OTL logfile created on: 2/2/2012 7:29:46 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\D\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.94 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 42.96% Memory free
4.88 Gb Paging File | 3.24 Gb Available in Paging File | 66.51% Paging File free
Paging file location(s): c:\pagefile.sys 3072 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.79 Gb Total Space | 97.98 Gb Free Space | 43.98% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.21 Gb Free Space | 42.10% Space Free | Partition Type: NTFS
Computer Name: D-PC | User Name: C | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/28 09:46:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\D\Desktop\OTL.exe
PRC - [2012/01/06 11:26:06 | 000,722,616 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/16 22:08:59 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/10/13 23:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/10/13 23:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/04/16 17:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Norton 360\Engine\5.2.0.13\ccsvchst.exe
PRC - [2010/03/08 00:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1327961155\ee\aolsoftware.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/23 12:06:17 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/12/16 22:08:59 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Unknown | Stopped] -- -- (getPlusHelper)
SRV - [2012/01/11 16:18:14 | 001,117,624 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2012/01/11 14:56:12 | 000,402,336 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2012/01/11 14:56:08 | 000,071,008 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\PC Tools\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2012/01/06 11:26:06 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/13 23:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/06/13 21:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/04/16 17:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Norton 360\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
SRV - [2009/10/20 11:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2008/01/29 17:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/05/31 08:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 08:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
========== Driver Services (SafeList) ==========
DRV - [2012/01/11 16:19:24 | 000,070,536 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2012/01/11 16:19:02 | 000,185,560 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\PCTSD.sys -- (PCTSD)
DRV - [2012/01/11 16:14:30 | 000,253,352 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2012/01/11 14:56:12 | 000,574,424 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfSysMon.sys -- (TFSysMon)
DRV - [2012/01/11 14:56:12 | 000,054,328 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2012/01/11 14:56:12 | 000,035,264 | --S- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2011/12/31 12:56:49 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pssdk42.sys -- (PSSDK42)
DRV - [2011/12/15 16:33:22 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120201.002\IDSvix86.sys -- (IDSVix86)
DRV - [2011/12/01 16:07:06 | 000,909,728 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2011/12/01 16:07:06 | 000,342,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2011/11/30 19:25:03 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120121.002\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/11/29 23:27:49 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120202.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/11/29 23:27:49 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/11/29 23:27:49 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/11/29 23:27:49 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120202.002\NAVENG.SYS -- (NAVENG)
DRV - [2011/11/14 15:12:26 | 000,331,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2011/06/06 00:24:08 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/05/04 11:36:32 | 000,027,192 | ---- | M] (Resplendence Software Projects Sp.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\rspSanity32.sys -- (rspSanity)
DRV - [2011/04/20 18:37:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/03/30 20:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 20:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/14 19:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/26 23:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS -- (SymDS)
DRV - [2010/11/15 18:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS -- (SymIRON)
DRV - [2010/09/01 01:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2009/12/30 10:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/12/13 04:21:40 | 000,002,560 | ---- | M] (SupportSoft Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssrangdr.sys -- (ssrangdr)
DRV - [2009/10/20 11:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/07/14 18:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/12/09 09:59:30 | 000,020,392 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV - [2007/10/29 02:40:28 | 001,062,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 00:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/01 13:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/10/18 11:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/08/04 17:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3008658398-1242687141-1261451896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3008658398-1242687141-1261451896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKU\S-1-5-21-3008658398-1242687141-1261451896-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3008658398-1242687141-1261451896-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3008658398-1242687141-1261451896-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3008658398-1242687141-1261451896-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com
IE - HKU\S-1-5-21-3008658398-1242687141-1261451896-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "AOL Search"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..browser.startup.homepage: "http://www.aol.com"
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..keyword.URL: "http://aolsearch.aol...archbox&query="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@emusic.com/dlm-plugin: C:\Users\D\Desktop\Downloads\etunes downloads\eMusic Download Manager\plugin\npemusic.dll (eMusic.com)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\C\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\C\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Users\D\Desktop\Downloads\etunes downloads\eMusic Download Manager\xulrunner\components [2012/02/01 17:08:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Users\D\Desktop\Downloads\etunes downloads\eMusic Download Manager\xulrunner\plugins [2012/02/01 17:08:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/10/28 03:03:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/01/31 16:42:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_5_2 [2012/02/02 10:51:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/06 23:32:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/26 12:02:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/30 15:06:57 | 000,000,000 | ---D | M]
[2011/12/06 13:41:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\C\AppData\Roaming\mozilla\Extensions
[2012/01/30 15:07:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\vvb3bvb9.default\extensions
[2012/01/30 15:07:04 | 000,000,000 | ---D | M] (AOL Toolbar) -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\vvb3bvb9.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2011/12/25 00:54:30 | 000,000,000 | ---D | M] (WOT) -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\vvb3bvb9.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/12/25 00:54:30 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\vvb3bvb9.default\extensions\[email protected]
[2012/01/03 17:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/03 17:10:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011/12/16 22:09:01 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/03 17:09:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/11/10 13:35:18 | 000,002,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
[2011/12/16 18:38:42 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/12/16 18:25:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/16 18:38:42 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/12/16 18:38:42 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/12/16 18:38:42 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\C\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\C\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\C\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\C\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: eMusic Remote Plugin (Enabled) = C:\Users\D\Desktop\Downloads\etunes downloads\eMusic Download Manager\plugin\npemusic.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\C\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
O1 HOSTS File: ([2012/01/31 11:31:26 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AOL Toolbar Loader) - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Norton 360\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
O3 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1327961155\ee\aolsoftware.exe (AOL Inc.)
O4 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1001..\Run: [AOL Fast Start] C:\Program Files\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
O4 - HKLM..\RunOnce: [TodoBackupUninst] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O15 - HKU\S-1-5-21-3008658398-1242687141-1261451896-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support....veX/MSDcode.cab (Reg Error: Key error.)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://icmsweb.star...olv_cs/smsx.cab (MeadCo ScriptX)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9C63BB0-190C-469D-BF4B-2E14F0B49D93}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/31 11:30:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/30 15:07:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL
[2012/01/30 15:07:05 | 000,058,696 | ---- | C] (AOL Inc.) -- C:\Windows\System32\AOLParconLink.exe
[2012/01/30 15:06:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2012/01/30 15:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\AOL
[2012/01/30 15:05:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2012/01/30 15:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\aolshare
[2012/01/30 15:05:47 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Desktop 9.6
[2012/01/30 14:42:31 | 000,000,000 | ---D | C] -- C:\Users\C\Desktop\AOL Saved PFC
[2012/01/30 12:03:50 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\AOL
[2012/01/30 12:03:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint
[2012/01/30 12:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2012/01/29 00:36:02 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Local\Norman Malware Cleaner
[2012/01/29 00:21:49 | 000,000,000 | ---D | C] -- C:\Users\C\Documents\Simply Super Software
[2012/01/28 12:55:40 | 000,000,000 | ---D | C] -- C:\My Backups
[2012/01/28 12:55:33 | 000,187,016 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\drivers\EuFdDisk.sys
[2012/01/28 12:55:33 | 000,050,312 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\drivers\eubakup.sys
[2012/01/28 12:55:33 | 000,017,032 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Windows\System32\drivers\eudskacs.sys
[2012/01/28 12:53:50 | 000,000,000 | ---D | C] -- C:\Program Files\EaseUS
[2012/01/27 23:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/01/27 23:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/01/27 22:58:25 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\VS Revo Group
[2012/01/27 19:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2012/01/27 19:00:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman Pro 3.5
[2012/01/27 19:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\Hitman Pro 3.5
[2012/01/27 18:58:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2012/01/27 18:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/27 18:04:45 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/01/27 18:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/27 11:15:25 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Local\temp
[2012/01/27 11:14:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/27 00:27:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/27 00:27:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/27 00:27:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/27 00:27:18 | 000,000,000 | ---D | C] -- C:\user567
[2012/01/27 00:26:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/26 20:43:16 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Local\Eraser 6
[2012/01/25 11:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/01/25 00:26:34 | 000,000,000 | ---D | C] -- C:\Users\C\DoctorWeb
[2012/01/23 20:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/01/21 23:08:12 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2012/01/21 11:06:59 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\PCTools
[2012/01/21 03:20:27 | 000,574,424 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfSysMon.sys
[2012/01/21 03:20:27 | 000,035,264 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfNetMon.sys
[2012/01/21 03:20:25 | 000,054,328 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfFsMon.sys
[2012/01/20 00:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/01/20 00:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/01/19 21:14:01 | 000,253,352 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2012/01/19 21:14:01 | 000,107,864 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2012/01/19 21:13:26 | 000,017,848 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctBTFix.sys
[2012/01/19 21:13:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2012/01/19 21:13:20 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2012/01/19 21:13:13 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012/01/19 21:10:46 | 000,909,728 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2012/01/19 21:10:46 | 000,342,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2012/01/19 21:10:41 | 000,331,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2012/01/19 21:10:41 | 000,162,584 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2012/01/19 21:10:31 | 000,185,560 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012/01/19 21:10:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012/01/19 21:07:50 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/01/19 21:07:49 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\TestApp
[2012/01/19 19:40:16 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2012/01/18 23:35:32 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\KeePass
[2012/01/18 22:05:02 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\Process Hacker 2
[2012/01/18 21:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2012/01/18 21:58:29 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2
[2012/01/18 20:24:10 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2012/01/14 01:08:15 | 000,027,192 | ---- | C] (Resplendence Software Projects Sp.) -- C:\Windows\System32\drivers\rspSanity32.sys
[2012/01/14 01:08:14 | 000,000,000 | ---D | C] -- C:\Program Files\SanityCheck
[2012/01/13 02:43:30 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Local\SupportSoft
[2012/01/13 01:56:08 | 000,000,000 | ---D | C] -- C:\Microsoft
[2012/01/10 01:50:08 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\FreeFixer
[2012/01/10 01:50:08 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Local\FreeFixer
[2012/01/10 01:49:59 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
[2012/01/10 01:49:59 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer
[2012/01/10 01:28:57 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Roaming\f-secure
[2012/01/10 01:28:32 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure
========== Files - Modified Within 30 Days ==========
[2012/02/02 19:12:10 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3008658398-1242687141-1261451896-1001UA.job
[2012/02/02 19:12:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/02 15:31:49 | 000,003,568 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/02 15:31:49 | 000,003,568 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/01 20:56:00 | 000,000,840 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3008658398-1242687141-1261451896-1001Core.job
[2012/02/01 13:34:36 | 000,023,624 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2012/01/31 13:34:12 | 002,356,466 | ---- | M] () -- C:\Windows\System32\drivers\N360\0502000.00D\Cat.DB
[2012/01/31 13:34:04 | 000,002,287 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/01/31 11:31:26 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/01/31 11:25:48 | 000,000,512 | ---- | M] () -- C:\Users\C\Desktop\MBR.dat
[2012/01/30 15:07:25 | 000,002,037 | -H-- | M] () -- C:\IPH.PH
[2012/01/30 15:07:23 | 000,000,880 | ---- | M] () -- C:\Users\C\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.6.lnk
[2012/01/30 15:07:22 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\AOL Desktop 9.6.lnk
[2012/01/30 14:42:44 | 000,000,018 | ---- | M] () -- C:\Windows\msoffice.ini
[2012/01/30 11:55:58 | 000,058,696 | ---- | M] (AOL Inc.) -- C:\Windows\System32\AOLParconLink.exe
[2012/01/29 01:33:26 | 000,074,703 | ---- | M] () -- C:\Windows\System32\mfc45.dll
[2012/01/27 23:03:07 | 000,000,766 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/27 22:27:32 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\0502000.00D\isolate.ini
[2012/01/27 19:38:17 | 000,001,831 | ---- | M] () -- C:\Users\C\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2012/01/27 19:38:17 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2012/01/27 19:00:06 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2012/01/27 18:04:47 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/27 17:45:59 | 000,000,528 | R--- | M] () -- C:\MediaID.bin
[2012/01/27 12:33:21 | 000,001,051 | ---- | M] () -- C:\Users\C\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2012/01/27 12:33:21 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2012/01/27 11:25:32 | 000,299,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/27 10:56:47 | 000,000,452 | ---- | M] () -- C:\Users\C\Documents\cc_20120127_105640.reg
[2012/01/27 01:28:34 | 002,239,098 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012/01/26 13:57:55 | 000,002,024 | ---- | M] () -- C:\Users\C\Desktop\Google Chrome.lnk
[2012/01/26 13:57:55 | 000,001,986 | ---- | M] () -- C:\Users\C\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/25 20:51:17 | 000,000,512 | ---- | M] () -- C:\Users\C\Documents\MBR.dat
[2012/01/25 20:29:45 | 000,000,000 | ---- | M] () -- C:\Users\C\defogger_reenable
[2012/01/23 19:53:45 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/23 19:53:45 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/22 16:35:01 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/01/22 01:11:52 | 000,001,795 | ---- | M] () -- C:\Users\C\Desktop\Process Hacker 2.lnk
[2012/01/20 19:17:01 | 000,000,861 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/01/20 09:18:12 | 000,001,873 | ---- | M] () -- C:\Users\C\Desktop\System Mechanic.lnk
[2012/01/20 00:27:44 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\PC Tools Spyware Doctor with AntiVirus.lnk
[2012/01/19 21:07:51 | 000,001,632 | ---- | M] () -- C:\Users\C\Desktop\sdsetup.exe.lnk
[2012/01/19 19:40:18 | 000,000,916 | ---- | M] () -- C:\Users\C\Desktop\Norton Installation Files.lnk
[2012/01/18 23:32:50 | 000,002,686 | ---- | M] () -- C:\Users\C\Documents\NewDatabase.kdbx
[2012/01/14 01:21:47 | 000,005,039 | ---- | M] () -- C:\Users\C\AppData\Local\Temp17.html
[2012/01/14 01:20:19 | 000,001,293 | ---- | M] () -- C:\Users\C\AppData\Local\Temp1.html
[2012/01/13 02:43:31 | 000,000,177 | ---- | M] () -- C:\Users\C\Desktop\Comcast Security.url
[2012/01/13 02:43:31 | 000,000,171 | ---- | M] () -- C:\Users\C\Desktop\Comcast Email.url
[2012/01/13 02:43:31 | 000,000,074 | ---- | M] () -- C:\Users\C\Desktop\Ask Comcast.url
[2012/01/13 02:43:31 | 000,000,054 | ---- | M] () -- C:\Users\C\Desktop\Comcast Help.url
[2012/01/13 02:43:30 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Comcast Desktop Software.lnk
[2012/01/13 02:43:30 | 000,000,081 | ---- | M] () -- C:\Users\C\Desktop\Comcast Account Login.url
[2012/01/11 16:19:24 | 000,070,536 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2012/01/11 16:19:02 | 000,185,560 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012/01/11 16:17:50 | 000,017,848 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctBTFix.sys
[2012/01/11 16:14:36 | 000,107,864 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2012/01/11 16:14:30 | 000,253,352 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2012/01/11 14:56:12 | 000,574,424 | --S- | M] (PC Tools) -- C:\Windows\System32\drivers\TfSysMon.sys
[2012/01/11 14:56:12 | 000,054,328 | --S- | M] (PC Tools) -- C:\Windows\System32\drivers\TfFsMon.sys
[2012/01/11 14:56:12 | 000,035,264 | --S- | M] (PC Tools) -- C:\Windows\System32\drivers\TfNetMon.sys
[2012/01/06 11:51:24 | 000,029,696 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\iolobtdfg.exe
[2012/01/06 11:51:16 | 000,011,776 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\smrgdf.exe
[2012/01/06 11:29:06 | 002,083,464 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\Incinerator32.dll
========== Files Created - No Company Name ==========
[2012/01/31 13:34:04 | 000,002,287 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/01/31 11:25:48 | 000,000,512 | ---- | C] () -- C:\Users\C\Desktop\MBR.dat
[2012/01/30 15:07:23 | 000,000,880 | ---- | C] () -- C:\Users\C\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL Desktop 9.6.lnk
[2012/01/30 15:07:22 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\AOL Desktop 9.6.lnk
[2012/01/30 15:05:06 | 000,002,037 | -H-- | C] () -- C:\IPH.PH
[2012/01/29 01:33:26 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2012/01/29 00:21:48 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2012/01/29 00:21:48 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar3.dll
[2012/01/29 00:21:48 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2012/01/29 00:21:48 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2012/01/28 12:55:32 | 000,044,680 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys
[2012/01/27 23:03:07 | 000,000,766 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/27 19:38:17 | 000,001,831 | ---- | C] () -- C:\Users\C\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2012/01/27 19:38:17 | 000,001,819 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2012/01/27 19:38:17 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2012/01/27 19:00:06 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2012/01/27 19:00:06 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2012/01/27 18:04:47 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/27 17:45:59 | 000,000,528 | R--- | C] () -- C:\MediaID.bin
[2012/01/27 11:25:14 | 000,299,952 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/27 10:56:45 | 000,000,452 | ---- | C] () -- C:\Users\C\Documents\cc_20120127_105640.reg
[2012/01/27 00:27:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/27 00:27:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/27 00:27:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/27 00:27:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/27 00:27:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/25 20:29:45 | 000,000,000 | ---- | C] () -- C:\Users\C\defogger_reenable
[2012/01/20 19:17:01 | 000,000,861 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/01/20 19:17:01 | 000,000,824 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012/01/20 00:27:44 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools Spyware Doctor with AntiVirus.lnk
[2012/01/19 21:10:49 | 002,239,098 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2012/01/19 21:07:51 | 000,001,632 | ---- | C] () -- C:\Users\C\Desktop\sdsetup.exe.lnk
[2012/01/19 19:40:16 | 000,000,916 | ---- | C] () -- C:\Users\C\Desktop\Norton Installation Files.lnk
[2012/01/18 23:32:50 | 000,002,686 | ---- | C] () -- C:\Users\C\Documents\NewDatabase.kdbx
[2012/01/18 21:58:30 | 000,001,795 | ---- | C] () -- C:\Users\C\Desktop\Process Hacker 2.lnk
[2012/01/14 01:21:47 | 000,005,039 | ---- | C] () -- C:\Users\C\AppData\Local\Temp17.html
[2012/01/14 01:08:58 | 000,001,293 | ---- | C] () -- C:\Users\C\AppData\Local\Temp1.html
[2012/01/13 02:43:31 | 000,000,177 | ---- | C] () -- C:\Users\C\Desktop\Comcast Security.url
[2012/01/13 02:43:31 | 000,000,074 | ---- | C] () -- C:\Users\C\Desktop\Ask Comcast.url
[2012/01/13 02:43:31 | 000,000,054 | ---- | C] () -- C:\Users\C\Desktop\Comcast Help.url
[2012/01/13 02:43:30 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Comcast Desktop Software.lnk
[2012/01/13 02:43:30 | 000,000,171 | ---- | C] () -- C:\Users\C\Desktop\Comcast Email.url
[2012/01/13 02:43:30 | 000,000,081 | ---- | C] () -- C:\Users\C\Desktop\Comcast Account Login.url
[2012/01/07 12:36:35 | 000,000,512 | ---- | C] () -- C:\Users\C\Documents\MBR.dat
[2012/01/02 22:56:58 | 000,000,046 | ---- | C] () -- C:\Windows\wininit.ini
[2011/12/06 21:21:47 | 006,342,403 | ---- | C] () -- C:\Users\C\AppData\Roaming\SMRBackup210.dat
[2011/12/05 21:13:44 | 000,000,680 | ---- | C] () -- C:\Users\C\AppData\Local\d3d9caps.dat
[2011/11/22 11:28:19 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/03/02 22:13:01 | 000,000,140 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2010/01/02 22:53:53 | 000,000,018 | ---- | C] () -- C:\Windows\msoffice.ini
[2009/12/17 00:31:13 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2009/10/20 11:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009/08/09 23:05:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/09 23:05:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/02/14 04:01:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/22 07:00:18 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/12/16 18:27:09 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/03/19 04:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 04:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 04:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 04:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 04:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 04:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 04:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2006/11/10 06:26:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== LOP Check ==========
[2011/12/06 21:25:04 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\DataSafeOnline
[2012/01/10 01:28:57 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\f-secure
[2012/01/10 02:28:53 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\FreeFixer
[2011/12/24 04:13:20 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\iolo
[2012/01/18 23:35:32 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\KeePass
[2011/12/31 17:25:44 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\OpenCandy
[2012/01/21 11:06:59 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\PCTools
[2012/01/24 11:45:57 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\Process Hacker 2
[2011/12/07 01:29:18 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\QFX Software
[2012/01/19 21:07:49 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\TestApp
[2011/12/07 01:00:07 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\Tific
[2012/01/27 22:58:25 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\VS Revo Group
[2011/12/05 18:29:30 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\WinPatrol
[2010/05/24 08:32:06 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/01/23 20:07:41 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\DataSafeOnline
[2009/12/12 00:25:12 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\eMusic
[2009/12/22 13:21:49 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\Funambol
[2011/12/24 03:23:43 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\iolo
[2012/01/19 00:20:40 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\Process Hacker 2
[2012/01/25 11:38:19 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\Qualys
[2012/01/23 23:15:49 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\QuickScan
[2010/01/04 21:03:02 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\supportdotcom
[2011/02/26 16:36:53 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\SupportSoft
[2009/01/26 19:04:08 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\Template
[2010/01/13 01:07:41 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\Tific
[2010/08/22 16:08:00 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\TweakNow PowerPack 2010
[2011/11/19 15:06:16 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\TweakNow PowerPack 2011
[2010/08/07 11:18:18 | 000,000,000 | ---D | M] -- C:\Users\D\AppData\Roaming\TweakNow RegCleaner
[2012/02/01 23:09:26 | 000,032,618 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %Temp%\smtmp\1\*.* >
< %Temp%\smtmp\2\*.* >
< %Temp%\smtmp\3\*.* >
< %Temp%\smtmp\4\*.* >
< >
< C:\Users\*. >
[2009/01/19 18:14:47 | 000,000,000 | -HSD | M] -- C:\Users\All Users
[2012/01/26 00:12:53 | 000,000,000 | ---D | M] -- C:\Users\C
[2012/01/26 00:12:05 | 000,000,000 | ---D | M] -- C:\Users\D
[2011/11/29 17:19:18 | 000,000,000 | RH-D | M] -- C:\Users\Default
[2009/01/19 18:14:47 | 000,000,000 | -HSD | M] -- C:\Users\Default User
[2011/11/29 17:19:18 | 000,000,000 | R--D | M] -- C:\Users\Public
========== Alternate Data Streams ==========
@Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
< End of report >
Edited by MinuteMouse, 02 February 2012 - 08:41 PM.