Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows Vista running incredibly slow - no SPECIFIC virus detected

Started by atlus , Feb 17 2012 11:54 AM

  • Please log in to reply

#1
atlus
Posted 17 February 2012 - 11:54 AM

atlus

    Member

  • Member
  • PipPip
  • 42 posts
I am running windows vista on my PC. Lately it has been incredibly slow but I am unable to offer a specific virus as you suggest in the Geeks to Go best practices in order to help or assist my "helper". I have downloaded the OTL.exe file run it and have attached a copy as per the instructions. Any help would be greatly appreciated and I thank you in advance. One final thing. When my browser is closed the cpmputer performance seems to be ok via the task manager - however when I open ANY web page the performance maxes out at between 90-100% and stays there imobilizing my computer. I hope this additional information is useful and here is the OTL log....

OTL logfile created on: 15/02/2012 10:11:15 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Brian\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.75 Gb Total Physical Memory | 1.08 Gb Available Physical Memory | 39.24% Memory free
5.70 Gb Paging File | 4.11 Gb Available in Paging File | 72.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.54 Gb Total Space | 72.30 Gb Free Space | 32.34% Space Free | Partition Type: NTFS
Drive D: | 9.35 Gb Total Space | 1.68 Gb Free Space | 18.02% Space Free | Partition Type: NTFS

Computer Name: BRIAN-PC | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/15 20:34:37 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
PRC - [2012/01/14 15:45:13 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe
PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/08/05 12:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2011/06/01 07:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/03/21 18:08:34 | 000,094,024 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 10\TscHelp.exe
PRC - [2011/03/21 18:08:32 | 000,089,928 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 10\SnagPriv.exe
PRC - [2011/03/21 18:08:30 | 007,396,680 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 10\SnagitEditor.exe
PRC - [2011/03/21 18:08:28 | 007,067,464 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\Snagit 10\Snagit32.exe
PRC - [2010/09/14 11:25:26 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
PRC - [2010/07/23 19:20:36 | 000,061,440 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Button Manager\BM.exe
PRC - [2010/07/01 20:34:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/20 21:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/04 02:47:42 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
MOD - [2008/10/26 04:42:14 | 000,065,376 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2008/06/12 00:18:38 | 000,120,216 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2008/06/12 00:18:36 | 000,259,480 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2008/06/12 00:18:34 | 000,345,384 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2008/06/12 00:17:08 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
MOD - [2007/08/14 14:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/07/12 14:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007/07/12 14:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2006/10/27 15:35:18 | 000,436,512 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (RoxLiveShare9)
SRV - File not found [Unknown | Stopped] -- -- (getPlusHelper)
SRV - [2011/10/25 21:32:24 | 000,037,280 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe -- (ADExchange)
SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011/06/01 07:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/09/29 11:56:22 | 000,090,864 | ---- | M] (PC Pitstop LLC) [On_Demand | Stopped] -- C:\Program Files\CA\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2010/09/14 11:25:26 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/02/16 19:39:00 | 002,736,890 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [On_Demand | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/04/26 03:15:26 | 000,361,808 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/10/01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2010/10/29 15:11:08 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010/09/14 11:25:26 | 000,488,024 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2010/07/14 19:33:08 | 002,696,960 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvtcam.sys -- (DCamUSBNovatek)
DRV - [2010/06/09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/04/22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
DRV - [2009/11/02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/07/23 20:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/07/17 17:01:00 | 000,269,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA004Vid.sys -- (OA004Vid)
DRV - [2008/06/05 11:58:42 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/06/03 09:30:24 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA004Ufd.sys -- (OA004Ufd)
DRV - [2008/05/09 14:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/04/27 13:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/04/24 17:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/04/24 13:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008/01/29 08:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/10/17 18:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cbc.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brian\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brian\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2010/08/17 21:43:01 | 000,000,000 | ---D | M]

[2010/08/18 07:19:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/08 06:31:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/17 21:45:35 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2010/04/12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Yahoo! Canada (Enabled)
CHR - default_search_provider: search_url = http://ca.search.yah...p={searchTerms}
CHR - default_search_provider: suggest_url = http://gossip.ca.yah...d={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Program Files\Google\Chrome\Application\plugins\npatgpc.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: getPlusPlus for Adobe 16297 (Enabled) = C:\Program Files\NOS\bin\np_gp.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: AT_DolceGabbana = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih\2\
CHR - Extension: Skype Click to Call = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Gmail = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Check for TWS Updates.lnk = C:\Jts\WiseUpdt.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcp...ls/pctuneup.cab (VersionControl Class)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.bl...re/AxLoader.cab (RIM AxLoader)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E5DA774-B2B7-4B1E-A9BD-135674F73D7D}: DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBF4BCF0-9C4E-4608-B056-FE928244CCC3}: DhcpNameServer = 24.226.1.93 24.226.10.193 24.226.10.194
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-microsoft-rpmsg-message - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/05 08:28:29 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3bc5a9f7-fb31-11de-8279-001f16454bce}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\.\RECYCLER\S-4-6-60-5251582482-0121852688-851344250-3836\vEFclrxj.exe
O33 - MountPoints2\{3bc5a9f7-fb31-11de-8279-001f16454bce}\Shell\explore\command - "" = G:\.\RECYCLER\S-4-6-60-5251582482-0121852688-851344250-3836\vEFclrxj.exe
O33 - MountPoints2\{3bc5a9f7-fb31-11de-8279-001f16454bce}\Shell\Open\command - "" = G:\.\RECYCLER\S-4-6-60-5251582482-0121852688-851344250-3836\vEFclrxj.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/15 20:34:37 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2012/02/15 20:25:49 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/02/08 07:10:15 | 000,000,000 | ---D | C] -- C:\Users\Brian\Desktop\SOA
[2012/02/03 11:54:36 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2012/02/03 11:53:51 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\BitTorrent
[2012/02/03 09:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\TelevisionFanaticEI
[2012/01/18 17:13:34 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Mozilla
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/15 22:12:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1714241644-2984747654-2377555429-1000UA.job
[2012/02/15 21:53:01 | 000,000,246 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012/02/15 21:52:54 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/15 21:50:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/15 21:24:55 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/15 21:24:52 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/15 21:19:49 | 2951,032,832 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/15 20:49:39 | 000,669,100 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012/02/15 20:49:39 | 000,596,440 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/15 20:49:39 | 000,126,232 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012/02/15 20:49:39 | 000,104,256 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/15 20:34:37 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2012/02/15 20:19:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/15 19:12:42 | 000,039,542 | ---- | M] () -- C:\Users\Brian\Desktop\The_Sheild_-_Series_4_ep_13.3602462.TPB.torrent
[2012/02/15 12:22:32 | 000,000,680 | ---- | M] () -- C:\Users\Brian\AppData\Local\d3d9caps.dat
[2012/02/14 13:50:58 | 000,014,666 | ---- | M] () -- C:\Users\Brian\Desktop\Safe_House_(2012)_TS_READNFO_XviD-SiC_Subbed_M[RS].7030806.TPB.torrent
[2012/02/14 12:39:21 | 000,024,594 | ---- | M] () -- C:\Users\Brian\Desktop\The_Shield_-_Complete_Series_4.3582455.TPB.torrent
[2012/02/14 12:32:38 | 000,028,383 | ---- | M] () -- C:\Users\Brian\Desktop\xv-the.shield.s04e01.dvdscr.xvid.[BT].avi.3297032.TPB.torrent
[2012/02/14 08:08:59 | 000,014,331 | ---- | M] () -- C:\Users\Brian\Desktop\[isoHunt] xv-the.shield.s04e01.dvdscr.xvid.[BT].torrent
[2012/02/11 17:04:40 | 000,034,648 | ---- | M] () -- C:\Users\Brian\Desktop\Insanity_Workout_Max_Cardio_Conditioning_And_Cardio_Abs.6308125.TPB.torrent
[2012/02/11 13:13:34 | 000,037,253 | ---- | M] () -- C:\Users\Brian\Desktop\Insanity_Workout_Insanity_Workout_Dig_Deeper_And_Fit_Test.6306850.TPB.torrent
[2012/02/11 11:09:22 | 000,014,889 | ---- | M] () -- C:\Users\Brian\Desktop\P90X_Cardio_X_-_[GuruFuel-RIP].5260412.TPB.torrent
[2012/02/11 11:08:21 | 000,016,049 | ---- | M] () -- C:\Users\Brian\Desktop\P90x__s_Cardio_X_.6598466.TPB.torrent
[2012/02/10 11:03:32 | 000,050,183 | ---- | M] () -- C:\Users\Brian\Desktop\The_Shield_-_Season_2.3317463.TPB.torrent
[2012/02/08 15:03:55 | 000,046,537 | ---- | M] () -- C:\Users\Brian\Desktop\The_Shield_-_Season_1.3314749.TPB.torrent
[2012/02/08 08:24:35 | 000,014,496 | ---- | M] () -- C:\Users\Brian\Desktop\Sons_of_Anarchy_S04E14_HDTV_XviD-ASAP_[eztv].6869520.TPB.torrent
[2012/02/08 07:12:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1714241644-2984747654-2377555429-1000Core.job
[2012/02/06 11:54:04 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/02/03 11:54:36 | 000,000,796 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/02/03 08:06:37 | 000,167,923 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/03 08:06:37 | 000,167,923 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/02 15:07:06 | 000,098,304 | ---- | M] () -- C:\Users\Brian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/24 13:00:20 | 000,291,669 | ---- | M] () -- C:\Users\Brian\Desktop\Tax Deductible Mortgage V2_00.zip
[2012/01/23 23:05:59 | 000,277,118 | ---- | M] () -- C:\Users\Brian\Desktop\turtlerules.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/15 19:12:42 | 000,039,542 | ---- | C] () -- C:\Users\Brian\Desktop\The_Sheild_-_Series_4_ep_13.3602462.TPB.torrent
[2012/02/14 13:50:58 | 000,014,666 | ---- | C] () -- C:\Users\Brian\Desktop\Safe_House_(2012)_TS_READNFO_XviD-SiC_Subbed_M[RS].7030806.TPB.torrent
[2012/02/14 12:39:20 | 000,024,594 | ---- | C] () -- C:\Users\Brian\Desktop\The_Shield_-_Complete_Series_4.3582455.TPB.torrent
[2012/02/14 12:32:38 | 000,028,383 | ---- | C] () -- C:\Users\Brian\Desktop\xv-the.shield.s04e01.dvdscr.xvid.[BT].avi.3297032.TPB.torrent
[2012/02/14 08:08:59 | 000,014,331 | ---- | C] () -- C:\Users\Brian\Desktop\[isoHunt] xv-the.shield.s04e01.dvdscr.xvid.[BT].torrent
[2012/02/11 17:04:40 | 000,034,648 | ---- | C] () -- C:\Users\Brian\Desktop\Insanity_Workout_Max_Cardio_Conditioning_And_Cardio_Abs.6308125.TPB.torrent
[2012/02/11 13:13:34 | 000,037,253 | ---- | C] () -- C:\Users\Brian\Desktop\Insanity_Workout_Insanity_Workout_Dig_Deeper_And_Fit_Test.6306850.TPB.torrent
[2012/02/11 11:09:21 | 000,014,889 | ---- | C] () -- C:\Users\Brian\Desktop\P90X_Cardio_X_-_[GuruFuel-RIP].5260412.TPB.torrent
[2012/02/11 09:31:02 | 000,016,049 | ---- | C] () -- C:\Users\Brian\Desktop\P90x__s_Cardio_X_.6598466.TPB.torrent
[2012/02/10 11:03:28 | 000,050,183 | ---- | C] () -- C:\Users\Brian\Desktop\The_Shield_-_Season_2.3317463.TPB.torrent
[2012/02/08 15:03:55 | 000,046,537 | ---- | C] () -- C:\Users\Brian\Desktop\The_Shield_-_Season_1.3314749.TPB.torrent
[2012/02/08 08:24:34 | 000,014,496 | ---- | C] () -- C:\Users\Brian\Desktop\Sons_of_Anarchy_S04E14_HDTV_XviD-ASAP_[eztv].6869520.TPB.torrent
[2012/02/03 11:54:36 | 000,000,796 | ---- | C] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/01/24 13:00:19 | 000,291,669 | ---- | C] () -- C:\Users\Brian\Desktop\Tax Deductible Mortgage V2_00.zip
[2012/01/23 23:05:59 | 000,277,118 | ---- | C] () -- C:\Users\Brian\Desktop\turtlerules.pdf
[2011/09/05 23:10:09 | 000,614,448 | ---- | C] () -- C:\Windows\Snap.dat
[2011/02/25 11:42:15 | 000,748,160 | ---- | C] () -- C:\Windows\System32\Co2c40en.dll
[2011/02/23 14:38:26 | 000,000,023 | ---- | C] () -- C:\Windows\INFOCTF_4.INI
[2011/02/23 14:38:26 | 000,000,020 | ---- | C] () -- C:\Windows\JAVAXP.DLL
[2011/02/23 14:24:41 | 000,000,022 | ---- | C] () -- C:\Windows\CTRLXAF_4.INI
[2011/02/23 14:24:23 | 000,001,705 | ---- | C] () -- C:\Windows\F_4OUTEXPMAIL.DLL
[2011/02/23 14:24:22 | 000,000,377 | ---- | C] () -- C:\Windows\FIBO32.INI
[2011/02/23 14:24:22 | 000,000,010 | ---- | C] () -- C:\Windows\CTRLXAF_4.EXE
[2011/02/23 14:20:09 | 000,065,536 | ---- | C] () -- C:\Windows\System32\CTA32.dll
[2011/02/23 14:20:09 | 000,045,056 | ---- | C] () -- C:\Windows\System32\CompDLL.dll
[2011/02/23 14:20:09 | 000,036,352 | ---- | C] () -- C:\Windows\System32\SX32W.DLL
[2011/02/23 14:20:09 | 000,028,672 | ---- | C] () -- C:\Windows\System32\proxydll.dll
[2011/02/23 14:20:09 | 000,017,920 | ---- | C] () -- C:\Windows\System32\Implode.dll
[2010/10/12 09:13:48 | 000,098,304 | ---- | C] () -- C:\Windows\System32\NtDirect.dll
[2010/08/17 21:44:51 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010/08/17 21:44:51 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/05/29 09:33:27 | 000,000,304 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\wklnhst.dat
[2010/04/30 16:37:02 | 000,003,276 | ---- | C] () -- C:\Windows\System32\NVTBM.ini
[2010/01/19 11:50:25 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2009/12/24 10:18:48 | 000,000,054 | ---- | C] () -- C:\Windows\NavWin.INI
[2009/12/24 10:17:28 | 000,118,784 | ---- | C] () -- C:\Windows\System32\G32_TICK.DLL
[2009/12/24 10:17:28 | 000,081,920 | ---- | C] () -- C:\Windows\System32\G32_rkey.dll
[2009/12/24 10:17:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\free_res.exe
[2009/10/20 12:33:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/10/20 12:33:34 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/09 18:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2009/09/08 12:17:51 | 000,004,096 | -H-- | C] () -- C:\Users\Brian\AppData\Local\keyfile3.drm
[2009/07/19 09:34:50 | 000,000,044 | ---- | C] () -- C:\Windows\System32\vbupdtx.ini
[2009/05/30 20:58:23 | 000,000,680 | ---- | C] () -- C:\Users\Brian\AppData\Local\d3d9caps.dat
[2009/05/07 08:07:22 | 000,253,952 | ---- | C] () -- C:\Windows\ddedll.dll
[2009/03/29 16:53:44 | 000,098,304 | ---- | C] () -- C:\Users\Brian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/10 21:34:12 | 000,000,035 | ---- | C] () -- C:\Windows\FTAlrm.Ini
[2009/03/06 10:24:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/02/27 10:26:59 | 000,000,010 | ---- | C] () -- C:\Windows\CTRLXAFG_4.EXE
[2009/02/26 21:25:41 | 000,000,021 | ---- | C] () -- C:\Windows\GUICOMXP.DLL
[2009/02/26 21:25:40 | 000,000,023 | ---- | C] () -- C:\Windows\INFOCTFG_4.INI
[2009/02/26 17:23:34 | 000,000,042 | ---- | C] () -- C:\Windows\ib.ini
[2009/02/26 17:23:33 | 000,026,624 | ---- | C] () -- C:\Windows\GetIe.dll
[2009/02/26 17:19:32 | 000,000,024 | ---- | C] () -- C:\Windows\KADJISYS.INI
[2009/02/26 17:19:32 | 000,000,022 | ---- | C] () -- C:\Windows\CTRLXAFG_4.INI
[2009/02/26 17:19:12 | 000,000,322 | ---- | C] () -- C:\Windows\astros.ini
[2009/02/26 17:19:00 | 000,000,023 | ---- | C] () -- C:\Windows\FTROBOT.INI
[2009/02/26 15:52:53 | 000,001,705 | ---- | C] () -- C:\Windows\FG_4OUTEXPMAIL.DLL
[2009/02/26 15:52:52 | 000,000,428 | ---- | C] () -- C:\Windows\FTGT32.INI
[2009/02/22 08:32:33 | 000,167,923 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/02/22 07:59:48 | 000,167,923 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/02/21 17:37:45 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/02/15 18:29:35 | 000,053,248 | ---- | C] () -- C:\Windows\System32\HoadleyOCViewer.dll
[2009/02/15 18:27:54 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HoadleyOPMViewer.dll
[2008/10/16 08:18:05 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/08/05 08:48:53 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2008/08/05 05:35:19 | 000,669,100 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2008/08/05 05:35:19 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2008/08/05 05:35:19 | 000,126,232 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2008/08/05 05:35:19 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2007/04/24 12:22:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\MFT_anet.dll
[2007/04/17 15:19:36 | 000,040,960 | ---- | C] () -- C:\Windows\System32\HoadleyOXChains.dll
[2007/04/13 07:06:32 | 000,065,536 | ---- | C] () -- C:\Windows\System32\HoadleyOXQuotesServer.dll
[2007/01/20 06:24:49 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HoadleyYHOHist.dll
[2006/11/28 07:27:44 | 000,106,496 | ---- | C] () -- C:\Windows\System32\HoadleyESQuotesServer.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,392,400 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,596,440 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,256 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/14 10:35:00 | 000,094,208 | ---- | C] () -- C:\Windows\System32\HoadleySWQuotesServer.dll
[2006/09/02 06:24:06 | 000,032,768 | ---- | C] () -- C:\Windows\System32\HoadleyEXChains.dll
[2006/07/29 07:36:34 | 000,126,976 | ---- | C] () -- C:\Windows\System32\HoadleyESOptionChains.dll
[2006/06/16 14:00:50 | 000,069,632 | ---- | C] () -- C:\Windows\System32\HoadleyAMQuotesServer.dll
[2006/03/09 04:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/06/23 10:29:07 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HoadleyCBOE.dll
[2005/05/16 10:12:18 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HoadleyNQOptionChains.dll
[2005/05/01 23:05:51 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HoadleyNQQuotesServer.dll
[2005/03/28 11:36:49 | 000,049,152 | ---- | C] () -- C:\Windows\System32\HoadleyBullOptionChains.dll
[2004/12/13 17:24:43 | 000,061,440 | ---- | C] () -- C:\Windows\System32\HoadleyBullQuotesServer.dll

========== LOP Check ==========

[2012/02/15 19:54:33 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\BitTorrent
[2009/05/23 13:49:05 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\FOG Downloader
[2012/02/02 12:11:51 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Hoadley
[2010/09/05 09:49:53 | 000,000,000 | -H-D | M] -- C:\Users\Brian\AppData\Roaming\ijjigame
[2009/05/09 20:37:43 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\NPLUTO Corporation
[2011/05/08 21:54:10 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\RegistryKeys
[2010/11/03 16:30:45 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Research In Motion
[2012/02/15 21:17:41 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\SoftGrid Client
[2011/05/08 21:54:10 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\SpeedingUpMyPC
[2011/08/15 11:59:49 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\TeamViewer
[2009/09/20 12:01:49 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\TechSmith
[2010/05/29 09:33:32 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Template
[2010/12/10 10:09:26 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\TP
[2009/10/20 09:28:21 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\webex
[2009/02/22 07:56:26 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\WildTangent
[2009/06/03 11:34:42 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Worden Brothers, Inc
[2010/12/10 10:10:20 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\{90140011-0062-0409-0000-0000000FF1CE}
[2012/02/15 21:18:41 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP