Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Have log from scan. Now what?


  • Please log in to reply

#1
Kimberly Vogler Marschel

Kimberly Vogler Marschel

    New Member

  • Member
  • Pip
  • 1 posts
OTL logfile created on: 2/26/2012 12:31:58 PM - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Kimmy\Downloads\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 0.07 Gb Available Physical Memory | 2.56% Memory free
5.75 Gb Paging File | 1.32 Gb Available in Paging File | 22.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.13 Gb Total Space | 169.55 Gb Free Space | 59.67% Space Free | Partition Type: NTFS
Drive D: | 13.96 Gb Total Space | 1.35 Gb Free Space | 9.70% Space Free | Partition Type: NTFS

Computer Name: USMARSCHEL | User Name: Kimmy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Kimmy\Downloads\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
PRC - C:\ProgramData\FLEXnet\Connect\11\agent.exe (Acresso Corporation)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe (ABBYY)


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (LPDSVC) -- C:\Windows\SysNative\lpdsvc.dll (Microsoft Corporation)
SRV:64bit: - (iprip) -- C:\Windows\SysNative\iprip.dll (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV:64bit: - (lxcz_device) -- C:\Windows\SysNative\lxczcoms.exe ( )
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (IntuitUpdateServiceV4) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (DragonSvc) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.ScreenshotReader.9.0) -- C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe (ABBYY)
SRV - (Symantec RemoteAssist) -- C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
SRV - (CCALib8) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (mbamchameleon) -- C:\Windows\SysNative\drivers\mbamchameleon.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (BVRPMPR5a64) -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS (Avanquest Software)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (rcmirror) -- C:\Windows\SysNative\drivers\rcmirror.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKLM\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://home.peoplepc.com/websearch
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Conduit Apps Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17
FF - prefs.js..keyword.URL: "http://toolbar.inbox...nguage=en&qkw="
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@ei.iWon.com/Plugin: C:\Program Files (x86)\iWonEI\Installr\1.bin\NPjfEISB.dll (iWon)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@GameNutt_2s.com/Plugin: C:\Program Files (x86)\GameNutt_2s\bar\1.bin\NP2sStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@worldwinner.com/Launcher2,version=1.10.0.25: C:\Program Files (x86)\WorldWinner.com, Inc\WorldWinner Games\npwwload.dll (WorldWinner.com, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kimmy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Kimmy\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/01/19 01:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/05 13:13:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_2s.com: C:\Program Files (x86)\GameNutt_2s\bar\1.bin [2011/12/29 20:40:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/25 17:17:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/29 03:39:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/05 13:13:56 | 000,000,000 | ---D | M]

