Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC Running Slow | Thinking I might Have Malware

Started by Scott Derrick , Feb 16 2012 04:24 PM

  • Please log in to reply

#1
Scott Derrick
Posted 16 February 2012 - 04:24 PM

Scott Derrick

    New Member

  • Member
  • Pip
  • 1 posts
Hi Folks,

I have a problem with my computer running slow. I have had some other things that have happened with my Gmail account recently saying that it might have been compromised. I am wondering if I might have some sort of malware on my computer or some other issues. I'm really sorry to be so vague but I'm just not sure what is happening.

What I am hoping is that someone will take a quick look at my OTL File and see if anything look unusual.

I truly appreciate any help that someone might give. Thanks so very much.


>>>>>>>>>>>>>>>>> OTL FILE BELOW >>>>>>>>>>>>>>>>>>>>>>>>>


OTL logfile created on: 2/16/2012 5:08:18 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Scott\Desktop\Virus Software
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
3.85 Gb Paging File | 2.88 Gb Available in Paging File | 74.97% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 34.51 Gb Free Space | 23.15% Space Free | Partition Type: NTFS

Computer Name: SCOTT-F04908DE0 | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/15 00:03:37 | 001,049,072 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/01/22 15:58:50 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/01/14 17:18:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott\Desktop\Virus Software\OTL.exe
PRC - [2011/11/14 13:38:12 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2011/09/22 11:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011/09/22 11:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2011/09/06 20:20:40 | 001,155,432 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2011/09/06 19:12:06 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/08/12 11:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/08/12 11:18:30 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/08/03 06:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/06/08 19:19:24 | 001,583,960 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/03/03 19:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2011/03/03 19:52:00 | 000,948,880 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2010/05/05 18:56:42 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\Ctxfihlp.exe
PRC - [2010/05/05 18:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTxfispi.exe
PRC - [2010/03/04 21:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009/10/22 15:31:43 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/02/23 10:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2006/12/12 09:46:52 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exe
PRC - [2006/10/22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2004/05/26 10:57:36 | 000,135,168 | ---- | M] (Vonage Holdings) -- C:\Program Files\Vonage\Vonage Click-2-Call\click2call.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/16 03:14:01 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll
MOD - [2012/02/16 03:09:36 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
MOD - [2012/02/15 00:03:36 | 000,429,040 | ---- | M] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\ppgooglenaclpluginchrome.dll
MOD - [2012/02/15 00:03:34 | 003,772,912 | ---- | M] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\pdf.dll
MOD - [2012/02/15 00:02:10 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\avutil-51.dll
MOD - [2012/02/15 00:02:08 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\avformat-53.dll
MOD - [2012/02/15 00:02:07 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
MOD - [2012/01/08 13:29:27 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/10/13 02:06:13 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/22 14:47:44 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/08/12 11:18:30 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/06/16 17:54:28 | 000,047,960 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2011/03/01 22:15:28 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/03/01 22:15:28 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/03/01 22:15:04 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/03/01 22:14:42 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/03/01 22:14:30 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/05/05 18:56:46 | 000,002,560 | ---- | M] () -- C:\WINDOWS\CTXFIRES.DLL
MOD - [2010/03/04 21:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Updater Service for StartNow Toolbar)
SRV - [2011/11/14 13:38:12 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/09/22 11:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011/09/06 19:12:06 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/08/12 11:23:31 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/08/03 06:49:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/03 19:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)
SRV - [2010/03/04 21:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/02/23 10:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)


========== Driver Services (SafeList) ==========

DRV - [2011/08/19 04:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C510(UVC)
DRV - [2011/08/19 04:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/08/19 04:26:34 | 000,022,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2011/08/09 13:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011/08/04 08:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2011/08/04 08:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011/05/10 04:41:30 | 000,119,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2011/05/03 15:33:46 | 006,404,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011/02/23 16:04:32 | 000,013,496 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2011/01/27 13:43:20 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\NTIOLib.sys -- (NTIOLib_1_0_8)
DRV - [2010/05/10 09:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\MSIWDev\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2010/05/05 20:29:18 | 001,178,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/05/05 20:29:10 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/05/05 20:29:02 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/05/05 20:28:54 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/05/05 20:24:44 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/05/05 20:24:34 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/05/05 20:24:24 | 000,526,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2010/05/05 20:24:14 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/05/05 20:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV - [2010/05/05 20:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/05/05 20:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV - [2010/05/05 20:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/05/05 20:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV - [2010/05/05 20:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2010/04/28 06:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/11/18 06:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 06:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/11/12 12:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/28 03:55:00 | 000,143,360 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/02/13 14:34:20 | 000,019,072 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ax88772.sys -- (AX88772)
DRV - [2008/08/01 17:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/08/01 17:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007/04/16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2005/03/09 14:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...l_date=20111215
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Scott\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Scott\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/04 16:48:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/02/04 16:48:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/10/05 15:15:46 | 000,000,000 | ---D | M]

[2012/01/05 13:17:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Extensions
[2012/01/05 13:20:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\dnfm1hot.default\extensions
[2012/01/06 18:01:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/06 18:01:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
() (No name found) -- C:\DOCUMENTS AND SETTINGS\SCOTT\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\DNFM1HOT.DEFAULT\EXTENSIONS\[email protected]
[2011/12/21 02:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/28 21:56:29 | 000,584,040 | ---- | M] (BroadSoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPCltInst11.dll
[2011/12/20 23:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/20 23:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Scott\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: iLinc Communications Netscape/Mozilla Install Plugin v 11.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCltInst11.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Scott\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SEOquake = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc\0.9.15_0\
CHR - Extension: Angry Birds = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Canvas Rider = C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.7_0\

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - Reg Error: Value error. File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Vonage] C:\Program Files\Vonage\Vonage Click-2-Call\click2call.exe (Vonage Holdings)
O4 - HKCU..\Run: [0C4CE765DFA7A6F49B6B9EDEA51F9EFCC26324AF._service_run] C:\Documents and Settings\Scott\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [DriverUpdate] C:\Program Files\DriverUpdate\DriverUpdate.exe (SlimWare Utilities, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Scott\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MusicManager] C:\Documents and Settings\Scott\Local Settings\Application Data\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10v_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: com ([www.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([asia.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: com.tw ([global.msi] http in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.ms...CAB/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {9437EF71-9276-432D-AA74-CF8DA12EF11B} https://na5.salesfor...AXMailMerge.cab (CMMHost Object)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15118/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9CCBEC7-A90D-4EDF-BFAA-6FB51D679B35}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/11 09:31:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/16 14:35:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/02/11 20:47:32 | 001,393,736 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\Scott\gotomypc_635.exe
[2012/02/06 19:52:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Application Data\Ventrilo
[2012/02/06 19:51:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ventrilo
[2012/02/06 19:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2012/02/06 19:51:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012/02/04 16:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\forms
[2012/02/04 11:24:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\bees
[2012/02/04 10:33:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\bee_removal_photos
[2012/02/02 15:47:39 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2012/02/02 15:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2012/02/02 15:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/02 15:31:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/29 18:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\SpyNet Field Office
[2012/01/25 17:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\NewSite
[2012/01/22 15:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2012/01/22 15:58:51 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2012/01/22 15:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2012/01/22 15:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2012/01/22 15:58:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2012/01/22 15:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Application Data\Real
[2012/01/21 13:49:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\My Documents\Version Cue
[2012/01/21 13:49:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\My Documents\AdobeStockPhotos
[2012/01/18 12:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Scott\Desktop\Social Media Icons
[2006/12/12 09:47:24 | 000,060,928 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2006/12/12 09:34:02 | 000,012,800 | ---- | C] ( ) -- C:\WINDOWS\System32\killapps.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/16 17:16:06 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/16 17:16:05 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/16 17:15:32 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/16 16:31:14 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
[2012/02/16 16:28:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
[2012/02/16 16:21:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
[2012/02/16 15:09:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/16 14:02:20 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2012/02/16 14:01:25 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-813497703-682003330-1004.job
[2012/02/16 14:01:19 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/16 14:01:17 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2012/02/16 03:25:53 | 001,598,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/16 03:25:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/16 03:24:48 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/02/16 03:24:48 | 000,054,472 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/02/16 03:24:48 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/02/16 03:08:53 | 000,457,388 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/16 03:08:53 | 000,076,184 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/16 03:02:31 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/15 21:22:43 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Google Chrome.lnk
[2012/02/15 21:22:43 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/02/15 17:21:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
[2012/02/14 17:45:51 | 005,530,670 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\All Creatures.mp3
[2012/02/14 17:42:34 | 025,608,192 | R--- | M] () -- C:\Documents and Settings\Scott\Desktop\The Ingredient Source LLC.QBW
[2012/02/14 17:42:34 | 000,851,968 | R--- | M] () -- C:\Documents and Settings\Scott\Desktop\The Ingredient Source LLC.QBW.TLG
[2012/02/14 17:42:34 | 000,000,371 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\The Ingredient Source LLC.QBW.ND
[2012/02/13 22:24:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-813497703-682003330-1004.job
[2012/02/13 10:39:06 | 000,043,014 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\5'AMP COA.pdf
[2012/02/10 15:27:59 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/02/07 10:56:26 | 000,021,065 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\sitemap.xml
[2012/02/07 10:53:11 | 000,032,999 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\sitemap.html
[2012/02/06 19:51:57 | 000,000,262 | ---- | M] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012/02/06 19:51:56 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2012/02/06 11:29:25 | 000,017,680 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\angies_list_logo.gif
[2012/02/06 11:10:43 | 000,673,589 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\ALBCRptForm.pdf
[2012/02/06 11:03:13 | 000,620,533 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\ALBCRptForm.pdf
[2012/02/04 17:14:51 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/04 16:49:22 | 000,182,906 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\BeeRemovalWorksheet_pub_0001.pdf
[2012/02/04 16:46:54 | 000,182,892 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Test Bee Removal Form From Site.pdf
[2012/02/03 08:59:53 | 000,014,474 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Gamecocks.gif
[2012/02/02 15:47:48 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2012/02/02 15:32:49 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/01/30 21:31:42 | 019,460,096 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\The Ingredient Source LLC (Backup Jan 30,2012 09 31 PM).QBB
[2012/01/26 14:06:15 | 000,042,372 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Sam Derrick's Homework.pdf
[2012/01/25 12:44:16 | 000,765,396 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\W9 ELS.pdf
[2012/01/25 12:41:38 | 000,048,086 | ---- | M] () -- C:\Documents and Settings\Scott\My Documents\W9 For ELS.pdf
[2012/01/23 22:23:50 | 000,175,789 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Memo.m4a
[2012/01/23 19:35:48 | 000,000,053 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\google01c535787f0415d9.html
[2012/01/23 18:29:04 | 019,410,944 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\The Ingredient Source LLC (Backup Jan 23,2012 06 28 PM).QBB
[2012/01/23 18:25:04 | 019,406,848 | ---- | M] () -- C:\Documents and Settings\All Users\Documents\The Ingredient Source LLC (Backup Jan 23,2012 06 24 PM).QBB
[2012/01/22 15:59:25 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2012/01/22 15:58:51 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll
[2012/01/22 15:52:40 | 001,795,391 | ---- | M] () -- C:\Documents and Settings\Scott\Desktop\Am I A Princess_.m4a
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/15 03:01:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/15 03:01:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/14 17:45:45 | 005,530,670 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\All Creatures.mp3
[2012/02/13 10:39:06 | 000,043,014 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\5'AMP COA.pdf
[2012/02/07 10:56:30 | 000,021,065 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\sitemap.xml
[2012/02/07 10:53:18 | 000,032,999 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\sitemap.html
[2012/02/06 19:51:56 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ventrilo.lnk
[2012/02/06 19:51:47 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012/02/06 11:15:41 | 000,017,680 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\angies_list_logo.gif
[2012/02/06 11:08:19 | 000,673,589 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\ALBCRptForm.pdf
[2012/02/06 11:03:13 | 000,620,533 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\ALBCRptForm.pdf
[2012/02/04 16:49:22 | 000,182,906 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\BeeRemovalWorksheet_pub_0001.pdf
[2012/02/04 16:46:54 | 000,182,892 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Test Bee Removal Form From Site.pdf
[2012/02/03 09:00:11 | 000,014,474 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Gamecocks.gif
[2012/02/02 15:47:48 | 000,002,205 | ---- | C] () -- C:\Documents and Settings\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/02/02 15:47:48 | 000,002,193 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Safari.lnk
[2012/02/02 15:47:48 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2012/02/02 15:32:49 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/01/30 21:31:31 | 019,460,096 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\The Ingredient Source LLC (Backup Jan 30,2012 09 31 PM).QBB
[2012/01/26 14:06:15 | 000,042,372 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Sam Derrick's Homework.pdf
[2012/01/25 12:44:16 | 000,765,396 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\W9 ELS.pdf
[2012/01/25 12:37:00 | 000,048,086 | ---- | C] () -- C:\Documents and Settings\Scott\My Documents\W9 For ELS.pdf
[2012/01/23 22:23:50 | 000,175,789 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Memo.m4a
[2012/01/23 19:35:49 | 000,000,053 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\google01c535787f0415d9.html
[2012/01/23 18:28:52 | 019,410,944 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\The Ingredient Source LLC (Backup Jan 23,2012 06 28 PM).QBB
[2012/01/23 18:24:50 | 019,406,848 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\The Ingredient Source LLC (Backup Jan 23,2012 06 24 PM).QBB
[2012/01/22 16:01:42 | 000,000,278 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-813497703-682003330-1004.job
[2012/01/22 16:01:41 | 000,000,286 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-813497703-682003330-1004.job
[2012/01/22 15:59:25 | 000,000,929 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2012/01/22 15:52:38 | 001,795,391 | ---- | C] () -- C:\Documents and Settings\Scott\Desktop\Am I A Princess_.m4a
[2012/01/16 00:06:51 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/01/14 17:59:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/31 10:39:30 | 000,256,408 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/12/16 17:47:23 | 000,000,141 | ---- | C] () -- C:\WINDOWS\RealFlight.INI
[2011/12/12 07:19:15 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/19 12:55:24 | 000,214,016 | ---- | C] () -- C:\Documents and Settings\Scott\Application Data\SharedSettings.ccs
[2011/11/14 13:51:51 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2011/09/30 15:36:55 | 000,020,886 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll
[2011/08/31 23:12:37 | 000,066,408 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/08/28 15:00:51 | 000,000,025 | ---- | C] () -- C:\Documents and Settings\Scott\Application Data\6ad5bb60c75b4ccde42fd0a36026cffc_c68827fd-c27b-4547-9594-982fb91d1c77.gpg
[2011/08/15 13:04:27 | 000,000,090 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/08/13 18:20:04 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011/08/12 14:52:18 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/08/12 14:52:17 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/08/12 14:52:11 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/12 14:52:11 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/08/12 14:52:08 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/08/12 10:37:45 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011/08/11 12:48:29 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/08/11 12:44:42 | 000,029,520 | ---- | C] () -- C:\WINDOWS\System32\SmartDefragBootTime.exe
[2011/08/11 12:44:42 | 000,013,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SmartDefragDriver.sys
[2011/08/11 10:28:33 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/08/11 09:53:58 | 000,261,632 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2011/08/11 09:53:35 | 000,281,152 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/08/11 09:53:35 | 000,281,152 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/08/11 09:53:35 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/08/11 09:53:22 | 002,128,778 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011/08/11 09:33:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/08/11 09:29:37 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/08/11 05:19:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/08/11 05:18:02 | 001,598,912 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/25 23:05:00 | 010,898,456 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2011/05/25 23:05:00 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2011/05/25 23:05:00 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2011/05/25 22:56:28 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/05 19:37:52 | 000,021,204 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2010/05/05 19:37:50 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2010/05/05 18:56:46 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\CtxfiRes.dll
[2010/05/05 18:56:46 | 000,002,560 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2009/10/22 15:33:30 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\FontReg.exe
[2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 04:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2006/12/31 06:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/12/12 09:48:22 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2006/12/12 09:46:52 | 000,037,888 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2006/12/12 09:39:02 | 000,321,512 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2006/12/12 09:39:02 | 000,056,509 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2006/12/12 09:36:32 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2006/12/12 09:36:14 | 000,149,838 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2006/12/12 09:34:30 | 000,274,587 | ---- | C] () -- C:\WINDOWS\System32\CTSBAS2W.DAT
[2006/12/12 09:34:22 | 000,240,568 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2006/12/12 09:34:22 | 000,114,908 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2006/12/12 09:34:06 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2006/12/12 09:34:06 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2006/12/12 09:34:04 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\enlocstr.exe
[2006/09/18 13:37:50 | 000,000,530 | ---- | C] () -- C:\WINDOWS\System32\tx12_ic.ini
[2006/09/18 13:37:48 | 000,667,280 | ---- | C] () -- C:\WINDOWS\System32\tx12.dll
[2006/05/18 06:03:24 | 000,000,285 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,457,388 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,076,184 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2011/09/17 11:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2011/12/06 20:20:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2011/08/16 14:20:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/08/16 14:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite
[2011/11/19 12:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CoffeeCup Software
[2011/08/15 13:04:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2011/10/05 15:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2011/08/30 22:16:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2011/08/30 22:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/08/16 10:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SQL Anywhere 11
[2011/08/17 11:02:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/08/28 15:00:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\.jagex_cache_22
[2011/12/19 12:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\.minecraft
[2011/08/31 08:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\.salesforce.com
[2011/12/06 20:20:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Canneverbe Limited
[2011/11/14 14:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Canon
[2011/10/12 20:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\CE
[2011/11/19 13:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\CoffeeCup Software
[2011/12/25 09:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\com.jakks.spynet
[2011/09/30 15:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\deskPDF
[2011/09/01 15:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\ElevatedDiagnostics
[2011/11/19 13:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\GlobalSCAPE
[2011/11/20 18:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Image-Line
[2011/08/11 12:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\IObit
[2011/08/24 13:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Leadertech
[2011/11/20 17:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\OpenCandy
[2011/09/26 15:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\OpenOffice.org
[2011/09/01 12:34:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\salesforce.com
[2011/11/30 09:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Sammsoft
[2011/08/28 16:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Unity
[2011/10/18 12:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Windows Desktop Search
[2011/10/25 10:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Scott\Application Data\Windows Search
[2012/02/16 16:28:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004Core.job
[2012/02/16 16:31:14 | 000,000,998 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1177238915-813497703-682003330-1004UA.job
[2012/02/16 14:01:17 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP