I am running Windows XP,on a Lenovo G550 laptop with Microsoft Security Essentials. MSE removed TrojanDropper.Win32/Sirefef.B and later in the day I began experiencing "limited or no connectivity" network issues. I ran Malwarebytes (which has not been updated in 27 days as I could not find a place to DL the virus definitions update independently so I could update using my removable HD) completed a quick scan and a full scan. Did the same with Microsoft Security Essentials and Superantispyware, with no luck. I then attempted a system restore to a few days before the virus was found, which also didn't solve the problem. I downloaded (via my other computer) WinsockxpFix.exe, and RogueKiller.exe and ran both with no improvement as well. I also attempted to download and install new drivers for the belkin wireless card with no luck. The following is the OTL quickscan report. Any assistance would be greatly appreciated!
OTL logfile created on: 2/10/2012 4:47:09 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Michele\Desktop\Comp Cleanup
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.96 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 73.25% Memory free
5.77 Gb Paging File | 5.18 Gb Available in Paging File | 89.79% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 188.93 Gb Total Space | 41.02 Gb Free Space | 21.71% Space Free | Partition Type: NTFS
Drive D: | 29.19 Gb Total Space | 24.80 Gb Free Space | 84.96% Space Free | Partition Type: NTFS
Drive E: | 400.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive L: | 298.09 Gb Total Space | 103.21 Gb Free Space | 34.62% Space Free | Partition Type: NTFS
Computer Name: MGLAPTOP | User Name: Michele | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/10 16:40:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michele\Desktop\Comp Cleanup\OTL.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/10/08 21:40:59 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/06/15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/11/05 01:29:00 | 000,132,456 | ---- | M] (Lenovo.) -- C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
PRC - [2010/11/05 01:29:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010/04/30 09:47:00 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2009/07/20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2009/06/12 14:59:14 | 004,464,640 | ---- | M] (Lenovo(Beijing)Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2009/06/10 17:32:56 | 001,282,048 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2008/10/14 13:15:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\BisonC07\BisonM07.exe
PRC - [2008/04/13 16:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/04 03:05:19 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c272cad7afb127e2a2bdb8a5a808512\System.Runtime.Remoting.ni.dll
MOD - [2012/01/04 03:04:37 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/01/04 03:04:27 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2011/10/14 02:18:19 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c2ebcc8d60422f224b4088f3d7a2ac1f\PresentationFramework.Luna.ni.dll
MOD - [2011/10/14 02:18:15 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll
MOD - [2011/10/14 02:18:15 | 000,141,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll
MOD - [2011/10/14 02:17:51 | 000,627,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll
MOD - [2011/10/14 02:17:50 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll
MOD - [2011/10/14 02:17:49 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll
MOD - [2011/10/14 02:17:00 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011/10/14 02:16:45 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011/10/14 02:16:38 | 000,060,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\888b745ca99d39692c2e9af222e5eae8\UIAutomationProvider.ni.dll
MOD - [2011/10/14 02:16:33 | 012,215,808 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2f0318713eca304eaa9d86fc17edb96\PresentationCore.ni.dll
MOD - [2011/10/14 02:16:08 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\1adc4ae51a5ac63e896a1402749ca495\WindowsBase.ni.dll
MOD - [2011/10/14 02:15:58 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011/10/14 02:15:52 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011/10/14 02:15:47 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011/10/14 02:15:35 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2010/12/25 22:28:22 | 000,839,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/12/25 22:28:22 | 000,429,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Memeo.ShellExtension\4.0.0.114__63b82a8957e80a37\Memeo.ShellExtension.dll
MOD - [2010/11/05 01:29:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWRMGRRO.DLL
MOD - [2010/11/05 01:29:00 | 000,053,248 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
MOD - [2010/11/05 01:29:00 | 000,036,352 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWRMGRRT.DLL
MOD - [2010/06/24 02:02:41 | 005,279,744 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2009/12/12 18:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/07/20 12:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll
MOD - [2008/10/14 13:15:08 | 000,032,768 | ---- | M] () -- C:\WINDOWS\BisonC07\BisonM07.exe
MOD - [2008/05/21 19:33:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll
MOD - [2005/06/24 05:05:02 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/12/11 00:40:51 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/08 21:40:59 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/06/29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011/04/27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/16 01:10:14 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/11/05 01:29:00 | 000,132,456 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE -- (DozeSvc)
SRV - [2010/11/05 01:29:00 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/04/30 09:47:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/04/22 19:49:38 | 000,025,824 | ---- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/02/17 05:49:35 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/04/02 15:47:04 | 000,234,888 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 15:47:02 | 000,464,264 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/05/28 11:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/01/04 21:48:50 | 000,112,152 | ---- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2012/02/10 07:40:44 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{29C69F82-F474-4ED3-9E92-2BF90F2642E3}\MpKsled468986.sys -- (MpKsled468986)
DRV - [2011/12/02 07:49:14 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/12/02 07:49:14 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/10/08 21:40:27 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/10/08 21:40:26 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/05/16 23:30:35 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/05/16 23:30:35 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/12/13 15:38:07 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010/11/05 01:29:00 | 000,024,304 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\DozeHDD.sys -- (DozeHDD)
DRV - [2010/11/05 01:29:00 | 000,004,442 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2010/03/22 15:52:59 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/03/22 15:52:57 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/12/30 03:25:26 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/11/11 10:14:44 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/11 10:14:44 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/11/11 10:14:44 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/11 10:14:44 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/11/11 10:14:12 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/11/08 22:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 11:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2009/05/22 12:33:10 | 001,273,640 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonC07.sys -- (Cam5607)
DRV - [2009/04/23 12:54:36 | 000,814,592 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAU32.sys -- (CnxtHdAudService)
DRV - [2009/03/25 15:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 15:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 15:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 15:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 15:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 15:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 15:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/10/23 15:49:18 | 000,187,392 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2008/09/10 21:14:48 | 001,386,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/03/14 08:23:12 | 000,169,008 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/11 16:58:42 | 000,009,472 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2008/01/10 12:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSVD.sys -- (WSVD)
DRV - [2007/07/23 14:04:24 | 000,022,528 | ---- | M] (SoundGenetics) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aubridge.sys -- (audiobridge)
DRV - [2007/05/23 03:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/17 22:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2004/08/04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 1B F2 94 47 28 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Yahoo-FLVTube"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Yahoo-FLVTube"
FF - prefs.js..browser.search.selectedEngine: " "
FF - prefs.js..browser.search.selectedEngineURL: "http://flvtubesearch...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {265D0102-EDEA-400C-8D9D-E39BF3EDB5F6}:1.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.5.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.4.4.1
FF - prefs.js..keyword.URL: "http://bing.zugotool...s&site=Bing&q="
FF - prefs.js..network.proxy.type: 4
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Michele\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Michele\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Michele\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Michele\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{265D0102-EDEA-400C-8D9D-E39BF3EDB5F6}: C:\Documents and Settings\Michele\Local Settings\Application Data\{265D0102-EDEA-400C-8D9D-E39BF3EDB5F6} [2010/07/20 13:21:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/04 19:47:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/14 19:45:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Michele\Application Data\Move Networks [2010/01/05 01:29:35 | 000,000,000 | ---D | M]
[2010/01/05 01:29:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michele\Application Data\Mozilla\Extensions
[2009/12/26 10:49:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michele\Application Data\Mozilla\Firefox\extensions
[2009/12/26 10:49:13 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Documents and Settings\Michele\Application Data\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2011/12/01 22:15:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michele\Application Data\Mozilla\Firefox\Profiles\zx1479pg.default\extensions
[2010/05/25 19:45:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michele\Application Data\Mozilla\Firefox\Profiles\zx1479pg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/23 02:01:30 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\Michele\Application Data\Mozilla\Firefox\Profiles\zx1479pg.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/12/01 22:15:11 | 000,000,000 | ---D | M] (Torbutton) -- C:\Documents and Settings\Michele\Application Data\Mozilla\Firefox\Profiles\zx1479pg.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2011/07/23 02:01:29 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Michele\Application Data\Mozilla\Firefox\Profiles\zx1479pg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/10/10 20:14:41 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Michele\Application Data\Mozilla\Firefox\Profiles\zx1479pg.default\searchplugins\bing.xml
[2010/12/11 19:22:47 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Michele\Application Data\Mozilla\Firefox\Profiles\zx1479pg.default\searchplugins\conduit.xml
[2012/01/19 21:21:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/14 12:55:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/03 04:31:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/06 08:43:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/05/16 23:29:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/06/12 01:57:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/01/19 21:21:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2010/01/05 01:29:35 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\MICHELE\APPLICATION DATA\MOVE NETWORKS
[2010/07/20 13:21:36 | 000,000,000 | ---D | M] (XULRunner) -- C:\DOCUMENTS AND SETTINGS\MICHELE\LOCAL SETTINGS\APPLICATION DATA\{265D0102-EDEA-400C-8D9D-E39BF3EDB5F6}
[2011/05/16 23:29:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/05 03:16:05 | 000,001,175 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\FLVTube.xml.bak
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Chrome\Application\17.0.963.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Chrome\Application\17.0.963.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Chrome\Application\17.0.963.46\pdf.dll
CHR - plugin: Logitech Device Detection (Enabled) = C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.23.0.5_0\npLogitechDeviceDetection.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Michele\Application Data\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Michele\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Michele\Application Data\Move Networks\plugins\npqmp071505000011.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.71\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Logitech Device Detection = C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.15_0\
CHR - Extension: Gmail = C:\Documents and Settings\Michele\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/02/10 07:39:11 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (TBSB05974 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Search Toolbar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files\Search Toolbar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - C:\Program Files\Search Toolbar\tbcore3.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [BisonMnt] C:\WINDOWS\BisonC07\BisonM07.exe ()
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(Beijing)Limited)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKCU..\Run: [Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\Michele\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: LENOVO - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} http://www-307.ibm.c...pport/acpir.cab (IASRunner Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1261819129968 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadbl...ivex/sabspx.cab (SABScanProcesses Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.4.24.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E352C986-9B29-4289-BE9A-FCB761F2C5F3}: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/10 12:41:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/11/21 12:40:41 | 000,000,122 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/02/14 23:53:50 | 000,000,027 | ---- | M] () - L:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{1982fa40-2815-11db-9392-00023fe8283b}\Shell - "" = AutoRun
O33 - MountPoints2\{1982fa40-2815-11db-9392-00023fe8283b}\Shell\1\Command - "" = F:\.\RECYCLER\RECYCLER\autorun.exe
O33 - MountPoints2\{1982fa40-2815-11db-9392-00023fe8283b}\Shell\2\Command - "" = F:\.\RECYCLER\RECYCLER\autorun.exe
O33 - MountPoints2\{1982fa40-2815-11db-9392-00023fe8283b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1982fa40-2815-11db-9392-00023fe8283b}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\RECYCLER\RECYCLER\autorun.exe
O33 - MountPoints2\{49c5746a-0fd0-11e0-8d54-002622c6765f}\Shell - "" = AutoRun
O33 - MountPoints2\{49c5746a-0fd0-11e0-8d54-002622c6765f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{49c5746a-0fd0-11e0-8d54-002622c6765f}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{c14e40ee-675c-11df-8cd0-002622c6765f}\Shell\AutoRun\command - "" = J:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/02/10 07:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michele\Desktop\RK_Quarantine
[2012/02/10 00:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fenomen Games
[2012/02/09 06:24:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michele\Application Data\KatGames
[2012/02/09 06:24:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\KatGames
[2012/02/06 22:24:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michele\Application Data\Alawar Entertainment
[2012/02/06 03:06:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michele\Application Data\Leahs_Tale
[2012/02/06 03:04:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michele\Start Menu\Programs\Leahs Tale
[2012/01/25 22:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Grimoire Chronicles
[2012/01/23 22:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michele\Start Menu\Programs\The Golden Years - Way Out West
[2012/01/22 10:35:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michele\Application Data\dvdcss
[2012/01/20 00:27:09 | 000,000,000 | ---D | C] -- C:\games
[2012/01/19 21:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/01/16 20:42:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Heros Tale - Enhanced Edition
[2010/12/15 17:53:56 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[2010/04/17 04:33:30 | 157,289,278 | ---- | C] (Games ) -- C:\Documents and Settings\Michele\Application Data\LittleNoirMissingGirl.exe
[1 C:\Documents and Settings\Michele\My Documents\*.tmp files -> C:\Documents and Settings\Michele\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/10 16:14:10 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/10 16:06:10 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4139560822-1196392724-1434190299-1007UA.job
[2012/02/10 16:02:48 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\SystemToolsDailyTest.job
[2012/02/10 10:06:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4139560822-1196392724-1434190299-1007Core.job
[2012/02/10 07:49:40 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/02/10 07:45:44 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/02/10 07:44:23 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/02/10 07:44:20 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/10 07:40:54 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2012/02/10 07:40:45 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/10 07:40:31 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/10 07:39:11 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/02/09 07:15:49 | 000,001,934 | ---- | M] () -- C:\Documents and Settings\Michele\Desktop\World of Zellians Kingdom Builder.lnk
[2012/02/09 06:23:27 | 000,001,997 | ---- | M] () -- C:\Documents and Settings\Michele\Desktop\Play Over 11.000 Online Games on The Playing Bay.lnk
[2012/02/08 21:08:14 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Michele\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/02/08 21:08:13 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Michele\Desktop\Google Chrome.lnk
[2012/02/08 02:04:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/02/08 00:06:43 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012/02/08 00:06:43 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012/02/06 03:04:18 | 000,001,630 | ---- | M] () -- C:\Documents and Settings\Michele\Desktop\Leahs Tale.lnk
[2012/02/04 07:35:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/29 21:29:26 | 000,000,686 | ---- | M] () -- C:\Documents and Settings\Michele\Desktop\Dawn's Light.lnk
[2012/01/26 21:54:34 | 000,207,347 | ---- | M] () -- C:\Documents and Settings\Michele\My Documents\Taxessf2011.pdf
[2012/01/25 22:48:07 | 000,001,713 | ---- | M] () -- C:\Documents and Settings\Michele\Desktop\Grimoire Chronicles.lnk
[2012/01/25 00:33:17 | 000,532,052 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/25 00:33:17 | 000,099,096 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/23 22:13:24 | 000,001,963 | ---- | M] () -- C:\Documents and Settings\Michele\Desktop\The Golden Years - Way Out West.lnk
[2012/01/23 22:13:22 | 000,002,088 | ---- | M] () -- C:\Documents and Settings\Michele\Desktop\Download More Free Full Games from FoxyGames.Info.lnk
[2012/01/16 20:42:42 | 000,001,801 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Heros Tale - Enhanced Edition.lnk
[2012/01/13 08:00:16 | 000,000,528 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[1 C:\Documents and Settings\Michele\My Documents\*.tmp files -> C:\Documents and Settings\Michele\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/02/09 07:15:49 | 000,001,934 | ---- | C] () -- C:\Documents and Settings\Michele\Desktop\World of Zellians Kingdom Builder.lnk
[2012/02/06 03:04:18 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Michele\Desktop\Play Over 11.000 Online Games on The Playing Bay.lnk
[2012/02/06 03:04:18 | 000,001,630 | ---- | C] () -- C:\Documents and Settings\Michele\Desktop\Leahs Tale.lnk
[2012/01/29 21:29:26 | 000,000,686 | ---- | C] () -- C:\Documents and Settings\Michele\Desktop\Dawn's Light.lnk
[2012/01/26 21:54:34 | 000,207,347 | ---- | C] () -- C:\Documents and Settings\Michele\My Documents\Taxessf2011.pdf
[2012/01/25 22:48:07 | 000,001,713 | ---- | C] () -- C:\Documents and Settings\Michele\Desktop\Grimoire Chronicles.lnk
[2012/01/23 22:13:24 | 000,001,963 | ---- | C] () -- C:\Documents and Settings\Michele\Desktop\The Golden Years - Way Out West.lnk
[2012/01/16 20:42:42 | 000,001,801 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Heros Tale - Enhanced Edition.lnk
[2012/01/13 03:32:34 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/11 03:21:16 | 001,065,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/09/13 00:20:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Captive.INI
[2011/08/14 19:20:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/07/11 17:02:27 | 000,113,040 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2011/07/11 17:02:27 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2011/06/03 22:45:35 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/06/03 22:45:35 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/06/01 05:06:51 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2011/06/01 05:06:51 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2011/05/18 17:42:02 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\QTUninst.dll
[2011/05/15 07:09:18 | 000,013,490 | -HS- | C] () -- C:\Documents and Settings\Michele\Local Settings\Application Data\83ugwuk5b886k
[2011/05/15 07:09:18 | 000,013,490 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\83ugwuk5b886k
[2011/02/23 06:41:52 | 000,000,346 | ---- | C] () -- C:\WINDOWS\QTW.ini
[2011/01/30 07:11:49 | 000,087,040 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2011/01/30 07:11:48 | 000,473,600 | ---- | C] () -- C:\WINDOWS\System32\Harmony.dll
[2011/01/30 07:11:48 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\Unlha32.dll
[2011/01/30 05:51:46 | 000,084,360 | ---- | C] () -- C:\WINDOWS\gamedelete.exe
[2010/12/15 17:53:55 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2010/12/10 22:52:47 | 000,196,608 | ---- | C] () -- C:\WINDOWS\PWMBTHLP.EXE
[2010/12/10 22:52:46 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2010/12/07 16:58:00 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010/12/05 11:22:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Shadow.INI
[2010/12/03 07:20:48 | 000,036,734 | ---- | C] () -- C:\WINDOWS\System32\OggDSuninst.exe
[2010/11/24 22:43:22 | 000,000,029 | ---- | C] () -- C:\WINDOWS\JMAN.INI
[2010/11/05 22:42:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/10/30 10:47:48 | 000,000,534 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/10/16 06:20:36 | 000,000,550 | ---- | C] () -- C:\Documents and Settings\Michele\Application Data\prefsdb.dat
[2010/10/05 03:21:39 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/09/10 00:02:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Twister.INI
[2010/09/07 17:59:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Secrets.INI
[2010/08/23 15:45:44 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010/07/24 13:16:09 | 000,003,054 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini
[2010/07/20 13:21:37 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Adojusucamunu.dat
[2010/07/20 13:21:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Tcedifohahuroze.bin
[2010/04/22 20:06:16 | 000,000,190 | ---- | C] () -- C:\WINDOWS\settings.ini
[2010/03/24 20:47:11 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010/03/22 23:44:34 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Michele\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/21 02:29:51 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010/01/21 02:29:47 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010/01/15 06:52:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\game.INI
[2010/01/13 23:01:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Curses.INI
[2010/01/13 17:44:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Waverly.INI
[2010/01/12 01:47:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ransom.INI
[2010/01/10 08:04:07 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/01/08 17:45:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CastleMalloy.INI
[2010/01/05 01:28:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/12/30 03:37:55 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2009/09/14 17:26:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/09/14 17:15:26 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M3000Twn.ini
[2009/09/14 17:14:12 | 000,982,240 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2009/09/14 17:14:11 | 000,439,308 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2009/09/14 17:14:11 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5002.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/02/05 15:46:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\Memeo.ShellExtension.WicIO.dll
[2006/08/10 12:52:50 | 000,002,048 | ---- | C] () -- C:\WINDOWS\bootstat.dat
[2006/08/10 12:37:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/08/10 12:31:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/08/10 12:30:34 | 003,608,064 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/03/29 15:54:25 | 000,001,322 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/04 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 15:00:00 | 000,532,052 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 15:00:00 | 000,099,096 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 15:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 15:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/10/06 13:42:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2002/10/04 18:04:25 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/10/04 18:04:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/10/04 18:04:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001/10/09 20:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/10/09 19:59:00 | 000,004,492 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/06 14:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ==========
[2010/04/08 01:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Absolutist
[2010/01/19 13:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2012/01/23 22:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar
[2010/09/23 23:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[2010/10/16 12:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarSouthpoint
[2010/09/27 20:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper
[2011/01/09 05:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ALLConverter
[2011/02/06 18:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Arkadium
[2010/11/01 14:20:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Artist Colony
[2011/05/08 21:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2011/01/20 02:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aveyond I
[2009/12/26 10:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2010/10/13 22:40:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Becky Brogan 2
[2011/05/22 15:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Finish
[2010/09/05 12:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brainiversity2
[2010/10/28 21:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brawsome
[2010/06/05 14:12:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Buried In Time
[2011/05/08 21:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/11/08 20:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cateia Games
[2010/10/18 00:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrioGames
[2010/05/18 18:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deadtime Stories
[2011/06/10 02:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dingogames
[2010/11/12 11:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA
[2010/11/25 00:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2010/03/14 00:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EdensQuest
[2010/11/25 00:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/10/15 11:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elephant Games
[2009/12/28 05:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum2
[2011/08/14 03:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Exorcist DS 7
[2011/04/14 23:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Far Mills
[2012/02/10 00:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fenomen Games
[2010/10/15 06:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games
[2010/10/03 02:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Floodlight Games
[2011/06/01 03:16:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo
[2010/08/26 20:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Funny Bear Studio
[2010/10/22 21:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/09/22 19:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gamers Digital
[2010/03/31 20:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GOA
[2010/08/26 08:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii
[2010/11/10 08:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Happyville__
[2010/10/29 15:12:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IntDreams
[2010/09/05 16:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intenium
[2010/09/06 14:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Interama
[2012/02/09 06:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\KatGames
[2010/10/16 11:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Konami
[2009/12/27 00:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Little Games Company
[2010/11/04 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/09 08:25:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mandragora
[2010/12/25 22:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2010/02/16 01:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom
[2010/02/12 18:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Million
[2010/11/02 15:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2010/09/21 02:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MythPeople
[2010/02/25 23:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nevosoft
[2011/11/23 00:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Oberon Media
[2011/04/14 23:04:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Particles
[2011/02/07 22:21:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2011/06/13 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2012/01/08 21:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2010/02/08 22:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros
[2010/04/30 16:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Redrum
[2011/02/06 18:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011/06/01 21:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rionix
[2010/07/28 21:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2010/11/08 19:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RVLGames
[2011/11/25 22:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2011/05/22 17:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2010/10/05 16:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2011/06/12 02:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SulusGames
[2011/10/20 22:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2010/10/30 12:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Game Equation
[2010/01/31 09:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Mirror Mysteries
[2010/07/19 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Toolbar4
[2009/08/19 05:06:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2009/12/27 09:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\.BitTornado
[2010/12/16 04:37:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\3Stars
[2010/04/08 01:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Absolutist
[2010/01/19 13:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\acccore
[2010/10/25 15:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Aerohills
[2012/01/23 22:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Alawar
[2012/02/06 22:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Alawar Entertainment
[2010/10/16 12:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\AlawarSouthpoint
[2011/06/12 02:17:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\AlderGames
[2010/10/04 08:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Artifex Mundi
[2010/03/21 16:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Artogon
[2010/03/15 20:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Aveyond 3
[2011/01/24 19:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Aveyond II
[2010/10/25 23:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Awem
[2011/12/01 22:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Azureus
[2011/05/22 15:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Big Finish
[2010/10/03 17:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Big Fish Games
[2012/01/09 00:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Blue Tea Games
[2010/06/24 21:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Boolat Games
[2010/10/28 21:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Brawsome
[2010/09/28 02:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Casual Mechanics
[2010/04/24 14:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\ChaYoWo Games
[2010/09/06 14:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\CobiMobi
[2011/04/22 00:09:00 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Michele\Application Data\CrystalSpace
[2011/10/16 22:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Daedalic Entertainment
[2010/03/12 00:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\DarkParablesBriarRose_BFG
[2010/12/22 20:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Dawn's Light
[2011/06/10 02:46:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\dingogames
[2010/04/27 17:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\DivoGames
[2010/05/12 14:12:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Dragon Altar Games
[2009/12/27 10:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\EcoRescue
[2010/03/21 21:07:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\ElementalsTheMagicKey
[2011/10/18 23:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Elephant Games
[2010/09/20 08:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Enki Games
[2010/08/26 16:20:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Enlightenus2_BFG
[2010/06/08 19:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\ERS G-Studio
[2010/10/29 00:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\ERS Game Studios
[2011/05/07 00:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\EternalEden
[2011/02/07 20:15:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Ethereal Darkness Interactive
[2011/12/07 00:21:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\FALCOM
[2010/10/15 06:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Flood Light Games
[2010/10/03 02:57:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Floodlight Games
[2010/10/03 05:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\FlyWheelGames
[2010/09/20 05:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Freeze Tag
[2010/09/30 02:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Friday's games
[2010/04/28 20:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Fugazo
[2010/09/05 16:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\FussyLogic
[2010/04/29 20:50:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Game Mill Entertainment
[2010/10/22 21:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\GameHouse
[2011/06/15 01:49:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\GameInvest
[2010/04/04 18:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\GameMill Entertainment
[2010/09/22 19:36:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Gamers Digital
[2010/02/11 12:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Games
[2010/09/05 13:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\GamesCafe
[2010/06/05 06:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Gestalt Games
[2010/09/07 02:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Ghost Ship Studios
[2010/03/31 20:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\GOA
[2010/10/14 01:12:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\gtk-2.0
[2010/03/02 01:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\GTM_Bodie
[2011/10/18 01:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Harmonic Flow
[2011/06/07 15:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\HdO Adventure
[2010/09/06 05:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Hidato
[2010/12/03 02:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\HillStoneAnimationStudios
[2010/06/05 05:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\HiT-MM
[2011/07/19 12:11:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Image Zone Express
[2010/06/17 04:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\InterVideo
[2010/11/10 19:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\iWin
[2010/10/19 13:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Jetdogs Studios
[2010/04/22 20:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\JoyBits
[2012/02/09 06:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\KatGames
[2010/09/28 01:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\KingArthur
[2011/01/15 20:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\LaxiusForceII_Saves
[2010/06/16 01:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Lazy Turtle Games
[2010/12/25 18:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Leadertech
[2012/02/06 04:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Leahs_Tale
[2012/01/08 16:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\LegacyInteractive
[2011/08/16 17:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Lilly and Sasha
[2009/12/27 00:08:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Little Games Company
[2010/04/26 19:15:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Little Noir Stories
[2010/11/04 04:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Ludia
[2010/11/05 03:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\MA2
[2010/11/02 12:22:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\MAI
[2010/12/25 23:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Memeo
[2011/01/20 04:36:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Meridian93
[2010/02/16 01:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Merscom
[2011/01/18 01:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Millennium_Saves
[2010/11/05 22:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\MM3_Saves
[2011/05/27 03:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\MumboJumbo
[2010/09/30 17:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Mutant Arcade
[2010/11/05 21:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Mystery of Mortlake Mansion
[2010/03/20 16:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\MysteryStudio
[2010/05/21 23:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Namco
[2010/04/16 01:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Nevosoft
[2010/12/14 23:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\OpenOffice.org
[2012/02/09 15:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Orneon
[2010/09/23 03:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\OtherSide Realm of Eons
[2010/03/27 23:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Peace Craft
[2010/10/16 06:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\perfect future studio
[2010/06/22 01:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Ph03nixNewMedia
[2011/06/13 21:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\PlayFirst
[2010/10/19 18:27:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\PlayPond
[2010/02/08 22:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\PoBros
[2011/08/16 04:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\PriceGong
[2010/06/06 11:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Private Moon Studios
[2010/11/09 01:59:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\QB9
[2010/09/06 15:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\quickclick
[2010/04/19 03:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Reflexivev1002
[2011/02/15 22:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\RenPy
[2011/12/05 23:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Rovio
[2010/10/04 19:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Sahmon Games
[2010/12/25 18:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Seagate
[2010/03/19 22:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\SerpentOfIsis
[2010/04/04 23:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Settlement. Colossus
[2010/06/05 10:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\SevenSails
[2010/03/24 20:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Silverback Productions
[2010/05/06 18:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Skunk Studios
[2011/11/28 21:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Snip-It Pro
[2010/10/21 20:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Specialbit
[2010/12/10 21:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\SpinTop Games
[2010/03/09 21:07:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\SprillRichiEng
[2011/06/12 02:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\SulusGames
[2011/06/07 21:34:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Sylia_Saves
[2010/09/28 08:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Ten Heavens
[2011/06/07 15:51:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Teyon
[2010/11/17 09:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\The Path
[2010/11/06 01:31:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\ThreeDays2
[2010/07/19 23:13:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\TikisLab
[2011/11/14 22:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\To the Moon - Freebird Games
[2010/09/28 01:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\TOMI2.THE GATES OF FATE
[2011/06/01 17:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\TrickySoftware
[2010/04/05 16:48:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Trillian
[2010/10/27 13:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Ubisoft
[2011/11/24 16:11:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Update
[2012/02/09 21:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\uTorrent
[2010/06/04 23:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\VampireSaga
[2011/03/07 03:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Vastar
[2011/03/07 03:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Vastar - Strategy Guide
[2011/03/22 14:37:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\VBA-M
[2010/04/26 13:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\VendelGAMES
[2010/01/18 18:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Virtual City
[2010/03/30 02:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Virtual Prophecy
[2010/09/29 21:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Vogat Interactive
[2010/09/21 01:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Whisper of a Rose Saves
[2011/06/10 06:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\WhiteBirdsProductions
[2011/06/04 01:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\Windows Search
[2010/12/03 07:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\World-LooM
[2010/09/14 14:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele\Application Data\YoudaGames
[2012/02/10 07:44:23 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012/02/08 02:04:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012/02/10 07:45:44 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/01/13 08:00:16 | 000,000,528 | ---- | M] () -- C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/10 07:40:54 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2012/02/10 16:02:48 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 159 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:1604D047
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:A6D6E537
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:058A7351
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:4B244549
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:EA1919C7
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:409D7106
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:18BFD8F8
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:8DD20B4A
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:5B4686D7
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:5B049A42
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:FA1999D1
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:107ABE61
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:2F1D743F
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:774A0E14
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:F52A6209
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:6FD3C973
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:3807D082
< End of report >