33.156 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-18
22:56:33.156 Disk 0 Vendor: WDC_WD1600AAJS-75WAA0 58.01D58 Size: 152587MB BusType: 3
22:56:33.156 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-20
22:56:33.156 Disk 1 Vendor: WDC_WD1600AAJS-75WAA0 58.01D58 Size: 152587MB BusType: 3
22:56:35.187 Disk 0 MBR read successfully
22:56:35.187 Disk 0 MBR scan
22:56:35.187 Disk 0 Windows XP default MBR code
22:56:37.187 Disk 0 scanning sectors +312464250
22:56:37.203 Disk 0 scanning C:\WINDOWS\system32\drivers
22:56:50.031 Service scanning
22:56:50.968 Disk 0 trace - called modules:
22:56:50.984 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
22:56:50.984 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b2fbab8]
22:56:50.984 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-18[0x8b2e7b00]
22:56:51.687 AVAST engine scan C:\WINDOWS
23:25:07.984 AVAST engine scan C:\Documents and Settings\nealfamily
00:09:38.000 AVAST engine scan C:\Documents and Settings\All Users
00:14:36.750 Scan finished successfully
00:16:04.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\nealfamily\Desktop\MBR.dat"
00:16:04.640 The log file has been saved successfully to "C:\Documents and Settings\nealfamily\Desktop\aswMBR.txt"

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Once again, thank you so much for your help.

Chris.
  • 0

#9
Essexboy
Posted 04 July 2011 - 10:39 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK methinks we have it all now, bar one that I missed :)

Automated tools will never be able to clean all the malware, for that you need the human eye :unsure:

I would recommend that you uninstall the following programmes and leave the malware detection/cleaning to Superantispyware and Malwarebytes, with the virus work being done by Avast

HitmanPro35
RegClean
Sunbelt
Lavasoft
Spybot - Search & Destroy
Registry Clean Expert
Enigma Software Group
SpyHunter

After this run could you do a final check to ensure that all your programmes and folders are visible and nothing else untoward is happening

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    [2011/06/30 22:00:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nealfamily\Desktop\recovery

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#10
Channeal
Posted 05 July 2011 - 04:00 AM

Channeal

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 879 posts
Hi again. I am a bit puzzled by some of your recommendations, so perhaps you could explain a little bit more......


HitmanPro35

Have got rid of this as suggested.

RegClean

I believe I did have this program for a while a long time ago, but was not aware that any part of it was still here. I have run a search for it and cannot find any trace myself - so have no idea how to delete it! There is no reference to it in the programs folder.


Sunbelt

Again, I had no knowledge of anything about this. A search engine revealed that it is to do with a program called Vipre, but I have no memory of ever having that on here. There is no reference to it in the programs folder - but a search revealed that there is a folder called C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Sunbelt Software which has a Program called CounterSpy in it. This program has a quarantine folder which was created last Friday! Very odd, as I have no memory of being aware of anything to do with CounterSpy!


Spybot - Search & Destroy

I have had this program for many years, having been recommended to use it by somebody in another tech forum many moons ago! Ok, I suppose I could delete this if you really advise it - I guess am not aware that it has done anything wonderful for me!

Enigma Software Group
SpyHunter

I think these are one and the same thing? I believe I said previously that I paid for SpyHunter the other day when I got the Windows XP Recovery virus. Although it didn't ultimately cure the problem for all time, it did enable me to block it and run other scans, so it was not completely useless. However, I have now deleted it (in spite of being upset that I apparently wasted my money! Lol!)


Registry Clean Expert

This is a difficult one! I bought this program a year ago as I was having problems with error messages coming up every time the computer started up - and it cured the problems for me. I read somewhere that it is one one the best registry cleaners you can get! But maybe not......


Lavasoft (Ad-Aware)

This is the hardest one of all - I really do not want to delete it! I think that both Malwarebytes and SuperAntiSpyware programs possibly failed to pick up the Windows XP Recovery virus when I ran them whilst at least parts of the virus were still present(there is a slight doubt in my mind about Malwarebytes, as I think I ended up with two copies of it on here and I wondered if that could have caused a problem with the program) For certain, Ad-aware was the only program to pick up my redirection problem caused by Trojan.Js.Redirector.cd(v) - the other two both missed it! So, I really do not see why AdAware should go! Of course, you know much more about these things than I do - and I am sure that you have good reasons for suggesting they should be deleted. I would be very grateful if you could explain further though!

Sorry to be a pain.....

Chris.
  • 0

#11
Essexboy
Posted 05 July 2011 - 10:49 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No they are all valid questions - let me give my rationale behind it. The current front runners in malware removal are Malwarebytes followed by Superantispyware

Spybot - Search & Destroy : at the moment it cannot clean or repair the majority of new malware, there may be improvements on the way though. For the protection elements that it provides then Winpatrol (free) is an excellent substitute

SpyHunter again not very good as with any severe infection it does not quite hit the mark, and is easily disabled

HitmanPro35 with this there is a 10% chance of making your system unbootable if there is a rootkit/bootkit infection

Registry Clean Expert we never condone the use of registry cleaners as the gains you can make are in the order of microseconds, and if the wrong key/value is removed it could make your system unusable. A little reading to see why we do not recommend them - Registry Cleaners

Lavasoft (Ad-Aware) Hmm this is a bit harder as they have been making great strides lately with the analysis and removal, I guess the only thing that puts me off for this one is the size of the programme and its insistence on treating cookies as threats


At the end of the day the choice is yours, all I can do is give my personal opinions on the various programmes and which ones are (currently) the best. There is no saying that next week the positions will reverse as one of the programmes is updated. Generally the more that an anti-malware programme is targeted then you can be sure they are on the right road.

Does that help any, I can expand furtther if you wish :)

Meanwhile back at the ranch - how is the computer performing ? Any little niggles ?
  • 0

#12
Essexboy
Posted 09 July 2011 - 07:56 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP