So then i did a Malwarebytes scan and it found nothing. Then i did a SUPERAntispyware scan and it found 5 threats all under the name Adware.Zugo. I havent noticed my computer running any differently so thats good.
SuperAntispyware Threats:
Adware.Zugo
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}
(x86) HKU\S-1-5-21-107626587-2982368037-1246139285-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D425283-D487-4337-BAB6-AB8354A81457}
(x86) HKLM\Software\Microsoft\Internet Explorer\Toolbar#{9D425283-D487-4337-BAB6-AB8354A81457}
(x86) HKCR\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}
(x86) HKU\S-1-5-21-107626587-2982368037-1246139285-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{9D425283-D487-4337-BAB6-AB8354A81457}
Here is my OTL Log from after my malwarebytes scan and superantispyware scan:
OTL logfile created on: 12/10/2011 12:03:44 AM - Run 10
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Michael\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.75 Gb Total Physical Memory | 4.14 Gb Available Physical Memory | 72.00% Memory free
11.50 Gb Paging File | 9.73 Gb Available in Paging File | 84.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.07 Gb Total Space | 411.89 Gb Free Space | 70.52% Space Free | Partition Type: NTFS
Drive D: | 12.00 Gb Total Space | 2.18 Gb Free Space | 18.16% Space Free | Partition Type: NTFS
Computer Name: FAMILY-PC | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Michael\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\93df5ea9646ad11a21517e4ab1d803d9\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\Users\Michael\AppData\Roaming\PictureMover\EN-US\Presentation.dll ()
MOD - C:\Users\Michael\AppData\Roaming\PictureMover\Bin\Core.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll ()
SRV - (McAfee SiteAdvisor Service) -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (N360) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe (Symantec Corporation)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\hp\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (Autodesk Licensing Service) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys (Symantec Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.sys (Symantec Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.sys (Symantec Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\ironx64.sys (Symantec Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111123.001\BHDrvx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111209.003\EX64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111209.003\ENG64.SYS (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111208.001\IDSviA64.sys (Symantec Corporation)
DRV - (Normandy) -- C:\Windows\SysWow64\drivers\Normandy.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-107626587-2982368037-1246139285-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKU\S-1-5-21-107626587-2982368037-1246139285-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-107626587-2982368037-1246139285-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-107626587-2982368037-1246139285-1004\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-107626587-2982368037-1246139285-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/...39&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michael\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/09/28 05:51:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_3_6 [2011/12/09 23:58:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/25 02:12:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/11/10 02:20:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/12 06:16:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/26 23:16:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Michael\AppData\Roaming\Move Networks [2010/03/19 16:33:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/25 02:12:46 | 000,000,000 | ---D | M]
[2010/05/13 22:52:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Extensions
[2011/04/01 21:55:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\2wd2wg64.default\extensions
[2011/01/08 18:57:01 | 000,001,919 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\2wd2wg64.default\searchplugins\bing-zugo.xml
[2011/08/03 02:38:03 | 000,002,468 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\2wd2wg64.default\searchplugins\safesearch.xml
[2011/10/24 15:39:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/09 15:55:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/16 23:47:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/02 01:30:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/04 21:23:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/09 17:47:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/24 15:39:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/11/10 02:20:29 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/12/09 23:58:53 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN_2011_7_3_6
[2011/09/28 05:51:22 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN
[2011/10/12 06:16:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/08/24 04:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/12 06:16:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/12/17 22:13:46 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Michael\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
O1 HOSTS File: ([2010/07/29 21:44:46 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\S-1-5-21-107626587-2982368037-1246139285-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-107626587-2982368037-1246139285-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-107626587-2982368037-1246139285-1004..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL LLC)
O4 - HKU\S-1-5-21-107626587-2982368037-1246139285-1004..\Run: [Akamai NetSession Interface] C:\Users\Michael\AppData\Local\Akamai\netsession_win.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B89FDC3A-DB16-4BA9-AE8C-35E30C01AB66}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3ed09bcd-ff32-11de-b597-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3ed09bcd-ff32-11de-b597-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/12/10 00:00:54 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\HPAppData
[2011/11/17 03:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/15 16:36:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[22 C:\Users\Michael\Documents\*.tmp files -> C:\Users\Michael\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/12/10 00:05:46 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/10 00:05:46 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/10 00:03:00 | 000,780,508 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/10 00:03:00 | 000,661,086 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/10 00:03:00 | 000,121,434 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/09 23:58:54 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/09 23:58:31 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/12/09 23:58:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/09 23:58:08 | 334,942,207 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/09 23:14:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/08 18:22:03 | 000,000,500 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Johnny.job
[2011/12/08 05:45:02 | 000,000,404 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for family.job
[2011/12/05 06:51:45 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMichael.job
[2011/12/04 00:52:03 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJacqlyn.job
[2011/11/28 06:51:09 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForfamily.job
[2011/11/19 12:15:36 | 000,002,342 | -H-- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/11/15 14:06:59 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJohnny.job
[22 C:\Users\Michael\Documents\*.tmp files -> C:\Users\Michael\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/11/20 13:57:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForMichael.job
[2011/08/06 13:40:30 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/05/12 15:15:38 | 000,001,940 | ---- | C] () -- C:\Users\Michael\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/04/05 07:49:21 | 000,774,232 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/25 16:36:35 | 000,000,171 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2010/11/06 18:14:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/09/20 14:17:14 | 000,034,560 | ---- | C] () -- C:\Windows\SysWow64\drivers\Normandy.sys
[2010/06/25 02:12:10 | 000,023,144 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/01/20 06:45:24 | 000,226,732 | ---- | C] () -- C:\Windows\hpwins20.dat
[2010/01/20 06:45:24 | 000,001,360 | ---- | C] () -- C:\Windows\hpwmdl20.dat
[2010/01/11 22:23:14 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/07/15 19:50:42 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2010/02/27 12:23:33 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\acccore
[2010/01/11 23:31:19 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\GetRightToGo
[2010/12/25 18:40:16 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\MBTrading
[2010/01/11 21:35:11 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\PictureMover
[2010/01/24 12:21:04 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\Template
[2011/03/02 17:25:00 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\Tific
[2011/04/05 07:52:36 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\VectorVest, Inc
[2010/08/31 10:14:58 | 000,000,000 | ---D | M] -- C:\Users\family\AppData\Roaming\W Photo Studio Viewer
[2010/06/07 16:09:55 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PictureMover
[2010/01/22 16:47:39 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\acccore
[2011/07/24 10:47:44 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\Bigasoft iPod Video Converter
[2010/02/14 09:53:23 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\Lionhead Studios
[2011/07/24 11:03:38 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\OpenCandy
[2011/10/29 11:16:54 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\Origin
[2010/01/12 18:56:13 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\PictureMover
[2011/07/24 11:33:10 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\Sammsoft
[2010/09/09 00:17:52 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\Template
[2010/06/29 09:30:40 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\Tific
[2011/04/27 10:41:49 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\VectorVest, Inc
[2010/01/12 22:02:47 | 000,000,000 | ---D | M] -- C:\Users\Jacqlyn\AppData\Roaming\WinBatch
[2010/01/25 23:48:37 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\acccore
[2010/09/29 15:45:28 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Autodesk
[2010/10/13 17:44:00 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\BlocksDataDownloader
[2010/06/10 18:45:07 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\GetRightToGo
[2010/11/13 16:57:58 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\IMSI
[2010/01/12 14:37:42 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\PictureMover
[2011/08/02 22:42:51 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\RBotPlus
[2010/09/21 15:38:02 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\SystemRequirementsLab
[2011/03/02 17:06:12 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Tific
[2010/01/16 10:46:00 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Ubisoft
[2010/06/28 20:52:31 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\WildTangent
[2011/05/16 06:15:45 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\WinBatch
[2010/10/13 17:33:23 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Worden Brothers, Inc
[2010/01/22 16:40:05 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\acccore
[2011/01/08 19:14:20 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Audacity
[2010/06/26 23:48:44 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Auslogics
[2011/04/01 21:37:13 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\BitComet
[2010/01/12 15:45:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PictureMover
[2010/10/05 16:03:42 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\prankhouse
[2010/10/22 15:35:23 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\StreamTorrent
[2010/07/07 03:19:57 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Tific
[2011/06/29 17:46:24 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\VectorVest, Inc
[2010/01/28 18:18:28 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\WinBatch
[2011/09/30 09:00:00 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2010/07/05 06:49:07 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(29).TXT
[2010/07/05 06:49:07 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(46).TXT
[2010/05/15 08:29:11 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(70).TXT
[2010/07/05 06:49:07 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(98).TXT
[2011/12/07 01:54:09 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Edited by Falcons84, 09 December 2011 - 11:33 PM.