[2010/01/19 01:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Extensions
[2011/08/28 19:57:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012/02/26 00:28:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\5lo0v2po.default\extensions
[2012/02/13 06:54:43 | 000,000,000 | ---D | M] (TranslatorBar 1 Community Toolbar) -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\5lo0v2po.default\extensions\{00bf7b9c-acd2-4080-bea8-b1c41987070f}
[2012/02/25 22:30:09 | 000,000,000 | ---D | M] (SearchElf 1.1 Community Toolbar) -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\5lo0v2po.default\extensions\{00f2c0c6-2194-484e-9064-44e57787867b}
[2012/01/25 20:40:12 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\5lo0v2po.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/02/25 17:22:53 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\5lo0v2po.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/04/15 18:35:07 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\5lo0v2po.default\extensions\[email protected]
[2011/03/04 06:49:11 | 000,002,571 | ---- | M] () -- C:\Users\Kimmy\AppData\Roaming\Mozilla\Firefox\Profiles\5lo0v2po.default\searchplugins\askcom.xml
[2012/02/25 17:01:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/25 17:01:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/02/25 17:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
() (No name found) -- C:\USERS\KIMMY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LO0V2PO.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\KIMMY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5LO0V2PO.DEFAULT\EXTENSIONS\[email protected]
[2012/02/22 13:28:33 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/07/02 12:07:17 | 000,119,808 | ---- | M] (Google) -- C:\Program Files (x86)\mozilla firefox\components\GoogleDesktopMozilla.dll
[2007/04/10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2011/03/20 22:28:58 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll
[2011/03/20 22:28:58 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll
[2011/03/17 16:29:27 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2012/01/14 14:49:54 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/06/25 12:20:28 | 001,446,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2011/03/17 16:29:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/01/03 07:10:44 | 000,182,672 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2011/10/30 13:51:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2011/10/30 13:51:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2011/10/30 13:51:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2011/10/30 13:51:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2011/10/30 13:51:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2011/10/30 13:51:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2011/10/30 13:51:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2012/02/22 13:27:26 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2012/02/22 13:27:26 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/22 13:27:26 | 000,001,131 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2012/02/22 13:27:26 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2010/07/02 12:07:17 | 000,002,020 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\googledesktop.xml
[2012/02/22 13:27:26 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2011/08/25 19:48:21 | 000,001,600 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\WebSearchober139128555.xml
[2011/08/26 01:39:31 | 000,001,600 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\WebSearchober160197925.xml
[2012/02/22 13:27:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2012/02/22 13:27:26 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {656EC4B7-072B-4698-B504-2A414C1F0037} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll File not found
O2 - BHO: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dll (Conduit Ltd.)
O2 - BHO: (no name) - {9579D574-D4D8-4335-9560-FE8641A013BD} - No CLSID value found.
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll (Oberon Media Ltd.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\PageRage\YontooIEClient.dll (Yontoo Technology, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (GamesBar) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll (Oberon Media Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll File not found
O3 - HKLM\..\Toolbar: (PageRage Toolbar) - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files (x86)\PageRage\prxtbPage.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C7768536-96F8-4001-B1A2-90EE21279187} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\SysNative\ieframe.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] c:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4:64bit: - HKLM..\RunOnce: [PCDrProfiler] C:\Program Files\PC-Doctor for Windows\RunProfiler.exe (PC-Doctor, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 [2012/02/24 18:25:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2012/02/24 18:25:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 [2012/02/24 18:25:00 | 000,000,000 | ---D | M]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: PeoplePC Google Search - res://C:\Program Files (x86)\PeoplePC, Inc\Toolbar\SearchUI.dll/search.html File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: PeoplePC Google Search - res://C:\Program Files (x86)\PeoplePC, Inc\Toolbar\SearchUI.dll/search.html File not found
O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc64.cab (Microsoft Office Template and Media Control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://gsn.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} http://www.worldwinn...ut/brickout.cab (Brickout Control)
O16 - DPF: {36299202-09EF-4ABF-ADB9-47C599DBE778} https://www.hpwindow...PProdDetect.cab (HP Product Detection Control)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {42FDC231-A411-45F8-B8B6-3B5026111DA8} http://www.worldwinn...litairerush.cab (SolitaireRush Control)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro2.cce....ads/sysinfo.cab (SysData Class)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab (Bejeweled Control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinn....0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} http://www.worldwinn...jo/wordmojo.cab (WordMojo Control)
O16 - DPF: {95A311CD-EC8E-452A-BCEC-B844EB616D03} http://www.worldwinn...eweledtwist.cab (BejeweledTwist Control)
O16 - DPF: {A021A215-6CDC-44B4-8C16-90491CED9605} http://www.worldwinn...8/clue/clue.cab (Clue Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} http://www.worldwinn...luxor/luxor.cab (WwLuxor Control)
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} http://www.worldwinn...ty/tilecity.cab (Tilecity Control)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinn...h/dinerdash.cab (DinerDash Control)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinn.../familyfeud.cab (FamilyFeud Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} http://www.worldwinn...es/wwspades.cab (WWSpades Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7747F5F-A2C5-42A0-8ABC-AB73C1CD4A36}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\Kimmy\AppData\LocalLow\FunWebProducts\ScreenSaver\Images\f3wallpp.bmp
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Ice Plant on California Coast.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2cc121f4-a478-11e0-b55a-dcd2cc6e0d07}\Shell - "" = AutoRun
O33 - MountPoints2\{2cc121f4-a478-11e0-b55a-dcd2cc6e0d07}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\TL-Bootstrap.exe
O33 - MountPoints2\{f42d2f76-b8dd-11e0-b93b-93afe911e405}\Shell - "" = AutoRun
O33 - MountPoints2\{f42d2f76-b8dd-11e0-b93b-93afe911e405}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/26 11:42:03 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Kimmy\Downloads\Desktop\OTL.exe
[2012/02/25 16:28:25 | 016,740,544 | ---- | C] (Mozilla) -- C:\Users\Kimmy\Downloads\Desktop\Firefox Setup 11.0b4.exe
[2012/02/21 22:38:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ClubSanDisk
[2012/02/21 20:27:10 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Lorax Daily Activity
[2012/02/21 20:26:38 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\AppData\Roaming\Hewlett Packard
[2012/02/21 20:25:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Universal Studios
[2012/02/19 13:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/19 13:50:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/19 13:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/02/19 13:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/02/14 21:47:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/02/14 21:45:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/02/14 17:23:06 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/14 17:23:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/14 17:22:50 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/14 17:22:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/14 17:22:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/14 17:22:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/14 17:22:40 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/14 17:22:38 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/14 17:22:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/14 17:22:32 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/14 17:22:30 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/14 17:16:22 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/14 17:14:40 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/14 17:14:34 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/14 17:13:10 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/08 08:26:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/02/05 21:43:15 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Kimmy\Downloads\Desktop\mbam-consumer.exe
[2012/02/05 17:21:36 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\AppData\Local\Intuit
[2012/02/04 21:21:32 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\Music\Documents\TurboTax
[2012/02/04 20:21:28 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\AppData\Roaming\Intuit
[2012/02/04 20:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2011
[2012/02/04 20:14:11 | 000,000,000 | ---D | C] -- C:\Users\Kimmy\AppData\Local\IsolatedStorage
[2012/02/04 20:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intuit
[2012/02/04 20:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TurboTax
[2012/02/04 20:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2012/01/30 22:57:51 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/30 22:57:49 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/30 22:57:48 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/30 22:57:47 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/30 22:57:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/30 22:57:45 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/30 19:33:38 | 068,403,904 | ---- | C] (Microsoft Corporation) -- C:\Users\Kimmy\Downloads\Desktop\msert.exe
[2012/01/29 16:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/29 16:30:42 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/01/29 03:08:31 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/01/29 03:08:28 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/01/29 03:08:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/01/29 03:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/26 12:32:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/26 12:10:03 | 000,000,590 | ---- | M] () -- C:\Windows\tasks\HP_TheLoraxDailyActivity_lorax-daily-activity-bpw_PreFetch.job
[2012/02/26 11:46:53 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kimmy\Downloads\Desktop\OTL.exe
[2012/02/26 11:44:41 | 000,011,424 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/26 11:44:41 | 000,011,424 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/26 10:50:07 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2012/02/26 10:36:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/26 04:48:05 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/26 04:46:42 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/02/26 04:46:18 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/26 04:09:01 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2012/02/25 21:33:32 | 000,029,518 | ---- | M] () -- C:\Users\Kimmy\AppData\Roaming\wklnhst.dat
[2012/02/25 19:46:12 | 000,786,432 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\HRBlock_DeluxeSE_2011_Update_C.exe
[2012/02/25 17:03:25 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/25 17:00:15 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2012/02/25 16:31:58 | 016,740,544 | ---- | M] (Mozilla) -- C:\Users\Kimmy\Downloads\Desktop\Firefox Setup 11.0b4.exe
[2012/02/25 13:02:45 | 000,000,572 | ---- | M] () -- C:\Windows\tasks\HP_TheLoraxDailyActivity_lorax-daily-activity-bpw.job
[2012/02/25 12:03:09 | 000,075,956 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\demo-50-Reading-Comprehension-Activities-to-use-with-any-book.jpg
[2012/02/25 00:59:27 | 000,002,410 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2012/02/24 17:39:24 | 000,000,464 | ---- | M] () -- C:\Windows\tasks\HP_TheLoraxDailyActivity_Updater.job
[2012/02/24 06:46:37 | 000,038,400 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\February 27th-3March 2 yes.wps
[2012/02/23 22:42:10 | 000,038,912 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\February 27th-32.wps
[2012/02/23 20:13:37 | 000,022,016 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\VOCABULARY WORDs for theme 7-2.wps
[2012/02/22 23:50:03 | 000,000,000 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\seuss.xps
[2012/02/22 18:59:12 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/02/21 22:54:02 | 000,008,192 | ---- | M] () -- C:\Users\Kimmy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/21 22:03:38 | 000,873,662 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/21 22:03:38 | 000,727,816 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/21 22:03:38 | 000,145,422 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/21 20:41:52 | 000,019,761 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\image.ashx.jpg
[2012/02/21 20:27:10 | 000,003,099 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\The Lorax Daily Activity.lnk
[2012/02/21 20:19:32 | 004,902,400 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\TheLoraxDailyActivity.msi
[2012/02/21 19:59:33 | 000,104,144 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\RIGHT TO WORK.pdf
[2012/02/20 19:32:12 | 000,000,614 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/20 16:46:33 | 000,015,360 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\shoppimh lisdt.wps
[2012/02/19 14:06:32 | 000,015,360 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\powerpoint.wps
[2012/02/19 13:57:29 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/02/17 19:55:16 | 246,675,051 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/17 01:51:13 | 000,032,256 | ---- | M] () -- C:\Users\Kimmy\Downloads\Desktop\Untitled Document.wps
[2012/02/14 21:48:39 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/02/14 21:47:30 | 000,887,320 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/14 21:06:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/02/14 19:23:35 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/14 18:26:24 | 000,504,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/08 06:57:05 | 000,141,312 | ---- | M] () -- C:\Users\Kimmy\Music\Documents\book box Labels.wps
[2012/02/06 21:02:15 | 000,018,432 | ---- | M] () -- C:\Users\Kimmy\Music\Documents\spelling 69-2.wps
[2012/02/05 21:48:16 | 000,015,360 | ---- | M] () -- C:\Users\Kimmy\Music\Documents\malware info.wps
[2012/02/05 21:44:46 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Kimmy\Downloads\Desktop\mbam-consumer.exe
[2012/02/05 11:25:53 | 000,029,808 | ---- | M] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2012/02/04 20:08:45 | 000,001,648 | ---- | M] () -- C:\Users\Kimmy\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - hp.lnk
[2012/02/02 23:37:58 | 000,002,042 | ---- | M] () -- C:\Users\Kimmy\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/01/30 19:48:52 | 068,403,904 | ---- | M] (Microsoft Corporation) -- C:\Users\Kimmy\Downloads\Desktop\msert.exe
[2012/01/29 13:07:16 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKimmy.job
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/25 19:31:16 | 000,786,432 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\HRBlock_DeluxeSE_2011_Update_C.exe
[2012/02/25 17:03:25 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/25 11:59:28 | 000,075,956 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\demo-50-Reading-Comprehension-Activities-to-use-with-any-book.jpg
[2012/02/23 22:42:39 | 000,038,400 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\February 27th-3March 2 yes.wps
[2012/02/23 20:20:24 | 000,038,912 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\February 27th-32.wps
[2012/02/23 20:13:25 | 000,022,016 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\VOCABULARY WORDs for theme 7-2.wps
[2012/02/22 23:49:54 | 000,000,000 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\seuss.xps
[2012/02/21 20:35:26 | 000,000,464 | ---- | C] () -- C:\Windows\tasks\HP_TheLoraxDailyActivity_Updater.job
[2012/02/21 20:35:06 | 000,000,590 | ---- | C] () -- C:\Windows\tasks\HP_TheLoraxDailyActivity_lorax-daily-activity-bpw_PreFetch.job
[2012/02/21 20:34:47 | 000,000,572 | ---- | C] () -- C:\Windows\tasks\HP_TheLoraxDailyActivity_lorax-daily-activity-bpw.job
[2012/02/21 20:32:24 | 000,019,761 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\image.ashx.jpg
[2012/02/21 20:27:10 | 000,003,099 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\The Lorax Daily Activity.lnk
[2012/02/21 20:15:05 | 004,902,400 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\TheLoraxDailyActivity.msi
[2012/02/21 19:59:02 | 000,104,144 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\RIGHT TO WORK.pdf
[2012/02/19 13:57:29 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/02/17 00:17:55 | 000,032,256 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\Untitled Document.wps
[2012/02/14 21:46:33 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/02/08 06:57:03 | 000,141,312 | ---- | C] () -- C:\Users\Kimmy\Music\Documents\book box Labels.wps
[2012/02/06 21:02:12 | 000,018,432 | ---- | C] () -- C:\Users\Kimmy\Music\Documents\spelling 69-2.wps
[2012/02/05 21:45:06 | 000,015,360 | ---- | C] () -- C:\Users\Kimmy\Music\Documents\malware info.wps
[2012/02/05 12:20:05 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/05 11:25:53 | 000,029,808 | ---- | C] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2012/02/04 20:16:44 | 000,000,614 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/04 12:50:41 | 000,015,360 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\powerpoint.wps
[2012/01/31 00:23:29 | 000,015,360 | ---- | C] () -- C:\Users\Kimmy\Downloads\Desktop\shoppimh lisdt.wps
[2012/01/29 03:10:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011/12/30 16:43:56 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/12/20 17:39:18 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/09/22 05:07:51 | 000,000,000 | ---- | C] () -- C:\Users\Kimmy\AppData\Local\{7D03545C-4F38-49F0-86DC-158B863DC6B9}
[2011/09/05 13:04:24 | 000,171,327 | ---- | C] () -- C:\Windows\hpwins27.dat
[2011/09/04 01:56:50 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat.temp
[2011/09/03 21:47:54 | 000,170,636 | ---- | C] () -- C:\Windows\hpwins27.dat.temp
[2011/09/03 21:47:54 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat.temp
[2011/08/22 15:28:39 | 000,007,600 | ---- | C] () -- C:\Users\Kimmy\AppData\Local\resmon.resmoncfg
[2011/03/04 23:50:48 | 000,001,955 | ---- | C] () -- C:\Users\Kimmy\AppData\Roaming\SAS7_000.DAT
[2011/02/18 07:43:04 | 000,008,192 | ---- | C] () -- C:\Users\Kimmy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/29 22:28:55 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/01/06 21:20:56 | 000,000,010 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/08/23 15:54:44 | 000,306,688 | ---- | C] () -- C:\Windows\SysWow64\LFFPX7.DLL
[2010/08/23 15:54:44 | 000,095,232 | ---- | C] () -- C:\Windows\SysWow64\LFKODAK.DLL
[2010/08/23 15:54:35 | 000,044,544 | ---- | C] () -- C:\Windows\SysWow64\gif89.dll
[2010/08/23 15:54:00 | 000,000,286 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/08/21 12:40:44 | 000,000,028 | ---- | C] () -- C:\Windows\pdf995.ini
[2010/06/29 15:48:35 | 000,000,000 | ---- | C] () -- C:\ProgramData\Images
[2010/06/29 15:48:35 | 000,000,000 | ---- | C] () -- C:\ProgramData\Hybrid Basic
[2010/06/13 09:29:16 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/06/13 09:29:16 | 000,000,000 | ---- | C] () -- C:\Users\Kimmy\AppData\Roaming\Importer
[2010/06/13 09:25:45 | 000,000,000 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/03/06 18:18:50 | 000,000,142 | ---- | C] () -- C:\Windows\wpd99.drv
[2010/03/06 18:18:49 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\pdf995mon64.dll

========== LOP Check ==========

[2010/04/19 17:54:58 | 000,000,000 | -HSD | M] -- C:\Users\Kimmy\AppData\Roaming\.#
[2012/02/09 00:56:18 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\BitTorrent
[2011/03/20 22:28:58 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Catalina Marketing Corp
[2011/01/26 18:21:22 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\com.Shutterfly.ExpressUploader
[2011/07/02 04:46:30 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\com.verizon.mediastore.vzwdownloadmanager.BEEF85639ECFAE88C004EA3A5F976EE5386C7526.1
[2010/01/19 01:23:56 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Farm Mania
[2011/08/02 21:17:50 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Foxit Software
[2011/08/26 01:40:14 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\funkitron
[2010/01/19 01:23:56 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Hallmark
[2012/02/21 20:26:38 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Hewlett Packard
[2011/04/10 00:30:25 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Hoyle Blackjack
[2011/08/05 22:49:10 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Hoyle Card Games
[2010/10/27 17:49:07 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Hoyle FaceCreator
[2012/01/20 22:12:52 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Hoyle Puzzle and Board Games
[2011/02/08 23:55:31 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\HU2011
[2011/06/18 07:34:01 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\iWing
[2010/12/16 18:36:13 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\MSNInstaller
[2010/06/13 14:44:46 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Nikon
[2011/03/02 18:11:00 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Nuance
[2011/08/25 19:50:18 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Oberon Media
[2012/01/04 21:51:54 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Octoshape
[2011/06/15 00:47:28 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\pdf995
[2009/12/20 09:46:50 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\PeerNetworking
[2010/01/19 01:24:06 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\PeoplePC
[2010/01/31 15:44:19 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\PeoplePC Online
[2010/01/19 01:24:06 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\PictureMover
[2011/03/21 23:27:14 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Scholastic
[2010/06/02 06:12:45 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\SmartDraw
[2012/02/24 20:44:37 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Smilebox
[2011/06/21 21:47:50 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\TaxCut
[2011/09/29 05:28:30 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Template
[2011/07/01 09:12:11 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Tific
[2011/08/21 20:51:29 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Unity
[2010/05/21 19:34:03 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Wal-Mart
[2010/01/19 01:24:06 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\WinBatch
[2011/02/13 17:54:57 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Word Power
[2011/04/11 18:39:20 | 000,000,000 | ---D | M] -- C:\Users\Kimmy\AppData\Roaming\Worldwinner
[2012/02/26 10:50:07 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012/02/25 17:00:15 | 000,000,414 | ---- | M] () -- C:\Windows\Tasks\RegCure Program Check.job
[2012/02/26 04:09:01 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\RegCure.job
[2012/02/14 19:25:54 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 236 bytes -> C:\ProgramData\Temp:0FF263E8
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:D75DDAB3
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:4B2F39D3
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP