Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Backdoor Trojan Causing Internet Activity?


  • Please log in to reply

#1
KingWeb

KingWeb

    New Member

  • Member
  • Pip
  • 4 posts
I leave my computer running 24/7 and hardly ever "reboot"...recently I've noticed that I'm seeing an increase in Internet Activity when the computer isn't being used, sitting idle?

In CCleaner you can "Analyse" before cleaning and when I do this I see a massive amount of Temporary Internet Files (sample below)
and since I haven't used my computer there shouldn't be any Temporary Internet Files, right?

I'm concerned that my computer is being used by some backdoor trojan for internet or network activity?

I have run Avast, SuperAnti Spyware, Malware Bytes, TSSKiller and MRT. Plus, run them in safe mode, however nothing has been found and I'm still seeing this Internet Activity when away from my computer.

Can someone here help and/or explain what is going on?

There's a lot more than this I just posted this as a small sample of what was happening and if you look at some of the images that are being pulled they are mainly spam ad images...

Thanks!

-------------------------------------------------------------------------

IE Temporary Internet Files (10 files) 14.46KB
C:\WINDOWS\TEMP\WGAErrLog.txt 439 bytes
C:\WINDOWS\system32\wbem\Logs\wbemcore.log 460 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\spacer[1].gif 43 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\cta_top[1].gif 1.96KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\learn-more2[1].gif 1.13KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\bank[1].gif 2.52KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\104ff91bdlayfir2iayvxwcqaaaaab2md23jwjjav4ayaaaaa[1].gif 43 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\facebook[1].gif 254 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\fdic[1].gif 926 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\twitter[1].gif 622 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\thin-plus[1].gif 925 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\OLKC1\image003.jpg 6.10KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\desktop.ini 67 bytes
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat 32.00KB
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MDR9LNKV\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\X8E8D7JY\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZSYVW6KN\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\LV2UBCMH\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Cookies\index.dat 16.00KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\logo_pp_sept[1].gif 1.92KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\scr_bottom_sept[1].gif 1.44KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\e-NotificationHeader[1].gif 3.78KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\headerlogo-header[1].gif 2.92KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\More-Flanimals-Ricky-Gervais[1].jpg 34.47KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\email-footer-icon-Facebook[1].gif 1.26KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\rtCurve[1].gif 64 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\360395140900[1].jpg 3.26KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\3JLUNT41\350493062502[1].jpg 3.72KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\hdr_non_sept[1].gif 11.17KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\module_microplace[1].gif 15.54KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\TwitterSMALL[1].png 586 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\Secret-Word-Groucho-Marx[1].jpg 54.68KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\as[1].gif 43 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\email-footer-icon-You-Tube[1].gif 1.41KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\email-footer-icon-Blog[1].gif 1.33KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\bin_15x54[1].gif 617 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NHOC6PFW\110746909091[1].jpg 2.90KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\scr_right_sept[1].gif 1.42KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\spacer[1].gif 92 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\FacebookSMALL[1].png 321 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\Nerd-Do-Well-Simon-Pegg[1].jpg 33.42KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\email-footer-icon-Twitter[1].gif 1.35KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\ebay_95x39[1].gif 1.09KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\s[1].gif 49 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\400244016859[1].jpg 1.91KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\67PG2N9T\130578781547[1].jpg 5.10KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\scr_left_sept[1].gif 1.42KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\52[1].gif 43 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\YouTubeSMALL[1].png 391 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\Seinlanguage-Jerry-Seinfeld[1].jpg 37.31KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\Bossypants-Tina-Fey[1].jpg 25.24KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\ltCurve[1].gif 64 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\btnShowItems[1].gif 2.50KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\Content.IE5\NY7BE9DJ\400244039822[1].jpg 4.88KB
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\desktop.ini 67 bytes
C:\Documents and Settings\Kevin\Local Settings\Temporary Internet Files\OLKC2\image003.jpg 6.10KB
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat 32.00KB
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\L5HK9O19\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\N20OOOHI\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\3ZTKS77E\desktop.ini 67 bytes
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0QVFP2WN\desktop.ini 67 bytes

-------------------------------------------------------------------------

Here's the OTL:

OTL logfile created on: 9/19/2011 07:21:43 PM - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Kevin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 77.54% Memory free
5.82 Gb Paging File | 5.21 Gb Available in Paging File | 89.59% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 60.12 Gb Total Space | 20.74 Gb Free Space | 34.50% Space Free | Partition Type: FAT32
Drive D: | 47.73 Gb Total Space | 16.00 Gb Free Space | 33.52% Space Free | Partition Type: FAT32
Drive E: | 64.99 Gb Total Space | 3.44 Gb Free Space | 5.30% Space Free | Partition Type: FAT32
Drive F: | 59.93 Gb Total Space | 34.69 Gb Free Space | 57.88% Space Free | Partition Type: FAT32

Computer Name: KINGDESIGN | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/19 19:15:00 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kevin\Desktop\OTL.exe
PRC - [2011/09/17 19:27:16 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/09/06 19:43:46 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/09/06 13:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/01/29 01:16:08 | 011,563,520 | ---- | M] (Costas Stergiou) -- F:\My Documents\The Word\theword.exe
PRC - [2010/10/01 13:27:22 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010/09/22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\AdobeCS4\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/06/04 05:08:30 | 002,476,544 | ---- | M] (SoftArtStudio) -- C:\Program Files\TreeDBNotes 3\TreeDBNotes.exe
PRC - [2009/11/20 15:23:40 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\ASTSRV.EXE
PRC - [2008/04/13 17:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 17:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/18 16:57:54 | 005,750,784 | ---- | M] () -- D:\Wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe
PRC - [2008/01/18 00:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) -- D:\Wamp\bin\apache\apache2.2.8\bin\httpd.exe
PRC - [2007/02/18 17:07:00 | 001,152,512 | ---- | M] (Aestan Software) -- D:\Wamp\wampmanager.exe
PRC - [2007/02/16 18:49:50 | 000,411,168 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2007/01/27 09:42:50 | 000,044,384 | ---- | M] (Antony Lewis) -- C:\Program Files\WordWeb\wweb32.exe
PRC - [2003/05/12 03:51:54 | 000,319,488 | ---- | M] (Ardamax Software) -- C:\Program Files\Tray Commander Lite\TC.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/19 11:51:18 | 001,569,280 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11091901\algo.dll
MOD - [2011/09/18 15:47:04 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11091901\aswRep.dll
MOD - [2011/09/18 10:43:08 | 001,569,280 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11091801\algo.dll
MOD - [2011/09/18 02:42:18 | 001,568,768 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11091800\algo.dll
MOD - [2011/09/16 09:50:48 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11091801\aswRep.dll
MOD - [2011/09/16 09:50:48 | 000,208,544 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11091800\aswRep.dll
MOD - [2011/09/06 19:43:48 | 001,001,432 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/08/18 19:53:14 | 006,277,280 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010/08/15 15:08:44 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010/03/31 23:30:12 | 000,473,704 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2010/03/31 23:30:10 | 001,624,680 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2009/12/10 08:57:10 | 000,338,944 | ---- | M] () -- F:\My Documents\The Word\sqlite3.dll
MOD - [2009/09/04 08:19:30 | 000,644,096 | ---- | M] () -- C:\Program Files\IZArc\IZArcCM.dll
MOD - [2009/02/27 16:39:30 | 000,019,968 | ---- | M] () -- C:\Program Files\AdobeCS4\Acrobat 9.0\Acrobat\AcroTray.DEU
MOD - [2009/02/27 16:32:28 | 000,020,480 | ---- | M] () -- C:\Program Files\AdobeCS4\Acrobat 9.0\Acrobat\AcroTray.FRA
MOD - [2008/05/10 08:04:14 | 000,450,560 | ---- | M] () -- D:\Wamp\ioncube\ioncube_loader_win_5.2.dll
MOD - [2008/03/29 08:42:20 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\mmfinfo.dll
MOD - [2008/03/29 08:41:52 | 000,023,552 | ---- | M] () -- C:\WINDOWS\system32\mkunicode.dll
MOD - [2008/01/18 16:57:54 | 005,750,784 | ---- | M] () -- D:\Wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe
MOD - [2008/01/07 17:47:48 | 000,721,095 | ---- | M] () -- C:\Program Files\Zend\ZendOptimizer-3.3.0\lib\Optimizer-3.3.0\php-5.2.x\ZendOptimizer.dll
MOD - [2007/11/08 23:23:48 | 002,035,712 | ---- | M] () -- D:\Wamp\bin\apache\apache2.2.8\bin\libmysql.dll
MOD - [2007/02/04 11:14:48 | 000,020,687 | ---- | M] () -- C:\Program Files\Zend\ZendOptimizer-3.3.0\lib\ZendExtensionManager.dll
MOD - [2007/01/21 12:46:18 | 000,018,944 | ---- | M] () -- C:\Program Files\WordWeb\WUCNT.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (srv9F4)
SRV - File not found [Disabled | Stopped] -- -- (aawservice)
SRV - [2011/09/17 19:27:16 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/09/06 13:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/10/01 13:27:22 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/03/10 21:03:38 | 000,288,112 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2010/03/10 19:34:10 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/11/20 15:23:40 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\ASTSRV.EXE -- (astcc)
SRV - [2008/04/13 17:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 17:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 17:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (MSFtpsvc)
SRV - [2008/04/13 17:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/01/18 16:57:54 | 005,750,784 | ---- | M] () [On_Demand | Running] -- D:\Wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe -- (wampmysqld)
SRV - [2008/01/18 00:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) [On_Demand | Running] -- D:\Wamp\bin\apache\apache2.2.8\bin\httpd.exe -- (wampapache)
SRV - [2007/09/04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2007/02/16 18:49:50 | 000,411,168 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006/01/06 12:07:28 | 000,077,824 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\hphipm11.exe -- (Pml Driver HPH11)


========== Driver Services (SafeList) ==========

DRV - [2011/09/17 19:27:12 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/17 19:27:12 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/09/06 13:38:06 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 13:37:54 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 13:36:24 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/09/06 13:33:12 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/20 19:16:12 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2009/04/26 18:47:14 | 000,027,136 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/11/22 19:02:48 | 000,392,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008/11/22 19:02:48 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/01/12 14:29:04 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2007/08/07 12:56:58 | 000,009,344 | ---- | M] (Lavasoft AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2007/05/02 16:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/01/06 12:07:28 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphid411.sys -- (Dot4 HPH11)
DRV - [2006/01/06 12:07:28 | 000,050,276 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphs2k11.sys -- (Dot4Storage HPH11) Storage Class Driver for IEEE-1284.4 (HPH11)
DRV - [2006/01/06 12:07:28 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphius11.sys -- (Dot4Usb HPH11)
DRV - [2006/01/06 12:07:28 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hphipr11.sys -- (Dot4Print HPH11)
DRV - [2005/04/07 17:18:34 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2003/11/17 14:59:20 | 000,212,224 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/08/29 01:00:00 | 000,016,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctpdusb2.sys -- (Jukebox)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hhttp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kingwebsitedesign.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.ebay.com/"
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.7.3
FF - prefs.js..extensions.enabledItems: {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}:1.0
FF - prefs.js..keyword.enabled: false

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\AdobeCS4\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.21\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/04 08:42:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.21\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/04 08:42:36 | 000,000,000 | ---D | M]

