Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win 7 Home Security 2012


  • Please log in to reply

#1
Caleb S.

Caleb S.

    New Member

  • Member
  • Pip
  • 5 posts
I was opening firefox when Win 7 Home Security 2012 open. I have looked online and followed the steps that i have found to remove this threat but it dose not remove. I am able to end the process that runs the program and it is how i am able to get on here and make this post. So if anyone knows how to remove it. it will be a great help. it has changed all my shortcuts in my start menu and desktop to open that program. also rerouted all the web pages i enter to go to a page saying my computer is infected.I am also using Panda Cloud Anti-virus free edition and i run Malwarebytes once a week




OTL logfile created on: 12/1/2011 4:40:24 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Admin\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.79 Gb Available Physical Memory | 60.00% Memory free
5.98 Gb Paging File | 4.81 Gb Available in Paging File | 80.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.75 Gb Total Space | 35.52 Gb Free Space | 15.26% Space Free | Partition Type: NTFS
Drive E: | 1.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: SARAH-PC | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/01 16:12:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2011/11/18 21:50:41 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011/10/08 13:56:43 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2011/09/23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2011/09/02 01:15:40 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2011/08/30 11:18:30 | 008,093,056 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer.exe
PRC - [2011/08/30 11:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/07/15 23:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/29 09:29:44 | 000,217,256 | ---- | M] (Panda Security) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
PRC - [2011/06/06 14:55:32 | 002,903,448 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/28 14:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/21 00:19:39 | 000,395,128 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 20:14:28 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/27 23:07:13 | 008,522,400 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/03/15 07:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/07/13 20:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.DLL
MOD - [2009/07/13 20:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (avgwd)
SRV - File not found [Auto | Stopped] -- -- (AVGIDSAgent)
SRV - File not found [Auto | Stopped] -- -- (avgfws)
SRV - [2011/09/23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/08/30 11:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/06/12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/11/26 18:51:05 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/10/03 15:49:32 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2011/08/01 06:23:23 | 000,143,624 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2011/07/13 12:39:10 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\NBVol.sys -- (NBVol)
DRV - [2011/07/13 12:39:10 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\NBVolUp.sys -- (NBVolUp)
DRV - [2011/05/27 18:05:32 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/28 13:57:47 | 000,112,712 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2011/04/28 13:57:21 | 000,111,176 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2011/04/28 13:57:20 | 000,126,024 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2011/04/28 13:57:20 | 000,099,400 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/07/07 18:18:56 | 000,044,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2009/12/30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/12/08 21:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2009/09/28 08:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2006/11/14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://easy-google-search.blogspot.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 26 61 09 69 CD CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://easy-google-s...h.blogspot.com"
FF - prefs.js..keyword.URL: "http://www.google.co...=ISO-8859-1&q="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Admin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/11/26 19:31:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/11/27 10:54:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/09 16:02:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/27 10:54:34 | 000,000,000 | ---D | M]

[2011/09/14 17:13:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions
[2011/12/01 15:33:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fopbmc12.default\extensions
[2011/09/14 21:03:00 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fopbmc12.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/11/22 20:05:32 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fopbmc12.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2011/11/22 20:05:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fopbmc12.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions
[2011/11/22 20:05:32 | 000,000,000 | ---D | M] (Panda Security Toolbar) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fopbmc12.default\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}\Setup\bin\PandaSecurityTb_2.0.0.9\$[56]\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[2011/11/09 16:43:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/09 16:43:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/10/01 09:38:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FOPBMC12.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/11/09 16:02:57 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/07/19 04:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/02 18:25:59 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/09 16:02:57 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2D282360-BCE7-426E-BC1B-401D551A7B86}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/03/21 23:24:09 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{e48aafb4-dec2-11df-aeb2-00234e85c10a}\Shell - "" = AutoRun
O33 - MountPoints2\{e48aafb4-dec2-11df-aeb2-00234e85c10a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = ah] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/12/01 16:12:19 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2011/12/01 16:01:05 | 000,032,256 | ---- | C] (TWX Corp.) -- C:\Windows\System32\BeF60Jdtn.com
[2011/11/30 16:53:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Sector 1
[2011/11/30 15:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDpack Pro
[2011/11/30 15:51:34 | 000,000,000 | ---D | C] -- C:\Windows\SigPlus
[2011/11/30 15:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\Aptika
[2011/11/30 15:50:41 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/11/30 15:36:21 | 000,000,000 | --SD | C] -- C:\Users\Admin\Documents\My Data Sources
[2011/11/30 15:10:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011/11/30 15:10:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/11/30 15:07:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/11/30 15:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011/11/30 15:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011/11/29 22:40:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/29 20:50:21 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Microsoft_Corporation
[2011/11/29 18:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Xpress Software
[2011/11/29 18:01:50 | 000,000,000 | ---D | C] -- C:\Program Files\Xpress Software
[2011/11/27 10:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
[2011/11/26 20:27:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Adobe
[2011/11/26 20:24:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/26 19:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2011/11/26 19:36:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\Adobe Flash Builder 4.5
[2011/11/26 19:30:34 | 000,000,000 | ---D | C] -- C:\adobeTemp
[2011/11/26 19:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5
[2011/11/26 18:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011/11/26 18:50:24 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011/11/23 06:55:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Fragments
[2011/11/23 06:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011/11/22 22:36:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/11/22 22:36:45 | 000,000,000 | ---D | C] -- C:\Program Files\My Company Name
[2011/11/22 22:27:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/11/22 20:06:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Panda Security
[2011/11/22 20:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2011/11/22 20:05:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\panda2_0dn
[2011/11/22 20:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security URL Filtering
[2011/11/22 20:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
[2011/11/22 20:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2011/11/22 20:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2011/11/22 20:04:15 | 000,000,000 | ---D | C] -- C:\temp
[2011/11/22 19:00:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\VS Revo Group
[2011/11/22 19:00:03 | 000,027,192 | ---- | C] (VS Revo Group) -- C:\Windows\System32\drivers\revoflt.sys
[2011/11/22 19:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2011/11/22 19:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/11/22 18:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AAA Logo 2010
[2011/11/22 18:52:12 | 000,000,000 | ---D | C] -- C:\Program Files\AAALogo2010
[2011/11/12 10:38:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\dvdcss
[2011/11/09 16:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/11/05 08:50:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/11/05 08:37:15 | 000,000,000 | ---D | C] -- C:\Program Files\Age of Mythology - The Titans
[2011/11/05 08:34:43 | 000,000,000 | ---D | C] -- C:\Program Files\Age of Mythology
[2011/11/03 21:11:54 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\New Unity Project
[2011/11/03 21:02:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Unity
[2011/11/03 21:01:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\PACE Anti-Piracy
[2011/11/03 21:01:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\PACE Anti-Piracy
[2011/11/03 21:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2011/11/03 20:47:47 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Unity
[2011/11/03 20:46:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Unity Projects
[2011/11/03 20:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
[2011/11/03 20:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\Unity
[2011/11/01 18:13:26 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\go
[2011/11/01 18:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/01 16:21:49 | 000,024,498 | ---- | M] () -- C:\Users\Admin\Documents\cc_20111201_162145.reg
[2011/12/01 16:12:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2011/12/01 16:08:07 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/01 16:08:07 | 000,017,136 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At8.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At6.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At48.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At46.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At44.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At42.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At40.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At4.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At38.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At36.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At34.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At32.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At30.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At28.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At26.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At24.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At22.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At20.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At2.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At18.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At16.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At14.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At12.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At10.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At9.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At7.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At5.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At47.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At45.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At43.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At41.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At39.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At37.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At35.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At33.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At31.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At3.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At29.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At27.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At25.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At23.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At21.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At19.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At17.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At15.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At13.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At11.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/12/01 16:02:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/01 16:02:41 | 2408,087,552 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/01 16:01:42 | 000,000,000 | ---- | M] () -- C:\ProgramData\b74N2u56p.dat
[2011/12/01 16:00:49 | 000,032,256 | ---- | M] (TWX Corp.) -- C:\Windows\System32\BeF60Jdtn.com
[2011/12/01 16:00:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2356470011-2687384211-451239834-1003UA.job
[2011/12/01 16:00:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2356470011-2687384211-451239834-1003Core.job
[2011/12/01 15:44:02 | 000,009,100 | -HS- | M] () -- C:\Users\Admin\AppData\Local\t0qy54w5ju0wut
[2011/12/01 15:44:02 | 000,009,100 | -HS- | M] () -- C:\ProgramData\t0qy54w5ju0wut
[2011/12/01 15:01:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2356470011-2687384211-451239834-1004UA.job
[2011/12/01 15:01:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2356470011-2687384211-451239834-1004Core.job
[2011/12/01 03:29:36 | 003,786,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/11/30 17:37:50 | 000,026,700 | ---- | M] () -- C:\Users\Admin\Documents\Sector 1 badge.pdf
[2011/11/30 17:29:23 | 000,001,262 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2011/11/30 15:37:07 | 000,001,101 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/11/29 21:18:46 | 001,540,096 | ---- | M] () -- C:\Users\Admin\Documents\Contact management database.accdb
[2011/11/29 20:54:23 | 000,370,022 | ---- | M] () -- C:\Users\Admin\Documents\Contacts.accdt
[2011/11/29 16:52:26 | 000,811,169 | ---- | M] () -- C:\Users\Admin\Documents\Sector 1_responses.pdf
[2011/11/28 21:43:57 | 000,182,081 | ---- | M] () -- C:\Users\Admin\Documents\Sector 1_distributed.pdf
[2011/11/28 21:43:04 | 000,148,820 | ---- | M] () -- C:\Users\Admin\Documents\Sector 1.pdf
[2011/11/28 20:27:04 | 000,149,064 | ---- | M] () -- C:\Users\Admin\Documents\Sector 1_BAK.pdf
[2011/11/28 20:17:47 | 000,155,461 | ---- | M] () -- C:\Users\Admin\Desktop\Sector 1.pdf
[2011/11/27 10:54:35 | 000,001,996 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011/11/26 20:24:18 | 000,061,440 | ---- | M] () -- C:\Users\Admin\Documents\Book 1.indb
[2011/11/26 18:51:06 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/11/26 11:23:24 | 000,401,690 | ---- | M] () -- C:\Users\Admin\Documents\cc_20111126_112246.reg
[2011/11/24 15:22:41 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/11/22 22:41:28 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk
[2011/11/22 20:46:54 | 000,660,272 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/22 20:46:54 | 000,121,168 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/22 20:05:15 | 000,000,264 | ---- | M] () -- C:\Windows\System32\PSUNCpl.dat
[2011/11/22 19:34:30 | 000,002,198 | ---- | M] () -- C:\Windows\System32\drivers\hosts
[2011/11/22 19:00:05 | 000,001,254 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011/11/22 19:00:04 | 000,001,230 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011/11/22 18:52:18 | 000,000,991 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\AAA Logo 2010.lnk
[2011/11/22 18:52:18 | 000,000,967 | ---- | M] () -- C:\Users\Admin\Desktop\AAA Logo 2010.lnk
[2011/11/22 17:52:33 | 089,783,309 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/11/22 17:52:33 | 000,618,058 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2011/11/22 17:52:33 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjw.avm
[2011/11/20 11:23:19 | 000,001,197 | ---- | M] () -- C:\Users\Admin\Desktop\DVDVideoSoft Free Studio.lnk
[2011/11/12 21:50:39 | 000,279,314 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011/11/12 09:59:56 | 000,007,336 | ---- | M] () -- C:\Users\Admin\Documents\cc_20111112_095952.reg
[2011/11/09 16:42:54 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/11/08 09:47:11 | 001,089,897 | ---- | M] () -- C:\Users\Admin\Desktop\Inheritance - Paolini_ Christopher.epub
[2011/11/08 09:43:50 | 000,003,146 | ---- | M] () -- C:\Users\Admin\Desktop\[[Demonoid.me]]-Christopher_Paolini_[The_Inheritance_Cycle_04]_Inheritance.torrent
[2011/11/08 08:25:06 | 001,429,830 | ---- | M] () -- C:\Users\Admin\Desktop\Inheritance - Paolini_ Christopher.mobi
[2011/11/05 08:39:32 | 000,001,148 | ---- | M] () -- C:\Users\Admin\Desktop\Age of Mythology - The Titans.lnk
[2011/11/05 08:36:41 | 000,001,024 | ---- | M] () -- C:\Users\Admin\Desktop\Age of Mythology.lnk
[2011/11/01 18:13:26 | 000,001,656 | ---- | M] () -- C:\Users\Admin\Desktop\Play games (EasyBits GO).lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/01 16:21:47 | 000,024,498 | ---- | C] () -- C:\Users\Admin\Documents\cc_20111201_162145.reg
[2011/12/01 16:01:42 | 000,000,000 | ---- | C] () -- C:\ProgramData\b74N2u56p.dat
[2011/12/01 16:01:41 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At48.job
[2011/12/01 16:01:41 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At47.job
[2011/12/01 16:01:40 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At46.job
[2011/12/01 16:01:39 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At44.job
[2011/12/01 16:01:39 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At45.job
[2011/12/01 16:01:38 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At43.job
[2011/12/01 16:01:37 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At42.job
[2011/12/01 16:01:36 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At40.job
[2011/12/01 16:01:36 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At41.job
[2011/12/01 16:01:35 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At39.job
[2011/12/01 16:01:34 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At38.job
[2011/12/01 16:01:34 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At37.job
[2011/12/01 16:01:33 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At36.job
[2011/12/01 16:01:32 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At34.job
[2011/12/01 16:01:32 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At35.job
[2011/12/01 16:01:31 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At33.job
[2011/12/01 16:01:30 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At32.job
[2011/12/01 16:01:29 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At31.job
[2011/12/01 16:01:28 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At30.job
[2011/12/01 16:01:27 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At29.job
[2011/12/01 16:01:26 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At28.job
[2011/12/01 16:01:25 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At26.job
[2011/12/01 16:01:25 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At27.job
[2011/12/01 16:01:24 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At24.job
[2011/12/01 16:01:24 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At25.job
[2011/12/01 16:01:22 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At23.job
[2011/12/01 16:01:21 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At22.job
[2011/12/01 16:01:20 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At20.job
[2011/12/01 16:01:20 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At21.job
[2011/12/01 16:01:19 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At18.job
[2011/12/01 16:01:19 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At19.job
[2011/12/01 16:01:18 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At17.job
[2011/12/01 16:01:17 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At16.job
[2011/12/01 16:01:17 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At15.job
[2011/12/01 16:01:16 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At14.job
[2011/12/01 16:01:15 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At13.job
[2011/12/01 16:01:14 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At12.job
[2011/12/01 16:01:14 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At11.job
[2011/12/01 16:01:13 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At10.job
[2011/12/01 16:01:13 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At9.job
[2011/12/01 16:01:12 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At8.job
[2011/12/01 16:01:11 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At7.job
[2011/12/01 16:01:10 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At6.job
[2011/12/01 16:01:09 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At5.job
[2011/12/01 16:01:08 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At4.job
[2011/12/01 16:01:07 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\At2.job
[2011/12/01 16:01:07 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At3.job
[2011/12/01 16:01:05 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011/12/01 15:39:43 | 000,009,100 | -HS- | C] () -- C:\Users\Admin\AppData\Local\t0qy54w5ju0wut
[2011/12/01 15:39:43 | 000,009,100 | -HS- | C] () -- C:\ProgramData\t0qy54w5ju0wut
[2011/11/30 17:37:50 | 000,026,700 | ---- | C] () -- C:\Users\Admin\Documents\Sector 1 badge.pdf
[2011/11/30 17:28:23 | 000,001,262 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2011/11/30 15:37:07 | 000,001,101 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2011/11/29 20:54:23 | 000,370,022 | ---- | C] () -- C:\Users\Admin\Documents\Contacts.accdt
[2011/11/29 20:54:22 | 001,540,096 | ---- | C] () -- C:\Users\Admin\Documents\Contact management database.accdb
[2011/11/28 22:11:22 | 000,324,389 | ---- | C] () -- C:\Users\Admin\Desktop\TMCCFormTemplateGeneral.tds
[2011/11/28 21:43:55 | 000,182,081 | ---- | C] () -- C:\Users\Admin\Documents\Sector 1_distributed.pdf
[2011/11/28 21:43:54 | 000,811,169 | ---- | C] () -- C:\Users\Admin\Documents\Sector 1_responses.pdf
[2011/11/28 21:43:04 | 000,148,820 | ---- | C] () -- C:\Users\Admin\Documents\Sector 1.pdf
[2011/11/28 21:42:58 | 000,149,064 | ---- | C] () -- C:\Users\Admin\Documents\Sector 1_BAK.pdf
[2011/11/28 20:17:47 | 000,155,461 | ---- | C] () -- C:\Users\Admin\Desktop\Sector 1.pdf
[2011/11/27 10:46:01 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
[2011/11/27 10:46:01 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
[2011/11/27 10:46:01 | 000,001,996 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2011/11/26 20:24:16 | 000,061,440 | ---- | C] () -- C:\Users\Admin\Documents\Book 1.indb
[2011/11/26 18:51:06 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/11/26 11:22:49 | 000,401,690 | ---- | C] () -- C:\Users\Admin\Documents\cc_20111126_112246.reg
[2011/11/24 15:22:41 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/11/24 15:22:41 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011/11/22 22:41:28 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Content Viewer.lnk
[2011/11/22 22:11:53 | 000,002,198 | ---- | C] () -- C:\Windows\System32\drivers\hosts
[2011/11/22 20:05:15 | 000,000,264 | ---- | C] () -- C:\Windows\System32\PSUNCpl.dat
[2011/11/22 19:00:05 | 000,001,254 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011/11/22 19:00:04 | 000,001,230 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011/11/22 18:52:18 | 000,000,991 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\AAA Logo 2010.lnk
[2011/11/22 18:52:18 | 000,000,967 | ---- | C] () -- C:\Users\Admin\Desktop\AAA Logo 2010.lnk
[2011/11/12 09:59:55 | 000,007,336 | ---- | C] () -- C:\Users\Admin\Documents\cc_20111112_095952.reg
[2011/11/09 16:42:54 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/11/08 09:46:56 | 001,089,897 | ---- | C] () -- C:\Users\Admin\Desktop\Inheritance - Paolini_ Christopher.epub
[2011/11/08 09:44:57 | 001,429,830 | ---- | C] () -- C:\Users\Admin\Desktop\Inheritance - Paolini_ Christopher.mobi
[2011/11/08 09:43:49 | 000,003,146 | ---- | C] () -- C:\Users\Admin\Desktop\[[Demonoid.me]]-Christopher_Paolini_[The_Inheritance_Cycle_04]_Inheritance.torrent
[2011/11/05 08:39:32 | 000,001,148 | ---- | C] () -- C:\Users\Admin\Desktop\Age of Mythology - The Titans.lnk
[2011/11/05 08:36:41 | 000,001,024 | ---- | C] () -- C:\Users\Admin\Desktop\Age of Mythology.lnk
[2011/11/01 18:13:26 | 000,001,686 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play games (EasyBits GO).lnk
[2011/11/01 18:13:26 | 000,001,656 | ---- | C] () -- C:\Users\Admin\Desktop\Play games (EasyBits GO).lnk
[2011/10/29 10:54:54 | 000,197,800 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/01/07 23:33:03 | 000,056,320 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2010/11/26 01:45:52 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/09/19 14:23:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/18 23:07:12 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009/09/23 21:16:08 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 003,786,920 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,660,272 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,121,168 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/05/06 19:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2004/12/20 20:57:30 | 000,110,592 | ---- | C] () -- C:\Windows\System32\pdf417enc.dll

========== LOP Check ==========

[2010/11/27 10:51:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Amazon
[2011/11/22 19:18:25 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\AVG10
[2011/10/08 13:52:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\calibre
[2011/11/26 20:24:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/29 17:06:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2011/09/15 17:31:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DiskAid
[2011/11/20 11:23:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoft
[2011/09/14 21:02:58 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/10/13 15:47:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GameMaker
[2011/11/09 16:40:48 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\go
[2011/09/14 21:18:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Hobbyist Software
[2011/10/05 15:15:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mobipocket
[2011/09/24 10:29:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\OpenCandy
[2011/11/09 21:25:33 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Opera
[2011/11/03 21:02:20 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PACE Anti-Piracy
[2011/11/22 20:06:15 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Panda Security
[2011/10/29 11:48:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\RIFT
[2011/11/01 16:21:03 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Sierra
[2011/09/11 20:20:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TeamViewer
[2011/11/03 21:02:39 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Unity
[2011/12/01 16:43:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At16.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At17.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At18.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At19.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At20.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At21.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At22.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At23.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At24.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At25.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At26.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At27.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At28.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At29.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At30.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At31.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At32.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At33.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At34.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At35.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At36.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At37.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At38.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At39.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At40.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At41.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At42.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At43.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At44.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At45.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At46.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At47.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At48.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2011/12/01 16:02:58 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2011/12/01 16:02:58 | 000,000,352 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2011/12/01 15:01:00 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2356470011-2687384211-451239834-1004Core.job
[2011/12/01 15:01:00 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2356470011-2687384211-451239834-1004UA.job
[2011/10/15 11:13:27 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
Caleb S.

Caleb S.

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
ok after i restarted my computer again it seems to be gone but could someone still check everything to be sure?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP