Your last item on the list I could not get to run: quickscan.bitdefender.com. However, there are four interesting files in my Downloads folder. They are:
~$s29.txt (hidden)
AlbumArtSmall.jpg
desktop.ini
Folder.jpg
Both .jpg files appear to be identical. I did not try to investigate any of the four, other than to right-click/properties to copy the names to post here.
Here are the logs:
COCOCOCOCO OTL Run Fix Scan Log COCOCOCOOCOOO
All processes killed
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6\ deleted successfully.
C:\Program Files\Yahoo!\Shared\npYState.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
C:\Windows\Downloaded Program Files\ImageUploader5.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}\ not found.
ADS C:\ProgramData\TEMP:BC359956 deleted successfully.
========== FILES ==========
< sc config setup_9.0.0.722_16.04.2011_16-52drv start= disabled /c >[SC] ChangeServiceConfig SUCCESS
C:\Users\Rachel\Desktop\cmd.bat deleted successfully.
C:\Users\Rachel\Desktop\cmd.txt deleted successfully.
< sc config setup_9.0.0.722_12.04.2011_14-49drv start= disabled /c >[SC] ChangeServiceConfig SUCCESS
C:\Users\Rachel\Desktop\cmd.bat deleted successfully.
C:\Users\Rachel\Desktop\cmd.txt deleted successfully.
< sc config setup_9.0.0.722_08.04.2011_14-41drv start= disabled /c >[SC] ChangeServiceConfig SUCCESS
C:\Users\Rachel\Desktop\cmd.bat deleted successfully.
C:\Users\Rachel\Desktop\cmd.txt deleted successfully.
< sc delete setup_9.0.0.722_16.04.2011_16-52drv /c >[SC] DeleteService SUCCESS
C:\Users\Rachel\Desktop\cmd.bat deleted successfully.
C:\Users\Rachel\Desktop\cmd.txt deleted successfully.
< sc delete setup_9.0.0.722_12.04.2011_14-49drv /c >[SC] DeleteService SUCCESS
C:\Users\Rachel\Desktop\cmd.bat deleted successfully.
C:\Users\Rachel\Desktop\cmd.txt deleted successfully.
< sc delete setup_9.0.0.722_08.04.2011_14-41drv /c >[SC] DeleteService SUCCESS
C:\Users\Rachel\Desktop\cmd.bat deleted successfully.
C:\Users\Rachel\Desktop\cmd.txt deleted successfully.
< reg query hklm\software\clients\startmenuinternet /s /c >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet
(Default) REG_SZ IEXPLORE.EXE
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE
(Default) REG_SZ Mozilla Firefox
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\Capabilities
ApplicationDescription REG_SZ Firefox delivers safe, easy web browsing. A familiar user interface, enhanced security features including protection from online identity theft, and integrated search let you get the most out of the web.
ApplicationIcon REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe,0
ApplicationName REG_SZ Firefox
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\Capabilities\FileAssociations
.htm REG_SZ FirefoxHTML
.html REG_SZ FirefoxHTML
.shtml REG_SZ FirefoxHTML
.xht REG_SZ FirefoxHTML
.xhtml REG_SZ FirefoxHTML
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\Capabilities\StartMenu
StartMenuInternet REG_SZ FIREFOX.EXE
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\Capabilities\URLAssociations
ftp REG_SZ FirefoxURL
http REG_SZ FirefoxURL
https REG_SZ FirefoxURL
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\DefaultIcon
(Default) REG_SZ C:\Program Files\Mozilla Firefox\firefox.exe,0
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo
HideIconsCommand REG_SZ "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts
ShowIconsCommand REG_SZ "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts
ReinstallCommand REG_SZ "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal
IconsVisible REG_DWORD 0x0
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command
(Default) REG_SZ firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties
(Default) REG_SZ Firefox &Options
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command
(Default) REG_SZ "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode
(Default) REG_SZ Firefox &Safe Mode
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command
(Default) REG_SZ firefox.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE
(Default) REG_SZ Internet Explorer
LocalizedString REG_SZ @C:\Program Files\Internet Explorer\iexplore.exe,-702
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\DefaultIcon
(Default) REG_SZ C:\Program Files\Internet Explorer\iexplore.exe,-9
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo
HideIconsCommand REG_SZ "C:\Windows\system32\ie4uinit.exe" -hide
ShowIconsCommand REG_SZ "C:\Windows\system32\ie4uinit.exe" -show
ReinstallCommand REG_SZ "C:\Windows\system32\ie4uinit.exe" -reinstall
IconsVisible REG_DWORD 0x1
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom
MUIVerb REG_SZ @C:\Windows\System32\ieframe.dll,-39229
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command
(Default) REG_SZ "C:\Program Files\Internet Explorer\iexplore.exe" -extoff
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command
(Default) REG_SZ "C:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE
(Default) REG_SZ SeaMonkey
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\Capabilities
ApplicationDescription REG_SZ SeaMonkey delivers safe, easy web browsing. A familiar user interface, enhanced security features including protection from online identity theft, and integrated search let you get the most out of the web.
ApplicationIcon REG_SZ C:\Program Files\SeaMonkey\seamonkey.exe,0
ApplicationName REG_SZ SeaMonkey
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\Capabilities\FileAssociations
.htm REG_SZ SeaMonkeyHTML
.html REG_SZ SeaMonkeyHTML
.shtml REG_SZ SeaMonkeyHTML
.xht REG_SZ SeaMonkeyHTML
.xhtml REG_SZ SeaMonkeyHTML
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\Capabilities\StartMenu
StartMenuInternet REG_SZ SEAMONKEY.EXE
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\Capabilities\URLAssociations
ftp REG_SZ SeaMonkeyURL
http REG_SZ SeaMonkeyURL
https REG_SZ SeaMonkeyURL
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\DefaultIcon
(Default) REG_SZ C:\Program Files\SeaMonkey\seamonkey.exe,0
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\InstallInfo
HideIconsCommand REG_SZ "C:\Program Files\SeaMonkey\uninstall\helper.exe" /HideShortcuts
ShowIconsCommand REG_SZ "C:\Program Files\SeaMonkey\uninstall\helper.exe" /ShowShortcuts
ReinstallCommand REG_SZ "C:\Program Files\SeaMonkey\uninstall\helper.exe" /SetAsDefaultAppGlobal
IconsVisible REG_DWORD 0x1
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\shell
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\shell\open
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\shell\open\command
(Default) REG_SZ C:\Program Files\SeaMonkey\seamonkey.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\shell\properties
(Default) REG_SZ SeaMonkey &Options
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\shell\properties\command
(Default) REG_SZ "C:\Program Files\SeaMonkey\seamonkey.exe" -preferences
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\shell\safemode
(Default) REG_SZ SeaMonkey &Safe Mode
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\SEAMONKEY.EXE\shell\safemode\command
(Default) REG_SZ "C:\Program Files\SeaMonkey\seamonkey.exe" -safe-mode
C:\Users\Rachel\Desktop\cmd.bat deleted successfully.
C:\Users\Rachel\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35040713 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 611 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56475 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Rachel
->Temp folder emptied: 274025 bytes
->Temporary Internet Files folder emptied: 62870711 bytes
->FireFox cache emptied: 52638231 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 1917 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1270 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 144.00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01212012_121330
Files\Folders moved on Reboot...
File\Folder C:\Users\Rachel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRD0000.doc not found!
File\Folder C:\Users\Rachel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{D902ED46-1DE0-40F9-8698-7CA3C74BB6D5}.tmp not found!
File\Folder C:\Users\Rachel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{941D7B79-AE3D-49E2-866B-FE4A748571B4}.tmp not found!
File\Folder C:\Users\Rachel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{DB1382E1-0C97-41E0-87B1-2F5167D04ADE}.tmp not found!
Registry entries deleted on Reboot...
COCOCOCOCO OTL Quick Scan COCOCCOCOCOCO
OTL logfile created on: 1/21/2012 12:20:08 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Rachel\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 68.06% Memory free
4.23 Gb Paging File | 3.68 Gb Available in Paging File | 87.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.47 Gb Total Space | 58.58 Gb Free Space | 42.93% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.04 Gb Free Space | 50.37% Space Free | Partition Type: NTFS
Computer Name: STORMY-PC | User Name: Rachel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/01/19 13:41:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rachel\Desktop\OTL.exe
PRC - [2012/01/03 07:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/28 14:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/06/24 23:17:00 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
========== Modules (No Company Name) ========== MOD - [2010/03/15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (HPSLPSVC)
SRV - File not found [On_Demand | Stopped] -- -- (hpqddsvc)
SRV - File not found [Disabled | Stopped] -- -- (hpqcxs08)
SRV - [2012/01/03 07:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/24 23:17:00 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
========== Driver Services (SafeList) ========== DRV - [2011/08/01 05:23:23 | 000,143,624 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2011/04/28 13:57:30 | 000,112,712 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2011/04/28 13:57:07 | 000,126,024 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2011/04/28 13:57:07 | 000,111,176 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2011/04/28 13:57:07 | 000,099,400 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2010/11/13 23:32:44 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2009/06/16 13:59:00 | 009,768,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/04/10 22:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2007/10/10 16:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/06/24 23:17:04 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/03/05 20:45:00 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/01/29 06:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2006/11/27 01:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 01:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 01:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/21 06:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 01:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 01:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/08/04 18:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.google.com"FF - prefs.js..extensions.enabledItems:
[email protected]:7
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
[email protected]:3.1.4
FF - prefs.js..keyword.URL: "
http://search.yahoo....type=685749&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/10 20:40:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/10 20:14:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/21 12:13:31 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.6.1\extensions\\Components: C:\Program Files\SeaMonkey\components [2012/01/16 22:04:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.6.1\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins
[2009/02/03 07:33:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\mozilla\Extensions
[2011/12/01 14:48:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\mozilla\Firefox\Profiles\e2zp44ii.default\extensions
[2011/10/17 08:13:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\mozilla\SeaMonkey\Profiles\ax9fe304.default\extensions
[2011/10/08 09:06:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/10 20:40:42 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
() (No name found) -- C:\USERS\RACHEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\E2ZP44II.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/09/29 00:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 18:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\12.0.742.91\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\12.0.742.91\pdf.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files\Google\Chrome\Application\12.0.742.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\12.0.742.91\gears.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Rachel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Rachel\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Minimal = C:\Users\Rachel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfhcmjkebafbfikmbkhdpbmfpfjgiog\1.0_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Rachel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\
O1 HOSTS File: ([2012/01/19 19:55:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: fdch.com ([%20info] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1449DD32-2506-43C0-81CD-7FE99048DF13}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2012/01/21 12:18:23 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Desktop\Sat Logs
[2012/01/21 12:13:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/21 12:07:58 | 000,061,440 | ---- | C] ( ) -- C:\Users\Rachel\Desktop\VEW.exe
[2012/01/19 22:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012/01/19 22:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/01/19 22:07:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/01/19 20:09:49 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/19 19:56:03 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/01/19 19:43:03 | 000,000,000 | ---D | C] -- C:\CFix
[2012/01/19 19:41:58 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Desktop\logs to post
[2012/01/19 19:22:12 | 004,388,721 | R--- | C] (Swearware) -- C:\Users\Rachel\Desktop\CFix.exe
[2012/01/19 13:41:26 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Rachel\Desktop\OTL.exe
[2012/01/19 10:00:45 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Local\temp
[2012/01/19 09:46:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/19 09:46:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/19 09:46:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/19 09:45:56 | 000,000,000 | ---D | C] -- C:\twerp28some
[2012/01/19 09:45:56 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/19 09:45:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/18 20:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/14 10:56:05 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Desktop\NCH
[2012/01/04 21:25:46 | 000,000,000 | ---D | C] -- C:\Users\Rachel\RealTemp
[2012/01/01 09:56:53 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Desktop\Pix
[2012/01/01 09:56:34 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Desktop\Weblinks for Stuff
[2011/12/28 22:43:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
[2011/12/24 17:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
========== Files - Modified Within 30 Days ========== [2012/01/21 12:17:57 | 000,048,734 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/01/21 12:17:57 | 000,048,734 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/01/21 12:17:46 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/21 12:17:46 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/21 12:17:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/21 12:08:02 | 000,061,440 | ---- | M] ( ) -- C:\Users\Rachel\Desktop\VEW.exe
[2012/01/21 09:51:07 | 000,609,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/21 09:51:07 | 000,105,730 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/20 12:08:35 | 000,002,609 | ---- | M] () -- C:\Users\Rachel\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2012/01/19 19:55:58 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/01/19 19:22:22 | 004,388,721 | R--- | M] (Swearware) -- C:\Users\Rachel\Desktop\CFix.exe
[2012/01/19 13:41:28 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rachel\Desktop\OTL.exe
[2012/01/19 13:31:28 | 000,013,374 | ---- | M] () -- C:\Users\Rachel\.recently-used.xbel
[2012/01/18 01:10:43 | 000,374,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
========== Files Created - No Company Name ========== [2012/01/19 22:13:20 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/01/19 13:31:28 | 000,013,374 | ---- | C] () -- C:\Users\Rachel\.recently-used.xbel
[2012/01/19 09:46:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/19 09:46:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/19 09:46:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/19 09:46:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/19 09:46:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/18 01:09:08 | 000,374,120 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/19 12:31:07 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011/12/01 16:59:13 | 000,000,264 | ---- | C] () -- C:\Windows\System32\PSUNCpl.dat
[2011/11/20 20:12:12 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/11/20 20:12:12 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/11/07 21:19:36 | 000,206,995 | ---- | C] () -- C:\Windows\hpoins46.dat
[2011/10/22 19:58:07 | 000,023,580 | ---- | C] () -- C:\Users\Rachel\AppData\Roaming\UserTile.png
[2011/07/25 11:40:34 | 000,214,016 | ---- | C] () -- C:\Users\Rachel\AppData\Roaming\SharedSettings.ccs
[2011/07/11 08:22:07 | 000,048,734 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/07/11 08:22:03 | 000,048,734 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/04/23 09:09:56 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini
[2011/04/23 07:55:22 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/21 13:59:46 | 000,192,140 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/01/25 20:57:42 | 000,000,418 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/01/17 09:46:41 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010/03/31 18:34:36 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2009/11/17 18:41:45 | 000,000,508 | ---- | C] () -- C:\Windows\WinSig.Ini
[2009/11/17 18:41:45 | 000,000,144 | ---- | C] () -- C:\Windows\Reader.Ini
[2009/11/17 18:41:44 | 000,028,672 | ---- | C] () -- C:\Windows\System32\proxydll.dll
[2009/11/17 18:41:44 | 000,017,920 | ---- | C] () -- C:\Windows\System32\Implode.dll
[2009/11/17 18:40:42 | 000,002,628 | ---- | C] () -- C:\Windows\WinRos.Ini
[2009/09/18 16:05:58 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/18 16:05:58 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/18 16:05:03 | 000,062,976 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/03/17 16:24:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/24 12:31:35 | 000,041,478 | ---- | C] () -- C:\Users\Rachel\AppData\Roaming\nvModes.001
[2009/01/24 10:12:30 | 000,041,478 | ---- | C] () -- C:\Users\Rachel\AppData\Roaming\nvModes.dat
[2009/01/18 18:32:43 | 000,000,031 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2007/10/11 06:30:49 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/10/10 22:57:28 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/10/10 22:57:25 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2006/11/09 22:45:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 06:56:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 04:33:01 | 000,609,082 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 04:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 04:33:01 | 000,105,730 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 04:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 04:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 04:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 02:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 02:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 01:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ========== [2011/01/17 11:03:35 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\acccore
[2011/10/30 18:53:02 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\BlueSprig
[2011/08/23 17:33:10 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\FileZilla
[2012/01/07 11:29:24 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\gtk-2.0
[2010/02/05 20:46:57 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\iLike
[2011/08/19 09:03:07 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\IObit
[2009/03/26 10:38:05 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\MusicNet
[2011/02/28 12:54:38 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\NCH Swift Sound
[2011/12/01 17:00:22 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\Panda Security
[2011/10/22 19:58:06 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\PeerNetworking
[2011/01/18 10:40:59 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\Uniblue
[2012/01/21 12:16:52 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== < End of report >
COCOCCOCOCOCO \windows\logs\cbs\junk.txt COCCOCOOCOCOCOCOO
2012-01-21 12:31:17, Info CSI 00000006 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:17, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:23, Info CSI 00000009 [SR] Verify complete
2012-01-21 12:31:24, Info CSI 0000000a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:24, Info CSI 0000000b [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:30, Info CSI 0000000d [SR] Verify complete
2012-01-21 12:31:31, Info CSI 0000000e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:31, Info CSI 0000000f [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:33, Info CSI 00000011 [SR] Verify complete
2012-01-21 12:31:33, Info CSI 00000012 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:33, Info CSI 00000013 [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:35, Info CSI 00000015 [SR] Verify complete
2012-01-21 12:31:37, Info CSI 00000016 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:37, Info CSI 00000017 [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:42, Info CSI 00000019 [SR] Verify complete
2012-01-21 12:31:44, Info CSI 0000001a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:44, Info CSI 0000001b [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:45, Info CSI 0000001d [SR] Verify complete
2012-01-21 12:31:46, Info CSI 0000001e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:46, Info CSI 0000001f [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:48, Info CSI 00000021 [SR] Verify complete
2012-01-21 12:31:49, Info CSI 00000022 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:49, Info CSI 00000023 [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:50, Info CSI 00000025 [SR] Verify complete
2012-01-21 12:31:51, Info CSI 00000026 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:51, Info CSI 00000027 [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:53, Info CSI 00000029 [SR] Verify complete
2012-01-21 12:31:53, Info CSI 0000002a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:53, Info CSI 0000002b [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:55, Info CSI 0000002d [SR] Verify complete
2012-01-21 12:31:56, Info CSI 0000002e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:56, Info CSI 0000002f [SR] Beginning Verify and Repair transaction
2012-01-21 12:31:57, Info CSI 00000031 [SR] Verify complete
2012-01-21 12:31:58, Info CSI 00000032 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:31:58, Info CSI 00000033 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:00, Info CSI 00000035 [SR] Verify complete
2012-01-21 12:32:01, Info CSI 00000036 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:01, Info CSI 00000037 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:02, Info CSI 00000039 [SR] Verify complete
2012-01-21 12:32:03, Info CSI 0000003a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:03, Info CSI 0000003b [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:04, Info CSI 0000003d [SR] Verify complete
2012-01-21 12:32:05, Info CSI 0000003e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:05, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:07, Info CSI 00000041 [SR] Verify complete
2012-01-21 12:32:08, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:08, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:09, Info CSI 00000045 [SR] Verify complete
2012-01-21 12:32:10, Info CSI 00000046 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:10, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:12, Info CSI 00000049 [SR] Verify complete
2012-01-21 12:32:13, Info CSI 0000004a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:13, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:14, Info CSI 0000004d [SR] Verify complete
2012-01-21 12:32:15, Info CSI 0000004e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:15, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:16, Info CSI 00000051 [SR] Verify complete
2012-01-21 12:32:17, Info CSI 00000052 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:17, Info CSI 00000053 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:18, Info CSI 00000055 [SR] Verify complete
2012-01-21 12:32:19, Info CSI 00000056 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:19, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:21, Info CSI 00000059 [SR] Verify complete
2012-01-21 12:32:21, Info CSI 0000005a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:21, Info CSI 0000005b [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:24, Info CSI 0000005d [SR] Verify complete
2012-01-21 12:32:25, Info CSI 0000005e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:25, Info CSI 0000005f [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:26, Info CSI 00000061 [SR] Verify complete
2012-01-21 12:32:27, Info CSI 00000062 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:27, Info CSI 00000063 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:30, Info CSI 00000065 [SR] Verify complete
2012-01-21 12:32:31, Info CSI 00000066 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:31, Info CSI 00000067 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:33, Info CSI 00000069 [SR] Verify complete
2012-01-21 12:32:33, Info CSI 0000006a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:33, Info CSI 0000006b [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:36, Info CSI 0000006d [SR] Verify complete
2012-01-21 12:32:36, Info CSI 0000006e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:36, Info CSI 0000006f [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:38, Info CSI 00000071 [SR] Verify complete
2012-01-21 12:32:39, Info CSI 00000072 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:39, Info CSI 00000073 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:41, Info CSI 00000075 [SR] Verify complete
2012-01-21 12:32:41, Info CSI 00000076 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:41, Info CSI 00000077 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:44, Info CSI 00000079 [SR] Verify complete
2012-01-21 12:32:45, Info CSI 0000007a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:45, Info CSI 0000007b [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:47, Info CSI 0000007d [SR] Verify complete
2012-01-21 12:32:47, Info CSI 0000007e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:47, Info CSI 0000007f [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:49, Info CSI 00000081 [SR] Verify complete
2012-01-21 12:32:50, Info CSI 00000082 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:50, Info CSI 00000083 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:53, Info CSI 00000085 [SR] Verify complete
2012-01-21 12:32:54, Info CSI 00000086 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:32:54, Info CSI 00000087 [SR] Beginning Verify and Repair transaction
2012-01-21 12:32:59, Info CSI 00000089 [SR] Verify complete
2012-01-21 12:33:00, Info CSI 0000008a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:00, Info CSI 0000008b [SR] Beginning Verify and Repair transaction
2012-01-21 12:33:04, Info CSI 0000008d [SR] Verify complete
2012-01-21 12:33:05, Info CSI 0000008e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:05, Info CSI 0000008f [SR] Beginning Verify and Repair transaction
2012-01-21 12:33:12, Info CSI 00000092 [SR] Verify complete
2012-01-21 12:33:12, Info CSI 00000093 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:12, Info CSI 00000094 [SR] Beginning Verify and Repair transaction
2012-01-21 12:33:16, Info CSI 00000096 [SR] Verify complete
2012-01-21 12:33:17, Info CSI 00000097 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:17, Info CSI 00000098 [SR] Beginning Verify and Repair transaction
2012-01-21 12:33:22, Info CSI 0000009b [SR] Verify complete
2012-01-21 12:33:22, Info CSI 0000009c [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:22, Info CSI 0000009d [SR] Beginning Verify and Repair transaction
2012-01-21 12:33:29, Info CSI 0000009f [SR] Verify complete
2012-01-21 12:33:29, Info CSI 000000a0 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:29, Info CSI 000000a1 [SR] Beginning Verify and Repair transaction
2012-01-21 12:33:39, Info CSI 000000ab [SR] Verify complete
2012-01-21 12:33:39, Info CSI 000000ac [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:39, Info CSI 000000ad [SR] Beginning Verify and Repair transaction
2012-01-21 12:33:45, Info CSI 000000af [SR] Verify complete
2012-01-21 12:33:45, Info CSI 000000b0 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:45, Info CSI 000000b1 [SR] Beginning Verify and Repair transaction
2012-01-21 12:33:51, Info CSI 000000b3 [SR] Verify complete
2012-01-21 12:33:52, Info CSI 000000b4 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:52, Info CSI 000000b5 [SR] Beginning Verify and Repair transaction
2012-01-21 12:33:57, Info CSI 000000b7 [SR] Verify complete
2012-01-21 12:33:58, Info CSI 000000b8 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:33:58, Info CSI 000000b9 [SR] Beginning Verify and Repair transaction
2012-01-21 12:34:03, Info CSI 000000bb [SR] Verify complete
2012-01-21 12:34:04, Info CSI 000000bc [SR] Verifying 100 (0x00000064) components
2012-01-21 12:34:04, Info CSI 000000bd [SR] Beginning Verify and Repair transaction
2012-01-21 12:34:13, Info CSI 000000c1 [SR] Verify complete
2012-01-21 12:34:14, Info CSI 000000c2 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:34:14, Info CSI 000000c3 [SR] Beginning Verify and Repair transaction
2012-01-21 12:34:27, Info CSI 000000c5 [SR] Verify complete
2012-01-21 12:34:27, Info CSI 000000c6 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:34:27, Info CSI 000000c7 [SR] Beginning Verify and Repair transaction
2012-01-21 12:34:43, Info CSI 000000c9 [SR] Verify complete
2012-01-21 12:34:44, Info CSI 000000ca [SR] Verifying 100 (0x00000064) components
2012-01-21 12:34:44, Info CSI 000000cb [SR] Beginning Verify and Repair transaction
2012-01-21 12:34:56, Info CSI 000000cd [SR] Verify complete
2012-01-21 12:34:56, Info CSI 000000ce [SR] Verifying 100 (0x00000064) components
2012-01-21 12:34:56, Info CSI 000000cf [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:00, Info CSI 000000d1 [SR] Verify complete
2012-01-21 12:35:00, Info CSI 000000d2 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:00, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:03, Info CSI 000000d5 [SR] Verify complete
2012-01-21 12:35:03, Info CSI 000000d6 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:03, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:06, Info CSI 000000d9 [SR] Verify complete
2012-01-21 12:35:06, Info CSI 000000da [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:06, Info CSI 000000db [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:19, Info CSI 000000f9 [SR] Verify complete
2012-01-21 12:35:19, Info CSI 000000fa [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:19, Info CSI 000000fb [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:21, Info CSI 000000fd [SR] Verify complete
2012-01-21 12:35:21, Info CSI 000000fe [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:21, Info CSI 000000ff [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:25, Info CSI 00000101 [SR] Verify complete
2012-01-21 12:35:26, Info CSI 00000102 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:26, Info CSI 00000103 [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:30, Info CSI 00000105 [SR] Verify complete
2012-01-21 12:35:31, Info CSI 00000106 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:31, Info CSI 00000107 [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:39, Info CSI 00000109 [SR] Verify complete
2012-01-21 12:35:40, Info CSI 0000010a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:40, Info CSI 0000010b [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:50, Info CSI 0000010e [SR] Verify complete
2012-01-21 12:35:51, Info CSI 0000010f [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:51, Info CSI 00000110 [SR] Beginning Verify and Repair transaction
2012-01-21 12:35:54, Info CSI 00000112 [SR] Verify complete
2012-01-21 12:35:54, Info CSI 00000113 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:35:54, Info CSI 00000114 [SR] Beginning Verify and Repair transaction
2012-01-21 12:36:02, Info CSI 00000116 [SR] Verify complete
2012-01-21 12:36:03, Info CSI 00000117 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:36:03, Info CSI 00000118 [SR] Beginning Verify and Repair transaction
2012-01-21 12:36:07, Info CSI 0000011a [SR] Verify complete
2012-01-21 12:36:08, Info CSI 0000011b [SR] Verifying 100 (0x00000064) components
2012-01-21 12:36:08, Info CSI 0000011c [SR] Beginning Verify and Repair transaction
2012-01-21 12:36:13, Info CSI 0000011e [SR] Verify complete
2012-01-21 12:36:14, Info CSI 0000011f [SR] Verifying 100 (0x00000064) components
2012-01-21 12:36:14, Info CSI 00000120 [SR] Beginning Verify and Repair transaction
2012-01-21 12:36:25, Info CSI 00000125 [SR] Verify complete
2012-01-21 12:36:25, Info CSI 00000126 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:36:25, Info CSI 00000127 [SR] Beginning Verify and Repair transaction
2012-01-21 12:36:36, Info CSI 00000149 [SR] Verify complete
2012-01-21 12:36:36, Info CSI 0000014a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:36:36, Info CSI 0000014b [SR] Beginning Verify and Repair transaction
2012-01-21 12:36:47, Info CSI 0000014d [SR] Verify complete
2012-01-21 12:36:48, Info CSI 0000014e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:36:48, Info CSI 0000014f [SR] Beginning Verify and Repair transaction
2012-01-21 12:37:17, Info CSI 00000151 [SR] Verify complete
2012-01-21 12:37:18, Info CSI 00000152 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:37:18, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2012-01-21 12:37:26, Info CSI 00000155 [SR] Verify complete
2012-01-21 12:37:26, Info CSI 00000156 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:37:26, Info CSI 00000157 [SR] Beginning Verify and Repair transaction
2012-01-21 12:37:36, Info CSI 00000159 [SR] Verify complete
2012-01-21 12:37:37, Info CSI 0000015a [SR] Verifying 100 (0x00000064) components
2012-01-21 12:37:37, Info CSI 0000015b [SR] Beginning Verify and Repair transaction
2012-01-21 12:37:44, Info CSI 0000015d [SR] Verify complete
2012-01-21 12:37:44, Info CSI 0000015e [SR] Verifying 100 (0x00000064) components
2012-01-21 12:37:44, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2012-01-21 12:37:49, Info CSI 00000161 [SR] Verify complete
2012-01-21 12:37:50, Info CSI 00000162 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:37:50, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2012-01-21 12:37:56, Info CSI 00000166 [SR] Verify complete
2012-01-21 12:37:57, Info CSI 00000167 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:37:57, Info CSI 00000168 [SR] Beginning Verify and Repair transaction
2012-01-21 12:38:18, Info CSI 0000016a [SR] Verify complete
2012-01-21 12:38:19, Info CSI 0000016b [SR] Verifying 100 (0x00000064) components
2012-01-21 12:38:19, Info CSI 0000016c [SR] Beginning Verify and Repair transaction
2012-01-21 12:38:26, Info CSI 0000016e [SR] Verify complete
2012-01-21 12:38:27, Info CSI 0000016f [SR] Verifying 100 (0x00000064) components
2012-01-21 12:38:27, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2012-01-21 12:38:40, Info CSI 00000172 [SR] Verify complete
2012-01-21 12:38:40, Info CSI 00000173 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:38:40, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2012-01-21 12:38:55, Info CSI 00000176 [SR] Verify complete
2012-01-21 12:38:55, Info CSI 00000177 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:38:55, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2012-01-21 12:39:03, Info CSI 0000017a [SR] Verify complete
2012-01-21 12:39:03, Info CSI 0000017b [SR] Verifying 100 (0x00000064) components
2012-01-21 12:39:03, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2012-01-21 12:39:16, Info CSI 0000017e [SR] Verify complete
2012-01-21 12:39:16, Info CSI 0000017f [SR] Verifying 100 (0x00000064) components
2012-01-21 12:39:16, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2012-01-21 12:39:32, Info CSI 00000183 [SR] Verify complete
2012-01-21 12:39:33, Info CSI 00000184 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:39:33, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
2012-01-21 12:39:38, Info CSI 00000187 [SR] Verify complete
2012-01-21 12:39:38, Info CSI 00000188 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:39:38, Info CSI 00000189 [SR] Beginning Verify and Repair transaction
2012-01-21 12:39:45, Info CSI 0000018b [SR] Verify complete
2012-01-21 12:39:45, Info CSI 0000018c [SR] Verifying 100 (0x00000064) components
2012-01-21 12:39:45, Info CSI 0000018d [SR] Beginning Verify and Repair transaction
2012-01-21 12:39:53, Info CSI 0000018f [SR] Verify complete
2012-01-21 12:39:54, Info CSI 00000190 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:39:54, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2012-01-21 12:40:02, Info CSI 00000196 [SR] Verify complete
2012-01-21 12:40:02, Info CSI 00000197 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:40:02, Info CSI 00000198 [SR] Beginning Verify and Repair transaction
2012-01-21 12:40:09, Info CSI 0000019a [SR] Verify complete
2012-01-21 12:40:10, Info CSI 0000019b [SR] Verifying 100 (0x00000064) components
2012-01-21 12:40:10, Info CSI 0000019c [SR] Beginning Verify and Repair transaction
2012-01-21 12:40:22, Info CSI 0000019e [SR] Verify complete
2012-01-21 12:40:23, Info CSI 0000019f [SR] Verifying 100 (0x00000064) components
2012-01-21 12:40:23, Info CSI 000001a0 [SR] Beginning Verify and Repair transaction
2012-01-21 12:40:29, Info CSI 000001a2 [SR] Verify complete
2012-01-21 12:40:29, Info CSI 000001a3 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:40:29, Info CSI 000001a4 [SR] Beginning Verify and Repair transaction
2012-01-21 12:40:31, Info CSI 000001a6 [SR] Verify complete
2012-01-21 12:40:32, Info CSI 000001a7 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:40:32, Info CSI 000001a8 [SR] Beginning Verify and Repair transaction
2012-01-21 12:40:43, Info CSI 000001aa [SR] Verify complete
2012-01-21 12:40:44, Info CSI 000001ab [SR] Verifying 100 (0x00000064) components
2012-01-21 12:40:44, Info CSI 000001ac [SR] Beginning Verify and Repair transaction
2012-01-21 12:40:53, Info CSI 000001ae [SR] Verify complete
2012-01-21 12:40:53, Info CSI 000001af [SR] Verifying 100 (0x00000064) components
2012-01-21 12:40:53, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2012-01-21 12:41:00, Info CSI 000001b2 [SR] Verify complete
2012-01-21 12:41:01, Info CSI 000001b3 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:41:01, Info CSI 000001b4 [SR] Beginning Verify and Repair transaction
2012-01-21 12:41:18, Info CSI 000001b6 [SR] Verify complete
2012-01-21 12:41:18, Info CSI 000001b7 [SR] Verifying 100 (0x00000064) components
2012-01-21 12:41:18, Info CSI 000001b8 [SR] Beginning Verify and Repair transaction
2012-01-21 12:41:22, Info CSI 000001ba [SR] Verify complete
2012-01-21 12:41:23, Info CSI 000001bb [SR] Verifying 100 (0x00000064) components
2012-01-21 12:41:23, Info CSI 000001bc [SR] Beginning Verify and Repair transaction
2012-01-21 12:41:29, Info CSI 000001be [SR] Verify complete
2012-01-21 12:41:30, Info CSI 000001bf [SR] Verifying 100 (0x00000064) components
2012-01-21 12:41:30, Info CSI 000001c0 [SR] Beginning Verify and Repair transaction
2012-01-21 12:41:40, Info CSI 000001cb [SR] Verify complete
2012-01-21 12:41:41, Info CSI 000001cc [SR] Verifying 22 (0x00000016) components
2012-01-21 12:41:41, Info CSI 000001cd [SR] Beginning Verify and Repair transaction
2012-01-21 12:41:42, Info CSI 000001cf [SR] Verify complete
2012-01-21 12:41:42, Info CSI 000001d0 [SR] Repairing 0 components
2012-01-21 12:41:42, Info CSI 000001d1 [SR] Beginning Verify and Repair transaction
2012-01-21 12:41:42, Info CSI 000001d3 [SR] Repair complete
COCOCCOCOOCOC sigverif did not display any unsigned drivers COCCOCOCOCOC
COCCOCOCOCOCO VEW sys log COCOCOCOCOOC
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 21/01/2012 12:48:18 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/01/2012 6:28:45 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: SDHookDriver
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/01/2012 6:28:15 PM
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.
Log: 'System' Date/Time: 21/01/2012 6:27:18 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
COCOCOCOCOOCOC VEW app log COCOCOCCOCOCDOO
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 21/01/2012 12:49:32 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/01/2012 6:27:17 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-1472772605-2542600416-2604280586-1000_Classes:
Process 1808 (\Device\HarddiskVolume3\Windows\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-1472772605-2542600416-2604280586-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
COCOCOCOCOCOCO ESETscan log CCOCOCOCOOCOOCO
C:\ProgramData\~0\rbia.exe Win32/RegistryBooster application
C:\Users\All Users\~0\rbia.exe Win32/RegistryBooster application
C:\Users\Rachel\Desktop\Stormy\Software\imf-setup.exe a variant of Win32/Toolbar.Widgi application