[2011/09/04 08:42:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Extensions
[2011/09/04 08:42:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\35qt0d08.default\extensions
[2011/09/04 23:43:00 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\35qt0d08.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2011/09/18 19:01:18 | 000,000,000 | ---D | M] (ShowIP) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\35qt0d08.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}
[2011/09/04 23:43:00 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\35qt0d08.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2011/09/17 09:06:20 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\Kevin\Application Data\Mozilla\Firefox\Profiles\35qt0d08.default\extensions\[email protected]
[2011/09/04 08:42:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/04 13:56:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011/09/04 13:56:16 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/09/18 09:35:50 | 000,288,520 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.123haustiereundmehr.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 9942 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\AdobeCS4\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\AdobeCS4\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\AdobeCS4\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\AdobeCS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EPSON Stylus CX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Tray Commander Lite] C:\Program Files\Tray Commander Lite\TC.exe (Ardamax Software)
O4 - HKLM..\Run: [Turn on nView Desktop Manager] C:\Program Files\NVIDIA Corporation\nView\nview.dll ()
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - Startup: C:\Documents and Settings\Kevin\Start Menu\Programs\Startup\WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe (Antony Lewis)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuEjectPC = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Document Tree - C:\WINDOWS\Web\tree.htm ()
O8 - Extra context menu item: &Highlight - C:\WINDOWS\Web\highlight.htm ()
O8 - Extra context menu item: &Links List - C:\WINDOWS\Web\urllist.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm ()
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\Web\frm2new.htm ()
O8 - Extra context menu item: View Partial So&urce - C:\WINDOWS\Web\source.htm ()
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\Web\zoomin.htm ()
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\Web\zoomout.htm ()
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : &Document Tree - {438AFBA1-B0CB-11d2-9214-00104B3BCE5F} - C:\WINDOWS\Web\tree.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKCU\..Trusted Domains: nutracea.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: nutracea.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range37 ([http] in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range38 ([https] in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1268191888035 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1273446013273 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.micros...ntent/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4F2586A-2E4D-489C-AD60-35D17E2EE0B8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4F2586A-2E4D-489C-AD60-35D17E2EE0B8}: NameServer = 68.105.28.13,68.105.29.13
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Kevin\Application Data\nView_Wallpaper\PerMonitorWallpaper0.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kevin\Application Data\nView_Wallpaper\PerMonitorWallpaper0.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/10 19:37:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/19 19:16:54 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kevin\Desktop\OTL.exe
[2011/09/18 12:45:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin\Application Data\Safer Networking
[2011/09/18 12:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\Safer Networking
[2011/09/18 07:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/09/16 20:36:57 | 000,320,856 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/16 20:36:57 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/16 20:36:56 | 000,052,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/16 20:36:56 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/16 20:36:55 | 000,442,200 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/16 20:36:55 | 000,110,552 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/16 20:36:55 | 000,104,536 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/16 20:36:55 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/16 20:36:47 | 000,199,304 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/16 20:36:47 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/16 20:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/09/16 20:36:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/04 13:56:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/09/04 13:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/09/04 13:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin\Application Data\Sun
[2011/09/04 12:39:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/09/04 12:39:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/09/04 08:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kevin\Application Data\Mozilla
[2011/09/04 08:42:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2011/09/19 19:15:42 | 000,000,155 | ---- | M] () -- C:\Documents and Settings\Kevin\Application Data\cntp.ini
[2011/09/19 19:15:00 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kevin\Desktop\OTL.exe
[2011/09/19 15:06:02 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\RMSmartUpdate.job
[2011/09/18 09:40:16 | 000,000,210 | -HS- | M] () -- C:\boot.ini
[2011/09/18 09:37:36 | 000,002,148 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/18 09:36:58 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/09/18 09:32:26 | 000,000,256 | -HS- | M] () -- C:\Boot.bak
[2011/09/17 18:46:14 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/09/17 16:27:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/16 20:36:56 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/09/16 17:43:14 | 002,633,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/12 23:18:38 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics Disk Defrag Sheduled Defragmentation.job
[2011/09/06 13:45:30 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/09/06 13:45:30 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/09/06 13:38:06 | 000,442,200 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/09/06 13:37:54 | 000,320,856 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/09/06 13:36:38 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/09/06 13:36:36 | 000,052,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/09/06 13:36:24 | 000,110,552 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/09/06 13:36:20 | 000,104,536 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/09/06 13:36:12 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/09/06 13:33:12 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/09/04 08:42:38 | 000,001,530 | ---- | M] () -- C:\Documents and Settings\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/08/29 21:15:00 | 000,009,662 | ---- | M] () -- C:\WINDOWS\EPISME00.SWB

========== Files Created - No Company Name ==========

[2011/09/04 13:14:49 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2011/09/04 13:14:21 | 000,002,148 | ---- | C] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/04 13:14:14 | 002,633,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/04 13:01:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/09/04 08:42:37 | 000,001,530 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/10 14:17:20 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\1.gif
[2011/06/10 14:17:19 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\ct_start
[2011/05/20 19:14:31 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2011/05/20 19:14:31 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2011/03/12 10:38:07 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/03/12 10:38:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/03/12 10:38:07 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/03/12 10:38:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/03/12 10:38:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/03/12 00:06:33 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2010/07/31 16:46:41 | 000,120,376 | ---- | C] () -- C:\WINDOWS\System32\rrsec.dll
[2010/07/31 16:46:41 | 000,097,888 | ---- | C] () -- C:\WINDOWS\System32\rrsec2k.exe
[2010/05/09 19:22:00 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2010/05/07 10:41:36 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/05/07 10:41:35 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/05/07 10:41:35 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/05/07 10:41:35 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/05/07 10:41:35 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/05/07 10:41:35 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/05/07 10:41:35 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/05/07 10:41:35 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/05/07 10:41:35 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/05/07 10:41:35 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/05/07 10:41:35 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/05/07 10:41:35 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/05/07 10:41:35 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/05/07 10:41:35 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/05/07 10:41:35 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/05/07 10:41:35 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/04/24 17:15:02 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\€AstInfo.dat
[2010/03/06 16:42:36 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Kevin\Local Settings\Application Data\PUTTY.RND
[2010/01/12 12:03:34 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/06/06 08:31:57 | 000,027,210 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\Personal Address Book.ADR
[2009/06/05 17:55:37 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2009/01/04 11:34:56 | 000,000,155 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\cntp.ini
[2009/01/04 11:33:39 | 000,002,981 | ---- | C] () -- C:\Documents and Settings\Kevin\Application Data\cntp.nws
[2008/11/22 14:16:08 | 000,000,152 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008/07/13 11:05:54 | 000,001,160 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2008/05/26 14:17:26 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2008/05/26 14:17:21 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat
[2008/04/26 11:58:02 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2008/04/20 11:34:03 | 000,044,544 | ---- | C] () -- C:\Documents and Settings\Kevin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/12 09:16:27 | 000,134,044 | ---- | C] () -- C:\WINDOWS\ColorPic Uninstaller.exe
[2008/04/12 08:52:57 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2008/04/12 08:52:57 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2008/04/12 08:52:57 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\lffpx90n.dll
[2008/04/10 09:52:08 | 000,662,016 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/04/10 09:52:06 | 003,143,168 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008/04/10 09:52:06 | 000,568,320 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008/04/10 09:52:06 | 000,404,992 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008/04/10 09:52:06 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2008/04/10 09:52:06 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2008/04/10 09:52:06 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008/04/10 09:52:06 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2008/04/10 09:52:06 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2008/04/10 09:52:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008/04/10 09:52:06 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2008/04/10 09:52:06 | 000,081,408 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2008/04/10 09:52:06 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2008/04/10 09:52:06 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2008/04/10 09:52:06 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008/04/10 09:50:40 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/04/06 09:16:46 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/03/29 08:42:22 | 000,245,248 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2008/03/29 08:42:20 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/03/29 08:42:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2008/03/29 08:42:08 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2008/03/29 08:42:04 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2008/03/29 08:42:04 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2008/03/29 08:42:02 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2008/03/29 08:42:02 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2008/03/29 08:42:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2008/03/29 08:42:00 | 000,103,424 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2008/03/29 08:41:54 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2008/03/29 08:41:54 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2008/03/29 08:41:52 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2008/03/29 08:41:52 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2008/03/21 13:30:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/01/13 11:06:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/11 22:27:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/01/10 20:39:05 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2008/01/10 20:26:47 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/01/10 19:44:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\frontpg.ini
[2008/01/10 19:44:35 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2008/01/10 19:44:35 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2008/01/10 19:44:30 | 000,007,909 | ---- | C] () -- C:\WINDOWS\System32\ftpctrs.ini
[2008/01/10 19:44:28 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2008/01/10 19:44:28 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2008/01/10 19:44:25 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2008/01/10 19:40:37 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2008/01/10 19:35:21 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/01/10 19:30:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/12/31 17:00:00 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2007/12/31 17:00:00 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2007/12/31 17:00:00 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2007/10/13 02:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2007/06/28 21:43:00 | 001,018,772 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2007/06/28 21:43:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2007/06/28 11:54:10 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/06/07 15:10:50 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2007/04/13 14:19:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2007/03/12 12:01:30 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2005/06/28 09:33:40 | 000,022,528 | ---- | C] () -- C:\WINDOWS\System32\RunHiddenConsole.exe
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/25 19:21:13 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/06/25 19:21:11 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/06/25 19:20:23 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/06/25 19:20:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/06/25 19:19:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/06/25 19:13:52 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/06/25 19:13:40 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/06/25 19:05:30 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/06/25 19:03:54 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

========== LOP Check ==========

[2008/01/11 23:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\X-Setup Pro
[2008/01/12 14:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010/09/29 10:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applications
[2009/10/31 03:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Word
[2011/06/10 16:13:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/07/30 21:18:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/09/16 20:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/09/18 07:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2008/01/11 23:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\X-Setup Pro
[2008/01/13 18:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Auslogics
[2008/04/15 06:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\FileZilla
[2008/04/19 13:13:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\TreeDBNotes 3
[2008/04/26 12:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\nView_Wallpaper
[2008/06/28 00:15:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\OfficeUpdate12
[2009/08/01 17:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Leadertech
[2009/08/02 10:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\aignes
[2009/10/31 03:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\The Word
[2010/05/10 08:59:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\webex
[2010/07/16 21:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Acronis
[2011/03/12 00:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Registry Mechanic
[2011/09/18 12:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kevin\Application Data\Safer Networking
[2011/09/19 15:06:02 | 000,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\RMSmartUpdate.job
[2011/09/12 23:18:38 | 000,000,430 | ---- | M] () -- C:\WINDOWS\Tasks\Auslogics Disk Defrag Sheduled Defragmentation.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP