Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Am I still infected? Computer that is.

Started by The Rabid One , Feb 10 2012 09:02 AM

  • This topic is locked This topic is locked

#1
The Rabid One
Posted 10 February 2012 - 09:02 AM

The Rabid One

    Member

  • Member
  • PipPip
  • 17 posts
On Feb 2 I had posted for some help to see if my system was infected or whether their was some damage done as a result of an infection. I posted the obligatory OTL log and a description of steps I had taken to resolve the initial issues. As of this posting I have not received a reply. Lots of people have looked at the post but no one replied. I made some changes to the system in attempt to provide up to date info for examination and tried to lessen anyone's time to see what was going on.

Original post for help

After the normal time frame with no answer, OK you guys get busy; I understand, I posted to the Waiting Room after the three day period, actually a bit longer. Still no reply that everyone was busy and it would take longer to get to my post because of higher priority issues. I understand the concept of priority; ex-emergency services, I've dealt with priority structure with triage. But not to even say, "Hang on, our hair is on fire!" is just plain inconsiderate. I at least was considerate to families even when their offspring had just offed some other gang banger. That is the MINIMAL consideration due to every Human Being.

Waiting Room Post


SO, my last posting is this OTL log I just ran to do my part to provide the necessary minimum requirements, and still I removed my name and replaced it with "USERNAME" as the other logs.

Heck, I'll make it easier for you guys. IF the system is clean and you can tell from the OTL that there is no damage just simply post "No infections or damage found" and lock the post per your procedures. Thanks in advance if you help.

----------------------------------------------

OTL logfile created on: 2/10/2012 8:00:13 AM - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\USERNAME\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 42.87% Memory free
3.84 Gb Paging File | 3.24 Gb Available in Paging File | 84.38% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 49.80 Gb Total Space | 8.64 Gb Free Space | 17.35% Space Free | Partition Type: NTFS

Computer Name: D9S1K0B2 | User Name: USERNAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\USERNAME\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - c:\Program Files\STOPzilla!\STOPzilla.exe (iS3, Inc.)
PRC - c:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe (iS3, Inc.)
PRC - C:\Program Files\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
PRC - C:\Program Files\NETGATE\Registry Cleaner\RegistryCleanerSrv.exe (NETGATE Technologies s.r.o.)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe ()
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe ()
PRC - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\Program Files\SingleClick Systems\HomeNet Manager\hnm_svc.exe (SingleClick Systems)
PRC - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
PRC - C:\Documents and Settings\USERNAME\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe (Hewlett-Packard Development Company, L.P.)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\b1eabc18afef201a6e87c58d943ea7ad\System.Transactions.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\865390db0278ac64f667038656d9c25f\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c578c4ffd883b1aee83c94b4520b1969\System.EnterpriseServices.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\7b8c110eb026c5e6bb8ad47a29b82100\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\53ee59e52e646271274d2494480d1797\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\67bce2b25897e074ba865016315fbc89\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\9158e23b927682c7d25f6be518955252\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\6836a951700c2eb01a933212425cda4e\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll ()
MOD - c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll ()
MOD - c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll ()
MOD - c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll ()
MOD - c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll ()
MOD - c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll ()
MOD - c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll ()
MOD - c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll ()
MOD - c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll ()
MOD - c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll ()
MOD - c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll ()
MOD - c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll ()
MOD - c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll ()
MOD - c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll ()
MOD - c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll ()
MOD - c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll ()
MOD - c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll ()
MOD - c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll ()
MOD - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe ()
MOD - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe ()
MOD - c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll ()
MOD - c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll ()
MOD - c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll ()
MOD - c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll ()
MOD - c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll ()
MOD - c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll ()
MOD - c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll ()
MOD - c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll ()
MOD - c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll ()
MOD - c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll ()
MOD - c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll ()
MOD - c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll ()
MOD - c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\WINDOWS\system32\ventmon.dll ()
MOD - C:\WINDOWS\system32\bcm1xsup.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_301215ba\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_35232345\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_4904afa9\system.xml.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_b3a714e9\system.windows.forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b73bfa67\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll ()
MOD - C:\WINDOWS\system32\dtmon.dll ()


========== Win32 Services (SafeList) ==========

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (szserver) -- c:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe (iS3, Inc.)
SRV - (NGRegClnSrv) -- C:\Program Files\NETGATE\Registry Cleaner\RegistryCleanerSrv.exe (NETGATE Technologies s.r.o.)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (WDFME) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe ()
SRV - (WDSC) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe ()
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (hnmsvc) -- C:\Program Files\SingleClick Systems\HomeNet Manager\hnm_svc.exe (SingleClick Systems)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (NICCONFIGSVC) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe (Dell Inc.)
SRV - (Imapi Helper) -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe (Alex Feinman)


========== Driver Services (SafeList) ==========

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (szkg5) -- C:\WINDOWS\system32\DRIVERS\szkg.sys (iS3 Inc.)
DRV - (is3srv) -- C:\WINDOWS\system32\drivers\is3srv.sys (iS3 Inc.)
DRV - (szkgfs) -- C:\WINDOWS\system32\drivers\szkgfs.sys (iS3, Inc.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nhcDriverDevice) -- C:\WINDOWS\system32\drivers\nhcDriver.sys (Notebook Hardware Control)
DRV - (SmartDefragDriver) -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys ()
DRV - (VirtualFD) -- C:\Virtual Floppy\WAJUNE15\vfd.sys (Ken Kato)
DRV - (INIDVD) -- C:\WINDOWS\system32\drivers\inidvd.sys (Initio Corporation)
DRV - (mcdbus) -- C:\WINDOWS\system32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (WDC_SAM) -- C:\WINDOWS\system32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corp.)
DRV - (BVRPMPR5) -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (NWADI) -- C:\WINDOWS\system32\drivers\NWADIenum.sys (Novatel Wireless Inc)
DRV - (NWUSBPort) -- C:\WINDOWS\system32\drivers\nwusbser.sys (Novatel Wireless Inc.)
DRV - (NWUSBModem) -- C:\WINDOWS\system32\drivers\nwusbmdm.sys (Novatel Wireless Inc.)
DRV - (dsunidrv) -- C:\WINDOWS\system32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Inc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.clusty.com/
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=BBLN&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Amazon.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bing.com"
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/?pc=MOZO"
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {9757e92f-94d4-4b02-ba2d-0454955c7e4b}:1.6.1
FF - prefs.js..extensions.enabledItems: {4776510a-a1f4-41f3-a3c8-35b474ecef23}:1.0.8
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.1
FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.4
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2b}:1.1.12
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.7.61a
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.9
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1
FF - prefs.js..extensions.enabledItems: {2dc42b10-7622-11de-8a39-0800200c9a66}:1.1.5
FF - prefs.js..extensions.enabledItems: [email protected]:0.6.20101009
FF - prefs.js..keyword.URL: "http://search.yahoo....type=937811&p="
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/02 08:48:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/15 17:08:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/10/25 06:56:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/01/15 17:08:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.1\Extensions\\Components: C:\Program Files\mozilla.org\SeaMonkey\Components [2011/09/22 06:35:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 1.1.1\Extensions\\Plugins: C:\Program Files\mozilla.org\SeaMonkey\Plugins [2012/01/15 17:08:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.1\Extensions\\Components: C:\Program Files\mozilla.org\SeaMonkey\Components [2011/09/22 06:35:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.1.1\Extensions\\Plugins: C:\Program Files\mozilla.org\SeaMonkey\Plugins [2012/01/15 17:08:55 | 000,000,000 | ---D | M]

[2011/01/15 10:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Extensions
[2011/01/15 10:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2008/09/08 13:52:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Extensions\{6334D996-EA3E-4a0e-AA8D-15BA56B37241}
[2012/02/03 15:16:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\extensions
[2011/08/27 13:44:15 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/01/23 07:30:38 | 000,000,000 | ---D | M] (HP Detect) -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2012/02/03 15:16:49 | 000,000,000 | ---D | M] (Open With Photoshop) -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}
[2006/06/11 14:46:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\extensions\{FB5A4470-185E-442a-AF55-7F4669A5FF9F}-trash
[2010/08/21 18:37:29 | 000,000,000 | ---D | M] (Open in IE) -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\extensions\[email protected]
[2011/01/05 08:18:19 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\searchplugins\bing-zugo.xml
[2010/11/11 18:06:35 | 000,000,570 | ---- | M] () -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\searchplugins\bing.xml
[2009/08/03 15:45:45 | 000,005,349 | ---- | M] () -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\searchplugins\clusty.xml
[2010/09/04 08:04:49 | 000,001,632 | ---- | M] () -- C:\Documents and Settings\USERNAME\Application Data\Mozilla\Firefox\Profiles\c7y2m18d.default\searchplugins\yauba.xml
[2011/12/19 13:23:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USERNAME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C7Y2M18D.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USERNAME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C7Y2M18D.DEFAULT\EXTENSIONS\{2A1D5949-B519-4924-BF62-8522FE0D5274}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USERNAME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C7Y2M18D.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USERNAME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C7Y2M18D.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\USERNAME\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\C7Y2M18D.DEFAULT\EXTENSIONS\[email protected]
[2012/02/02 08:48:01 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007/08/29 16:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/10/03 13:25:02 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/09 20:20:05 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/...q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/...uage={language}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\USERNAME\Local Settings\Application Data\Google\Chrome\Application\10.0.648.151\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.3.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.3.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.3.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.3.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.3.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.3.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.3.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\USERNAME\Local Settings\Application Data\Google\Chrome\Application\10.0.648.151\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\USERNAME\Local Settings\Application Data\Google\Chrome\Application\10.0.648.151\gears.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\USERNAME\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Documents and Settings\USERNAME\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
CHR - Extension: Poppit = C:\Documents and Settings\USERNAME\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2011/10/31 14:26:22 | 000,000,123 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t
O1 - Hosts: : : 1 l o c a l h o s t
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CommonToolkitTray] C:\Program Files\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\USERNAME\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\USERNAME\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: //@install.mar@ ([]msni in My Computer)
O15 - HKCU\..Trusted Domains: //@mail.mar@ ([]msni in Local intranet)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.micros...ntent/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (Reg Error: Value error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1148938412196 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.co...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7C831FD-CCB7-42D0-B979-8DA635B30FF7}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\wbsys.dll) -C:\WINDOWS\system32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\TPSvc: DllName - (TPSvc.dll) - File not found
O20 - Winlogon\Notify\WBSrv: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\All Users\Documents\Stardock\WindowBlinds\USERNAMEwall2.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\All Users\Documents\Stardock\WindowBlinds\USERNAMEwall2.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2006/06/15 12:18:20 | 000,000,008 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{29979f18-395f-11e0-9873-0016ce504313}\Shell\AutoRun\command - "" = J:\PMBP_Win.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/02/07 10:09:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\USERNAME\Recent
[2012/02/02 09:37:02 | 000,026,696 | R--- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2012/02/02 09:23:14 | 004,395,504 | ---- | C] (Swearware) -- C:\Documents and Settings\USERNAME\Desktop\Combo-Fix.exe
[2012/02/02 08:29:42 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\USERNAME\Desktop\OTL.exe
[2012/02/01 08:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
[2012/01/31 11:32:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/01/29 18:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Application Data\Avira
[2012/01/28 21:11:32 | 000,000,000 | ---D | C] -- C:\Router CFG BKUP
[2012/01/28 09:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinUtilities
[2012/01/28 09:22:00 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\WINDOWS\System32\wbocx.ocx
[2012/01/28 09:22:00 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\System32\wbhelp2.dll
[2012/01/28 09:22:00 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\WINDOWS\System32\anim.dll
[2012/01/28 09:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\WinUtilities
[2012/01/26 22:29:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\My Documents\Open Office Templates
[2012/01/26 13:30:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Desktop\PDF TEMPLATE
[2012/01/26 12:49:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Application Data\OpenOffice.org
[2012/01/25 08:22:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Application Data\TuneUp Software
[2012/01/25 08:21:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2012/01/25 08:21:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/01/24 22:28:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/01/24 18:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Application Data\NETGATE Registry Cleaner
[2012/01/24 18:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NETGATE Registry Cleaner
[2012/01/24 18:58:03 | 000,000,000 | ---D | C] -- C:\Program Files\NETGATE
[2012/01/24 17:35:17 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.1
[2012/01/24 17:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2012/01/24 17:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012/01/23 13:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2012/01/23 08:20:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Desktop\New Folder
[2012/01/22 19:41:15 | 000,000,000 | ---D | C] -- C:\e23c51f1e61af4e13aa07d
[2012/01/22 19:41:10 | 000,000,000 | ---D | C] -- C:\7f4b6b0247e825ce26888e949924c2ca
[2012/01/20 21:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Application Data\Promethean
[2012/01/20 21:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\My Documents\Activ Software
[2012/01/20 21:02:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Activ Software
[2012/01/20 21:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Activ Software
[2012/01/20 21:02:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Promethean
[2012/01/20 21:01:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Application Data\ACTIV Software
[2012/01/20 21:01:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Activ Software
[2012/01/20 21:01:42 | 000,000,000 | ---D | C] -- C:\Program Files\Activ Software
[2012/01/20 21:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Activ Software
[2012/01/20 06:52:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Desktop\Jr. Peacock-PHOTOS
[2012/01/16 14:38:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\My Documents\TubeTilla
[2012/01/15 17:50:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\Desktop\Photo Recovery Software
[2012/01/15 14:46:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\My Documents\Adobe Photoshop Tutorials
[2012/01/11 12:02:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\USERNAME\My Documents\My Albums
[2012/01/11 11:10:08 | 000,000,000 | ---D | C] -- C:\bin
[242 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[24 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[24 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2026/03/05 06:34:17 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System\MSVFWIN.DLL
[2012/02/10 02:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-D9S1K0B2-USERNAME.job
[2012/02/09 22:35:00 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-USERNAME-Notification.job
[2012/02/09 20:42:00 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Administrator-Notification.job
[2012/02/09 20:17:43 | 000,002,168 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2012/02/09 20:14:46 | 000,013,696 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/09 20:13:37 | 000,000,372 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Administrator-Startup.job
[2012/02/09 20:13:37 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\SLOW-PCfighter-USERNAME-Startup.job
[2012/02/09 20:13:37 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2012/02/09 20:13:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/08 18:11:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\expresszipShakeIcon.job
[2012/02/08 08:51:22 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/08 08:04:38 | 003,488,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/08 07:57:19 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\USERNAME\Desktop\Windows Explorer.lnk
[2012/02/08 07:57:19 | 000,000,669 | ---- | M] () -- C:\Documents and Settings\USERNAME\Desktop\Focus MP3 Recorder Pro.lnk
[2012/02/07 10:09:16 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2012/02/06 11:08:59 | 000,095,575 | ---- | M] () -- C:\Documents and Settings\USERNAME\My Documents\XPrepairinstall.pdf
[2012/02/03 21:10:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/03 12:06:00 | 000,027,246 | ---- | M] () -- C:\Documents and Settings\USERNAME\My Documents\Bio for Art Show.odt
[2012/02/02 09:34:02 | 017,390,080 | ---- | M] () -- C:\Documents and Settings\USERNAME\Desktop\PandaActiveScanCleaner.msi
[2012/02/02 09:25:06 | 000,160,350 | ---- | M] () -- C:\Documents and Settings\USERNAME\Desktop\JavaRa.zip
[2012/02/02 09:22:51 | 004,395,504 | ---- | M] (Swearware) -- C:\Documents and Settings\USERNAME\Desktop\Combo-Fix.exe
[2012/02/02 07:57:22 | 000,000,046 | ---- | M] () -- C:\WINDOWS\System32\_WKERNEL.FRE
[2012/02/01 09:36:56 | 000,000,286 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2012/02/01 09:22:34 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\USERNAME\Desktop\MBR.dat
[2012/02/01 09:14:27 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\USERNAME\Desktop\aswMBR.exe
[2012/01/31 13:02:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\USERNAME\Desktop\OTL.exe
[2012/01/30 14:24:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\expressburnDowngrade.job
[2012/01/30 11:48:08 | 000,031,968 | ---- | M] () -- C:\Documents and Settings\USERNAME\My Documents\Is it a waste of time to write congress.odt
[2012/01/28 20:36:00 | 000,910,745 | ---- | M] () -- C:\Documents and Settings\USERNAME\Desktop\MM061A17.exe
[2012/01/28 09:22:03 | 000,000,643 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinUtilities.lnk
[2012/01/26 16:36:40 | 000,000,151 | ---- | M] () -- C:\WINDOWS\Ulead32.ini
[2012/01/24 22:36:27 | 000,000,594 | ---- | M] () -- C:\Documents and Settings\USERNAME\My Documents\cc_20120124_223622.reg
[2012/01/24 18:58:05 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NETGATE Registry Cleaner.lnk
[2012/01/24 17:35:17 | 000,000,905 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.1.lnk
[2012/01/23 10:34:53 | 000,116,458 | ---- | M] () -- C:\WINDOWS\hpoins11.dat
[2012/01/23 10:20:00 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential.lnk
[2012/01/22 16:23:09 | 000,546,098 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/22 16:23:08 | 000,100,552 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/20 22:04:09 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\doxillionShakeIcon.job
[2012/01/20 21:42:10 | 000,033,645 | ---- | M] () -- C:\Documents and Settings\USERNAME\Desktop\Energy Study Guide2011.pdf
[2012/01/20 21:02:54 | 000,002,028 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ActivInspire.lnk
[2012/01/20 09:14:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\expressburnShakeIcon.job
[2012/01/20 09:07:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\mixpadShakeIcon.job
[2012/01/17 09:25:10 | 000,007,096 | ---- | M] () -- C:\Documents and Settings\USERNAME\My Documents\cc_20120117_092506.reg
[2012/01/15 18:45:44 | 000,015,716 | ---- | M] () -- C:\Documents and Settings\USERNAME\My Documents\cc_20120115_184540.reg
[2012/01/15 17:57:47 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
[2012/01/15 00:04:06 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/13 09:52:22 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\USERNAME\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/11 15:56:40 | 000,003,072 | ---- | M] () -- C:\Documents and Settings\USERNAME\My Documents\cc_20120111_155636.reg
[2012/01/11 11:29:43 | 000,000,291 | RHS- | M] () -- C:\boot.ini
[2012/01/11 11:10:12 | 000,001,894 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Document Viewer.lnk
[2012/01/11 11:08:55 | 000,000,898 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Premier.lnk
[2012/01/11 11:08:55 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
[2012/01/11 10:24:55 | 000,138,317 | ---- | M] () -- C:\Documents and Settings\USERNAME\Desktop\HP Solution for Plug and Play - XP.mht
[242 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2026/03/05 06:34:17 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System\MSVFWIN.DLL
[2012/02/09 20:16:50 | 000,002,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2012/02/06 11:08:59 | 000,095,575 | ---- | C] () -- C:\Documents and Settings\USERNAME\My Documents\XPrepairinstall.pdf
[2012/02/03 12:05:59 | 000,027,246 | ---- | C] () -- C:\Documents and Settings\USERNAME\My Documents\Bio for Art Show.odt
[2012/02/02 09:33:41 | 017,390,080 | ---- | C] () -- C:\Documents and Settings\USERNAME\Desktop\PandaActiveScanCleaner.msi
[2012/02/02 09:25:19 | 000,160,350 | ---- | C] () -- C:\Documents and Settings\USERNAME\Desktop\JavaRa.zip
[2012/02/01 09:22:34 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\USERNAME\Desktop\MBR.dat
[2012/01/30 11:48:07 | 000,031,968 | ---- | C] () -- C:\Documents and Settings\USERNAME\My Documents\Is it a waste of time to write congress.odt
[2012/01/28 20:36:07 | 000,910,745 | ---- | C] () -- C:\Documents and Settings\USERNAME\Desktop\MM061A17.exe
[2012/01/28 09:22:10 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\_WKERNEL.FRE
[2012/01/28 09:22:03 | 000,000,643 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinUtilities.lnk
[2012/01/28 09:21:59 | 000,000,439 | ---- | C] () -- C:\WINDOWS\System32\shfolder.inf
[2012/01/24 22:36:25 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\USERNAME\My Documents\cc_20120124_223622.reg
[2012/01/24 18:58:05 | 000,000,873 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\NETGATE Registry Cleaner.lnk
[2012/01/24 17:35:17 | 000,000,905 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.1.lnk
[2012/01/23 10:34:52 | 000,116,458 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2012/01/23 10:20:00 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential.lnk
[2012/01/20 22:04:09 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\doxillionShakeIcon.job
[2012/01/20 21:42:10 | 000,033,645 | ---- | C] () -- C:\Documents and Settings\USERNAME\Desktop\Energy Study Guide2011.pdf
[2012/01/20 21:02:54 | 000,002,028 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ActivInspire.lnk
[2012/01/17 09:25:08 | 000,007,096 | ---- | C] () -- C:\Documents and Settings\USERNAME\My Documents\cc_20120117_092506.reg
[2012/01/17 08:42:39 | 000,000,372 | ---- | C] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Administrator-Startup.job
[2012/01/17 08:42:29 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\SLOW-PCfighter-Administrator-Notification.job
[2012/01/15 18:45:42 | 000,015,716 | ---- | C] () -- C:\Documents and Settings\USERNAME\My Documents\cc_20120115_184540.reg
[2012/01/13 09:52:22 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\USERNAME\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/11 15:56:38 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\USERNAME\My Documents\cc_20120111_155636.reg
[2012/01/11 11:10:12 | 000,001,894 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Document Viewer.lnk
[2012/01/11 11:08:55 | 000,000,898 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Premier.lnk
[2012/01/11 11:08:55 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
[2012/01/11 10:59:01 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2012/01/11 10:24:54 | 000,138,317 | ---- | C] () -- C:\Documents and Settings\USERNAME\Desktop\HP Solution for Plug and Play - XP.mht
[2012/01/09 11:48:29 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2011/11/30 18:00:32 | 000,256,066 | ---- | C] () -- C:\Documents and Settings\USERNAME\Local Settings\Application Data\census.cache
[2011/11/30 18:00:18 | 000,256,571 | ---- | C] () -- C:\Documents and Settings\USERNAME\Local Settings\Application Data\ars.cache
[2011/11/20 18:03:15 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\Gif89.dll
[2011/11/09 19:25:22 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011/10/31 09:47:36 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\USERNAME\Local Settings\Application Data\housecall.guid.cache
[2011/10/31 08:48:06 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\USERNAME\Application Data\Launch Internet Explorer Browser.lnk
[2011/05/23 18:03:47 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011/05/17 14:26:54 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/05/17 14:26:54 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/04/01 11:38:06 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\USERNAME\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2011/02/02 18:59:04 | 000,034,640 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/10/21 08:32:33 | 000,000,099 | ---- | C] () -- C:\WINDOWS\SAWReg.ini
[2010/10/16 13:16:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010/09/21 12:59:19 | 000,000,145 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/08/22 16:43:42 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\USERNAME\Local Settings\Application Data\prvlcl.dat
[2010/08/20 14:19:22 | 000,000,365 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2010/08/14 21:35:31 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\Application Support
[2010/08/14 21:35:31 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\USERNAME\Application Data\Analog Sync
[2010/08/14 21:35:31 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLck.DAT
[2010/08/14 21:35:31 | 000,000,012 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\Filesystems
[2010/08/14 21:35:23 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\Applications
[2010/08/14 21:35:23 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\USERNAME\Application Data\Animals
[2010/08/14 21:35:23 | 000,000,012 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\Filters
[2010/08/14 20:07:38 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
[2010/08/14 19:04:26 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\Specifications
[2010/08/14 19:04:26 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\USERNAME\Application Data\Sounds
[2010/08/14 19:04:26 | 000,000,020 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2010/08/14 18:54:09 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\Space Choir
[2010/08/14 18:54:09 | 000,000,268 | R--- | C] () -- C:\Documents and Settings\USERNAME\Application Data\Solid Colors
[2010/08/14 18:54:09 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2010/03/12 15:04:39 | 000,094,215 | ---- | C] () -- C:\WINDOWS\hpqins09.dat
[2010/03/12 14:47:25 | 000,070,835 | ---- | C] () -- C:\WINDOWS\hpqins04.dat
[2009/11/19 19:49:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2009/11/19 12:35:34 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\Tr_sttool.dat
[2009/11/14 10:04:48 | 001,421,763 | ---- | C] () -- C:\WINDOWS\System32\Snow Chill.exe
[2009/10/19 20:03:56 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2009/10/19 20:03:56 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009/10/14 12:17:17 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\ventmon.dll
[2009/09/14 16:31:48 | 000,000,090 | ---- | C] () -- C:\WINDOWS\System32\faxman32.INI
[2009/09/14 16:25:47 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\dtmon.dll
[2009/09/14 16:25:45 | 000,002,219 | ---- | C] () -- C:\WINDOWS\OEDEVKIT.INI
[2009/09/14 16:25:45 | 000,000,761 | ---- | C] () -- C:\WINDOWS\BTI.INI
[2009/09/14 16:25:44 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\MACHNM1.EXE
[2009/09/14 16:25:33 | 000,000,030 | ---- | C] () -- C:\WINDOWS\MAINPATH.INI
[2009/09/14 16:25:22 | 000,000,065 | ---- | C] () -- C:\WINDOWS\WININI.INI
[2009/08/20 11:47:43 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\Stac97co.dll
[2009/08/14 09:57:44 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ClassXps.dll
[2009/07/26 14:47:56 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\RPVersion.ini
[2009/07/22 17:51:04 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ncvDS61.dll
[2009/07/22 17:51:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\ncCompress.dll
[2009/07/22 17:51:04 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ncUtil62.dll
[2009/07/22 17:51:03 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nczlib.dll
[2009/07/22 17:51:03 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib32.dll
[2009/06/19 17:41:15 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2009/04/13 16:36:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ntuximeqaguvimu.bin
[2009/04/13 16:36:09 | 000,000,408 | ---- | C] () -- C:\WINDOWS\Sjomiqefamete.dat
[2009/04/10 07:30:11 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2009/04/10 07:05:22 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2009/04/10 06:59:37 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2009/03/26 12:41:33 | 002,682,880 | ---- | C] () -- C:\WINDOWS\System32\vcredist_x86.exe
[2009/03/26 12:26:59 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll
[2009/03/26 07:09:33 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/02/25 15:16:50 | 000,000,112 | ---- | C] () -- C:\WINDOWS\Sansa Media Converter.INI
[2009/02/25 14:27:39 | 000,230,096 | ---- | C] () -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/01/19 12:16:59 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/01/19 11:16:46 | 000,002,272 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/01/09 10:09:28 | 000,000,563 | ---- | C] () -- C:\WINDOWS\PPViewer.INI
[2008/12/03 21:31:32 | 000,000,183 | ---- | C] () -- C:\WINDOWS\PlayListEditor.ini
[2008/09/30 09:17:31 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/05/06 11:04:13 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/04/24 19:27:41 | 000,118,784 | ---- | C] () -- C:\WINDOWS\SeaMonkeyUninstall.exe
[2007/04/24 19:27:24 | 000,118,784 | ---- | C] () -- C:\WINDOWS\GREUninstall.exe
[2007/03/28 12:49:00 | 000,001,226 | ---- | C] () -- C:\WINDOWS\flax.ini
[2007/03/28 09:17:39 | 000,000,463 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/03/20 15:08:10 | 000,000,082 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2007/03/13 14:07:52 | 000,000,013 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ÝÃÄ›Ò3113›.sys
[2007/03/12 18:23:15 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2007/03/12 18:23:12 | 000,536,576 | ---- | C] () -- C:\WINDOWS\System32\ciaSecurity.DLL
[2007/03/12 18:06:47 | 000,000,013 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ÝÙÃÄ3113›.sys
[2007/03/08 12:35:48 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2007/03/08 12:34:47 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/01/14 22:04:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iplayer.INI
[2007/01/02 23:36:43 | 000,000,072 | ---- | C] () -- C:\WINDOWS\pex.INI
[2007/01/02 23:30:14 | 000,000,151 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2006/12/28 17:03:55 | 000,000,830 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/08/29 14:54:02 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2006/06/21 19:37:12 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2006/06/15 12:18:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006/06/12 16:33:33 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\PopWait.exe
[2006/06/04 19:23:31 | 000,000,404 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2006/06/02 15:05:39 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/06/01 11:22:20 | 000,133,120 | ---- | C] () -- C:\Documents and Settings\USERNAME\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/05/31 10:37:43 | 000,099,965 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2006/05/31 10:37:24 | 000,015,193 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/05/29 19:18:27 | 000,000,088 | R-S- | C] () -- C:\WINDOWS\System32\EB1816CB85.sys
[2006/05/29 16:29:45 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\RasWait.exe
[2006/05/27 19:09:32 | 000,000,632 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2006/05/27 18:48:18 | 000,000,104 | R-S- | C] () -- C:\WINDOWS\System32\85CB1618EB.sys
[2006/05/27 18:48:08 | 000,007,206 | --S- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/05/27 18:41:41 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\USERNAME\Local Settings\Application Data\fusioncache.dat
[2006/05/20 17:16:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/05/20 17:08:38 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/05/20 17:02:30 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/05/20 16:58:25 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/05/20 16:33:44 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/05/20 16:33:36 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/05/20 16:33:28 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/05/20 16:33:28 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2006/05/20 16:33:23 | 000,753,664 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/05/20 16:32:16 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 04:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/08/16 04:38:45 | 000,034,332 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/08/16 04:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/16 04:27:59 | 003,488,232 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/08/16 04:18:33 | 000,546,098 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/08/16 04:18:33 | 000,100,552 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/08/16 04:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/05/19 19:05:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/04/13 13:41:02 | 000,749,568 | ---- | C] () -- C:\WINDOWS\System32\SWFGen.dll
[2005/03/22 17:38:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 17:38:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 06:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_005462_.tmp.dll
[2004/08/10 06:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_005171_.tmp.dll
[2004/08/10 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 06:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_005430_.tmp.dll
[2004/08/10 06:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_005139_.tmp.dll
[2004/08/10 06:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/09 23:11:42 | 000,185,856 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/03/24 06:03:00 | 000,279,552 | ---- | C] () -- C:\WINDOWS\System32\FGWVB32.DLL
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/06 14:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

========== LOP Check ==========

[2012/01/22 11:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Activ Software
[2009/07/22 18:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anonymizer
[2011/10/27 14:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/11/19 13:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2009/11/20 14:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/10/24 09:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CAM Development
[2011/11/17 10:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2005/08/16 20:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/09/21 10:26:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Boost
[2010/11/07 10:20:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2010/08/14 21:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp
[2011/12/08 08:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2009/07/03 13:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2009/09/17 16:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2010/01/31 18:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2011/11/19 13:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/06/25 19:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/08/14 19:00:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon
[2012/01/17 07:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2011/11/04 13:12:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PhotoME
[2012/01/20 21:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Promethean
[2011/01/27 10:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011/03/09 14:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2009/05/14 18:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\scar5
[2009/07/22 17:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
[2010/08/14 18:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solid Colors
[2010/08/14 19:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\StatusSheet
[2012/02/10 07:58:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2012/01/02 15:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/04/01 13:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent
[2012/01/25 08:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2007/01/02 23:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/08/14 21:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15
[2009/10/14 12:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Venta
[2006/05/20 17:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/09/21 12:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2011/12/08 11:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
[2012/01/25 08:21:31 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/01/23 13:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2011/04/01 13:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7D4B3D1D-104E-4507-9123-568BC721B7E2}
[2011/03/28 15:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8A4124D0-6AF6-4584-A7BF-4CDFECF4B129}
[2011/05/08 15:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\99119
[2011/01/16 20:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\ACD Systems
[2012/01/20 21:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\ACTIV Software
[2009/07/22 18:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Anonymizer
[2011/05/03 14:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Anthropics
[2010/10/21 08:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\apm
[2009/11/19 11:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Apowersoft
[2011/11/02 09:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\AVG
[2010/10/26 06:29:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\AVG10
[2011/10/28 05:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\AVG2012
[2010/10/26 06:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\AVG9
[2011/12/19 13:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Axialis
[2009/08/01 12:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\BitTorrent
[2011/01/28 14:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/02/21 09:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\COWON
[2012/01/09 17:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\DriverCure
[2011/04/19 13:16:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\DVDVideoSoftIEHelpers
[2007/03/30 15:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Eltima Software
[2011/12/08 08:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Fighters
[2011/11/22 21:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\FixCleaner
[2011/04/27 09:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Focus Mp3 Recorder
[2009/07/03 13:18:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\GARMIN
[2011/06/11 10:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\GetRightToGo
[2008/09/30 14:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\GlarySoft
[2008/12/25 22:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Hulabee
[2012/01/10 19:10:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Image Zone Express
[2011/10/28 14:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\ImgBurn
[2011/11/21 11:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\InfraRecorder
[2007/12/26 21:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\InterTrust
[2011/05/17 14:26:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\IObit
[2012/01/02 16:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Kernel for Windows Data Recovery
[2006/05/27 19:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Leadertech
[2006/06/10 22:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\MSNInstaller
[2011/06/25 19:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\NCH Swift Sound
[2012/01/24 18:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\NETGATE Registry Cleaner
[2010/10/16 13:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Nikon
[2011/06/11 11:24:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Notebook Hardware Control
[2012/01/26 12:49:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\OpenOffice.org
[2011/11/20 10:14:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\PandoraRecovery
[2012/01/09 17:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\ParetoLogic
[2008/09/08 13:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Participatory Culture Foundation
[2011/01/16 20:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\PhotoScape
[2012/02/06 10:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\PriceGong
[2012/01/20 21:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Promethean
[2012/01/02 15:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\RecoveryFix for Windows
[2008/12/02 13:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\SanDisk
[2006/06/12 16:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\ScamGuard
[2009/05/08 14:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\scar5
[2008/06/09 22:22:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Smith Micro
[2011/01/28 15:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2009/08/28 11:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Systweak
[2011/01/15 10:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Thunderbird
[2012/01/25 08:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\TuneUp Software
[2007/01/02 23:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Ulead Systems
[2012/01/08 18:23:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Uniblue
[2011/11/09 19:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\WeatherBug
[2010/11/21 17:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\Wireshark
[2010/08/14 21:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\USERNAME\Application Data\XnView
[2012/01/20 22:04:09 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\doxillionShakeIcon.job
[2012/01/30 14:24:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnDowngrade.job
[2012/01/20 09:14:00 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\expressburnShakeIcon.job
[2012/02/08 18:11:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\expresszipShakeIcon.job
[2012/01/20 09:07:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\Tasks\mixpadShakeIcon.job
[2012/01/02 10:37:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionDowngrade.job
[2011/12/25 10:37:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionShakeIcon.job
[2011/11/09 16:16:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\prismShakeIcon.job
[2012/02/09 16:22:44 | 000,032,184 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2012/02/09 20:42:00 | 000,000,400 | ---- | M] () -- C:\WINDOWS\Tasks\SLOW-PCfighter-Administrator-Notification.job
[2012/02/09 20:13:37 | 000,000,372 | ---- | M] () -- C:\WINDOWS\Tasks\SLOW-PCfighter-Administrator-Startup.job
[2012/02/09 22:35:00 | 000,000,386 | ---- | M] () -- C:\WINDOWS\Tasks\SLOW-PCfighter-USERNAME-Notification.job
[2012/02/09 20:13:37 | 000,000,358 | ---- | M] () -- C:\WINDOWS\Tasks\SLOW-PCfighter-USERNAME-Startup.job
[2012/02/09 20:13:37 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job
[2011/11/09 16:16:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7631EA83
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BB5B0476
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:ECF54A0E
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1

< End of report >
  • 0

Advertisements

#2
Dakeyras
Posted 13 February 2012 - 06:46 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Please do not post mutiple topics requesting assistance...

Your original topic here and waiting room topic posted, will be dealt with in due course when a volunteer helper is available, thank you.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP