Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

virus scanner coming up with rootkits ? [Closed]


  • This topic is locked This topic is locked

#1
nan77

nan77

    New Member

  • Member
  • Pip
  • 1 posts
Hi Im Not sure if i have a problem are not my virus scanner just came back with this :

"";"C:\WINDOWS\system32\drivers\Teefer.sys";"tcpip.sys, hooked import NDIS.SYS NdisCloseAdapter -> Teefer.sys +0x9C70";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\Teefer.sys";"tcpip.sys, hooked import NDIS.SYS NdisOpenAdapter -> Teefer.sys +0x9BD0";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\Teefer.sys";"tcpip.sys, hooked import NDIS.SYS NdisRegisterProtocol -> Teefer.sys +0x98E0";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\wpsdrvnt.sys";"IRP hook, \Driver\Tcpip IRP_MJ_CREATE -> wpsdrvnt.sys +0x1220";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\wpsdrvnt.sys";"IRP hook, \Driver\Tcpip IRP_MJ_CLOSE -> wpsdrvnt.sys +0x1480";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\wpsdrvnt.sys";"IRP hook, \Driver\Tcpip IRP_MJ_DEVICE_CONTROL -> wpsdrvnt.sys +0x15A0";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\wpsdrvnt.sys";"IRP hook, \Driver\Tcpip IRP_MJ_INTERNAL_DEVICE_CONTROL -> wpsdrvnt.sys +0x15D0";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\wpsdrvnt.sys";"Service function NtAllocateVirtualMemory hook -> wpsdrvnt.sys +0x2B30";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\wpsdrvnt.sys";"Service function NtCreateThread hook -> wpsdrvnt.sys +0x26F0";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\wpsdrvnt.sys";"Service function NtMapViewOfSection hook -> wpsdrvnt.sys +0x2470";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\wpsdrvnt.sys";"Service function NtProtectVirtualMemory hook -> wpsdrvnt.sys +0x2C50";"Object is hidden"
"";"C:\WINDOWS\system32\drivers\wpsdrvnt.sys";"Service function NtShutdownSystem hook -> wpsdrvnt.sys +0x2990";"Object is hidden"

what does this mean I have look up some of it.I found that some of the programs like my firewall has this so im not sure if this is bad are what could some one please help me out to let me know if my system is ok ??



heres the oldtimer scan




OTL logfile created on: 6/6/2012 11:29:12 PM - Run 1
OTL by OldTimer - Version 3.2.46.2 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.49 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 77.47% Memory free
5.33 Gb Paging File | 4.60 Gb Available in Paging File | 86.30% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 36.12 Gb Free Space | 48.48% Space Free | Partition Type: NTFS

Computer Name: USER-361BE93A76 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/06 23:12:20 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2012/05/10 14:06:43 | 000,932,736 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
PRC - [2012/05/10 14:06:42 | 001,116,544 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/04/30 11:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/19 06:51:54 | 001,254,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 07:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 07:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 06:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 06:53:14 | 000,758,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/02/14 06:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/11/16 23:00:06 | 002,221,712 | ---- | M] (AdFender, Inc.) -- C:\Program Files\AdFender\AdFender.exe
PRC - [2008/04/14 07:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/28 12:00:00 | 000,531,272 | ---- | M] (Corel, Inc.) -- C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2007/06/05 15:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2004/10/15 21:40:56 | 002,577,632 | ---- | M] (Sygate Technologies, Inc.) -- C:\Program Files\Sygate\SPF\Smc.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/10 14:06:44 | 000,130,944 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\SiteSafety.dll
MOD - [2012/05/10 14:06:43 | 000,932,736 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
MOD - [2012/05/10 14:06:42 | 002,067,328 | ---- | M] () -- C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
MOD - [2012/05/10 14:06:42 | 001,116,544 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2007/06/05 15:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2004/10/15 20:32:20 | 001,385,712 | ---- | M] () -- C:\Program Files\Sygate\SPF\tse.dll
MOD - [2004/10/15 20:32:18 | 000,832,744 | ---- | M] () -- C:\Program Files\Sygate\SPF\SyLink.dll
MOD - [2004/10/15 20:32:12 | 000,890,088 | ---- | M] () -- C:\Program Files\Sygate\SPF\SpNet.dll
MOD - [2001/03/02 14:02:04 | 000,037,808 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/15 13:09:18 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/10 14:06:43 | 000,932,736 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- (vToolbarUpdater11.0.2)
SRV - [2012/05/03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/30 11:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/02/14 06:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2008/04/14 07:42:30 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/14 07:42:30 | 000,111,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/14 07:42:16 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/14 07:42:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/14 07:41:58 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/14 07:41:50 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/06/05 15:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2004/10/15 21:40:56 | 002,577,632 | ---- | M] (Sygate Technologies, Inc.) [Auto | Running] -- C:\Program Files\Sygate\SPF\Smc.exe -- (SmcService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/04/19 06:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 07:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 07:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 06:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 15:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 15:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 15:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 15:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2008/04/14 02:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/14 02:14:50 | 000,799,744 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/14 02:14:48 | 000,153,344 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/14 02:06:44 | 000,120,192 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/14 02:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2005/03/17 18:30:10 | 000,132,608 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/10/15 20:32:44 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wg6n.sys -- (wg6n)
DRV - [2004/10/15 20:32:42 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wg5n.sys -- (wg5n)
DRV - [2004/10/15 20:32:40 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wg4n.sys -- (wg4n)
DRV - [2004/10/15 20:32:38 | 000,014,568 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wg3n.sys -- (wg3n)
DRV - [2004/10/15 20:18:46 | 000,021,075 | ---- | M] (Sygate Technologies, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys -- (wpsdrvnt)
DRV - [2004/10/15 20:17:02 | 000,060,496 | ---- | M] (Sygate Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\Teefer.sys -- (Teefer)
DRV - [2004/09/17 11:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/07/16 15:27:04 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2003/07/16 15:25:07 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2003/07/16 15:23:47 | 000,011,648 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-05-10 12:06:45&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/05/30 10:33:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/10 14:05:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.0.0.9\ [2012/05/10 14:06:51 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2003/07/16 15:29:34 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [SmcService] C:\Program Files\Sygate\SPF\Smc.exe (Sygate Technologies, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AdFender.lnk = C:\Program Files\AdFender\AdFender.exe (AdFender, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1336674228187 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1336674221328 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2108937-217A-46A6-9371-C71390EDF7ED}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/05/10 13:02:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/06 23:12:20 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/06/06 20:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\mega
[2012/06/06 02:25:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Flower Shop Big City Break
[2012/06/06 02:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\Flower Shop Big City Break
[2012/06/06 02:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade
[2012/06/04 18:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\bingo stuff
[2012/06/04 00:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\my masks
[2012/06/02 12:50:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/06/02 12:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/06/02 12:50:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/06/02 12:40:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/06/02 12:40:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Skype
[2012/06/02 12:40:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012/05/31 21:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinZip
[2012/05/31 21:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2012/05/31 21:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2012/05/31 18:12:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2012/05/31 18:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/30 10:33:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2012/05/27 20:31:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2012/05/27 20:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2012/05/27 20:29:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Delicious 7. Emily's True Love. Premium Edition
[2012/05/27 20:28:47 | 000,000,000 | ---D | C] -- C:\Program Files\Delicious 7. Emily's True Love. Premium Edition
[2012/05/27 20:16:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Operation Mania
[2012/05/27 20:16:03 | 000,000,000 | ---D | C] -- C:\Program Files\Operation Mania
[2012/05/27 19:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\games
[2012/05/27 19:18:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\games 2012
[2012/05/27 14:08:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\system info
[2012/05/27 13:36:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012/05/24 17:43:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AMPSoft
[2012/05/24 17:31:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Plugins
[2012/05/24 12:18:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\New Folder
[2012/05/24 12:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Autofx Mystical Tint Tone and Color Suite v1.06 For Photoshop - (Malestrom)
[2012/05/24 11:00:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\WALLPAPER
[2012/05/24 09:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\my fonts
[2012/05/24 00:44:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\InstaCodecs
[2012/05/24 00:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\InstaCodecs
[2012/05/23 23:49:52 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012/05/23 23:49:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DivX
[2012/05/23 23:16:23 | 002,002,320 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HousecallLauncher.exe
[2012/05/21 22:32:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Videos
[2012/05/21 22:32:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2012/05/21 20:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\plugins
[2012/05/20 22:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PowerArchiver 2001
[2012/05/20 22:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\PowerArchiver
[2012/05/20 20:50:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\mask
[2012/05/20 20:27:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Desktop\IMSO LESSONS
[2012/05/19 22:50:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\scripts
[2012/05/19 22:05:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\tuts2012
[2012/05/19 19:56:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\applications
[2012/05/19 16:02:46 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\My Documents\My Web Sites
[2012/05/19 15:33:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Identities
[2012/05/17 14:48:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\fonts-2012 may
[2012/05/16 22:36:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\my_tags
[2012/05/16 22:34:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\IMSTATOFMIND
[2012/05/16 22:31:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2012/05/16 22:29:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Cake Mania 5 Lights Camera Action Pheonix RG
[2012/05/16 22:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\bigup16 & Pheonix RG
[2012/05/16 21:59:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\vip
[2012/05/16 21:54:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\ArcSoft
[2012/05/16 21:53:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft TotalMedia Backup
[2012/05/16 21:53:37 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL
[2012/05/16 21:53:37 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2012/05/16 21:11:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\ACTIVATON SOFTWARE
[2012/05/16 21:01:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Corel Paint Shop Pro Photo X2
[2012/05/16 21:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2012/05/16 18:47:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My Corel Shows
[2012/05/16 18:47:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Corel
[2012/05/16 18:46:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Corel
[2012/05/16 18:46:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My PSP Files
[2012/05/16 18:46:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Corel
[2012/05/16 18:30:20 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2012/05/16 18:27:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\InstallShield
[2012/05/16 18:22:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Profiles
[2012/05/16 18:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\My eBooks
[2012/05/16 18:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\InterTrust
[2012/05/16 18:22:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2012/05/16 18:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/05/16 18:22:23 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/05/16 18:18:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Jasc Software
[2012/05/16 18:16:13 | 000,000,000 | ---D | C] -- C:\Program Files\Jasc Software Inc
[2012/05/16 16:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\DVDFab
[2012/05/16 16:45:48 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Owner\Application Data\pcouffin.sys
[2012/05/16 16:45:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Vso
[2012/05/16 16:45:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DVDFab Platinum
[2012/05/16 16:45:45 | 000,000,000 | ---D | C] -- C:\Program Files\DVDFab Platinum 3
[2012/05/16 15:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\pswd
[2012/05/16 12:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\my tubes 2012
[2012/05/16 11:58:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IM
[2012/05/16 11:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\IncrediMail
[2012/05/16 11:51:30 | 000,000,000 | ---D | C] -- C:\Program Files\IncrediMail
[2012/05/16 11:51:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2012/05/16 11:51:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\IM
[2012/05/16 11:28:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\icred
[2012/05/16 10:39:51 | 000,073,728 | ---- | C] (none) -- C:\Documents and Settings\Owner\My Documents\EZEOT123.exe
[2012/05/15 21:20:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Desktop\stationery tools
[2012/05/15 18:30:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinAce
[2012/05/15 18:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinAce
[2012/05/15 17:03:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/05/15 17:03:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2012/05/15 16:59:36 | 000,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg6n.sys
[2012/05/15 16:59:35 | 000,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg5n.sys
[2012/05/15 16:59:35 | 000,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg4n.sys
[2012/05/15 16:59:34 | 000,060,496 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\Teefer.sys
[2012/05/15 16:59:34 | 000,014,568 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wg3n.sys
[2012/05/15 16:59:33 | 000,021,075 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\drivers\wpsdrvnt.sys
[2012/05/15 16:59:28 | 000,083,096 | ---- | C] (Sygate Technologies, Inc.) -- C:\WINDOWS\System32\SSSensor.dll
[2012/05/15 16:59:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sygate Personal Firewall
[2012/05/15 16:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Sygate
[2012/05/15 16:39:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\WINACE
[2012/05/15 16:29:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\SYGATE
[2012/05/15 15:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Pluginsz
[2012/05/15 15:12:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\pluginsnew2011
[2012/05/15 15:10:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\pluginsbees
[2012/05/15 15:08:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\plugins_filters
[2012/05/15 14:47:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\PLUGINS2011
[2012/05/15 14:47:28 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\plugins1
[2012/05/15 14:46:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\plugins
[2012/05/15 14:37:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\stationery tools
[2012/05/15 14:22:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\weft directory
[2012/05/15 13:40:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2012/05/15 13:40:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2012/05/15 13:40:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/05/15 13:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/05/15 13:19:10 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/05/15 13:14:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2012/05/15 13:13:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Gardening
[2012/05/15 13:11:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\vlc
[2012/05/15 13:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
[2012/05/15 13:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012/05/15 13:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\AdFender
[2012/05/15 13:08:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AdFender
[2012/05/15 13:08:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AdFender
[2012/05/15 13:08:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AdFender
[2012/05/15 13:07:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Unzipped
[2012/05/15 12:38:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2012/05/10 14:36:34 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/05/10 14:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2012/05/10 14:32:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2012/05/10 14:32:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2012/05/10 14:17:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.4
[2012/05/10 14:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012/05/10 14:08:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG2012
[2012/05/10 14:06:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\AVG Secure Search
[2012/05/10 14:06:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG Secure Search
[2012/05/10 14:06:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/05/10 14:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/05/10 14:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/05/10 14:06:12 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/05/10 14:05:52 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/05/10 14:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/05/10 14:05:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2012/05/10 14:05:33 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/05/10 14:04:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/05/10 14:02:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2012/05/10 14:02:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2012/05/10 14:02:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2012/05/10 13:58:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2012/05/10 13:45:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/05/10 13:44:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012/05/10 13:44:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/05/10 13:26:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2012/05/10 13:26:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2012/05/10 13:24:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012/05/10 13:23:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\UserData
[2012/05/10 13:22:54 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012/05/10 13:19:04 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2012/05/10 13:19:04 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012/05/10 13:19:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar
[2012/05/10 13:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2012/05/10 13:15:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012/05/10 13:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/05/10 13:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2012/05/10 13:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012/05/10 13:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Identities
[2012/05/10 13:11:54 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2012/05/10 13:11:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2012/05/10 13:11:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2012/05/10 13:11:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2012/05/10 13:11:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2012/05/10 13:11:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2012/05/10 13:11:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2012/05/10 13:11:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2012/05/10 13:11:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2012/05/10 13:11:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2012/05/10 13:11:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2012/05/10 13:11:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2012/05/10 13:11:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\Cookies
[2012/05/10 13:11:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Templates
[2012/05/10 13:11:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\PrintHood
[2012/05/10 13:11:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\NetHood
[2012/05/10 13:11:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Local Settings
[2012/05/10 13:11:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/05/10 13:11:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft
[2012/05/10 13:11:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop
[2012/05/10 13:11:43 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012/05/10 13:11:42 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2012/05/10 13:11:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2012/05/10 13:05:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2012/05/10 13:05:11 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2012/05/10 13:03:49 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/05/10 13:03:49 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/05/10 13:03:49 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/05/10 13:02:57 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/05/10 13:02:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012/05/10 13:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012/05/10 13:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012/05/10 13:02:36 | 000,000,000 | ---D | C] -- C:\DELL
[2012/05/10 13:01:40 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2012/05/10 13:01:31 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012/05/10 13:01:31 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012/05/10 13:01:21 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012/05/10 13:01:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012/05/10 13:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2012/05/10 13:00:45 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012/05/10 13:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2012/05/10 13:00:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012/05/10 13:00:34 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2012/05/10 13:00:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012/05/10 13:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2012/05/10 13:00:07 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2012/05/10 13:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2012/05/10 13:00:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2012/05/10 13:00:00 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2012/05/10 12:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012/05/10 12:59:43 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2012/05/10 12:59:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012/05/10 12:59:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2012/05/10 12:59:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2012/05/10 12:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2012/05/10 12:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2012/05/10 12:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012/05/10 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2012/05/10 12:58:34 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2012/05/10 12:58:34 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2012/05/10 12:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2012/05/10 12:58:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2012/05/10 12:58:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012/05/10 12:58:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012/05/10 12:57:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2012/05/10 05:55:02 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012/05/10 05:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2012/05/10 05:54:58 | 000,000,000 | R--D | C] -- C:\Program Files
[2012/05/10 05:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2012/05/10 05:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2012/05/10 05:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2012/05/10 05:54:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2012/05/10 05:54:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2012/05/10 05:54:35 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2012/05/10 05:54:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2012/05/10 05:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2012/05/10 05:54:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2012/05/10 05:54:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012/05/10 05:54:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012/05/10 05:54:18 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2012/05/10 05:54:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2012/05/10 05:53:57 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/05/10 05:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2012/05/10 05:49:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/05/10 05:49:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/05/10 05:49:17 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012/05/10 05:49:17 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012/05/10 05:49:17 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012/05/10 05:49:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012/05/10 05:49:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/06 23:17:23 | 099,900,957 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/06/06 23:16:32 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EFCF872C-64B4-497E-8C82-DD1DAA91DDFA}.job
[2012/06/06 23:12:20 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2012/06/06 23:05:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/06 21:55:16 | 000,001,540 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\census.cache
[2012/06/06 21:55:16 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\ars.cache
[2012/06/06 21:02:26 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\housecall.guid.cache
[2012/06/06 11:05:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/06 02:30:43 | 000,004,096 | ---- | M] () -- C:\WINDOWS\d3dx.dat
[2012/06/06 02:25:26 | 000,000,818 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Flower Shop Big City Break.lnk
[2012/06/03 23:06:41 | 000,000,848 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012/06/03 22:09:13 | 000,000,409 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\- Flash Bingo.url
[2012/06/02 17:23:13 | 000,101,101 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/06/02 12:50:10 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/05/30 10:33:36 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/05/28 18:06:46 | 000,001,079 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to GHDeliciousEmilysTrueLovePremium.lnk
[2012/05/27 14:15:49 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/05/24 17:32:24 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Paint Shop Pro 7.lnk
[2012/05/23 15:49:15 | 000,034,814 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\dt.dat
[2012/05/20 22:54:29 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\PowerArchiver.lnk
[2012/05/20 20:49:19 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\VLC media player.lnk
[2012/05/20 20:47:29 | 000,002,057 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Corel Paint Shop Pro Photo X2 (2).lnk
[2012/05/20 20:47:15 | 000,000,882 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Acrobat Reader 5.0.lnk
[2012/05/19 22:26:18 | 000,089,413 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\small_circle_up_top_tb_ftu_tutorial_by_april_hunt_acfc.odt
[2012/05/19 15:45:42 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012/05/17 07:29:40 | 000,314,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/17 07:29:40 | 000,040,836 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/16 22:29:30 | 000,001,346 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Cake Mania 5 Lights Camera Action.lnk
[2012/05/16 21:07:49 | 000,000,088 | RHS- | M] () -- C:\WINDOWS\System32\85B36635FB.sys
[2012/05/16 21:01:26 | 000,002,075 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Corel Paint Shop Pro Photo X2.lnk
[2012/05/16 16:47:24 | 000,130,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/16 16:45:48 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\ezpinst.exe
[2012/05/16 16:45:48 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Owner\Application Data\pcouffin.sys
[2012/05/16 16:45:48 | 000,007,176 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.cat
[2012/05/16 16:45:48 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.inf
[2012/05/16 14:43:30 | 000,001,667 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Letter Creator (2).lnk
[2012/05/16 12:14:27 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/05/16 11:51:35 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail.lnk
[2012/05/15 13:08:19 | 000,000,716 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AdFender.lnk
[2012/05/15 13:01:46 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\OpenOffice.org 3.4.lnk
[2012/05/15 12:16:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/10 14:59:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/05/10 14:34:27 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/05/10 14:33:58 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/05/10 14:33:58 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/05/10 14:32:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2012/05/10 13:58:39 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/10 13:12:08 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/05/10 13:05:14 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012/05/10 13:04:14 | 000,000,266 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/05/10 13:02:30 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/05/10 13:02:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/05/10 13:02:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/05/10 13:02:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012/05/10 13:02:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/05/10 13:02:27 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/05/10 13:02:17 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/05/10 12:59:58 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/05/10 05:55:06 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/06 23:17:23 | 099,900,957 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/06/06 21:23:33 | 000,001,540 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\census.cache
[2012/06/06 21:23:33 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\ars.cache
[2012/06/06 21:02:26 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\housecall.guid.cache
[2012/06/06 02:30:43 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2012/06/06 02:25:26 | 000,000,818 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Flower Shop Big City Break.lnk
[2012/06/03 22:09:13 | 000,000,409 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\- Flash Bingo.url
[2012/06/02 17:23:13 | 000,101,101 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/06/02 12:50:10 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/05/28 18:06:46 | 000,001,079 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Shortcut to GHDeliciousEmilysTrueLovePremium.lnk
[2012/05/27 14:49:13 | 000,000,848 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012/05/24 10:59:15 | 000,108,038 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\DC-WindSwept1.psp
[2012/05/24 00:44:28 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012/05/23 15:49:15 | 000,034,814 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\dt.dat
[2012/05/21 20:06:31 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLX
[2012/05/21 20:06:31 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2012/05/21 20:06:31 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\icmfilter.dll
[2012/05/20 22:54:29 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\PowerArchiver.lnk
[2012/05/20 20:49:19 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\VLC media player.lnk
[2012/05/20 20:47:57 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Paint Shop Pro 7.lnk
[2012/05/20 20:47:29 | 000,002,057 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Corel Paint Shop Pro Photo X2 (2).lnk
[2012/05/20 20:47:15 | 000,000,882 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Acrobat Reader 5.0.lnk
[2012/05/19 22:26:17 | 000,089,413 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\small_circle_up_top_tb_ftu_tutorial_by_april_hunt_acfc.odt
[2012/05/16 22:29:30 | 000,001,346 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Cake Mania 5 Lights Camera Action.lnk
[2012/05/16 21:01:26 | 000,002,075 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Corel Paint Shop Pro Photo X2.lnk
[2012/05/16 18:47:06 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\85B36635FB.sys
[2012/05/16 18:22:28 | 000,000,888 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat Reader 5.0.lnk
[2012/05/16 16:46:13 | 000,000,173 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\DVD Fab Key.DVDFabPlatinum
[2012/05/16 16:45:48 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\ezpinst.exe
[2012/05/16 16:45:48 | 000,007,176 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.cat
[2012/05/16 16:45:48 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\pcouffin.inf
[2012/05/16 14:43:30 | 000,001,667 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Letter Creator (2).lnk
[2012/05/16 12:14:27 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/05/16 11:51:35 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\IncrediMail.lnk
[2012/05/16 11:51:35 | 000,001,652 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\IncrediMail.lnk
[2012/05/15 13:40:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012/05/15 13:09:19 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/15 13:08:19 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AdFender.lnk
[2012/05/15 13:01:46 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\OpenOffice.org 3.4.lnk
[2012/05/15 12:38:42 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EFCF872C-64B4-497E-8C82-DD1DAA91DDFA}.job
[2012/05/10 14:34:27 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/05/10 14:32:35 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2012/05/10 14:06:55 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2012/05/10 13:34:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/05/10 13:34:27 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/05/10 13:12:08 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/05/10 13:11:57 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2012/05/10 13:11:54 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/10 13:11:54 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2012/05/10 13:11:45 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Remote Assistance.lnk
[2012/05/10 13:11:45 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2012/05/10 13:05:14 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012/05/10 13:04:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/05/10 13:03:44 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/05/10 13:03:33 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/05/10 13:03:27 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/05/10 13:03:26 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/05/10 13:03:25 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/05/10 13:03:16 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/05/10 13:03:11 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/05/10 13:03:08 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/05/10 13:03:00 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/05/10 13:02:30 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/05/10 13:02:30 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/05/10 13:02:30 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/05/10 13:02:30 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012/05/10 13:02:30 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012/05/10 13:02:26 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/05/10 13:02:26 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/05/10 13:02:25 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012/05/10 13:01:20 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/05/10 13:01:09 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012/05/10 13:00:55 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012/05/10 13:00:55 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012/05/10 13:00:49 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012/05/10 13:00:15 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2012/05/10 12:59:58 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/05/10 12:59:18 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/05/10 12:59:16 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/05/10 12:58:55 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2012/05/10 12:58:54 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2012/05/10 12:58:54 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2012/05/10 12:58:54 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2012/05/10 12:58:54 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2012/05/10 12:58:54 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2012/05/10 12:58:54 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2012/05/10 12:58:54 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2012/05/10 12:58:54 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2012/05/10 12:58:54 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2012/05/10 12:58:54 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2012/05/10 12:58:51 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012/05/10 12:58:51 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012/05/10 12:58:50 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012/05/10 12:58:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2012/05/10 05:55:06 | 000,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2012/05/10 05:55:04 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/05/10 05:55:01 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/05/10 05:54:59 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012/05/10 05:54:59 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012/05/10 05:54:59 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012/05/10 05:54:58 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012/05/10 05:54:44 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012/05/10 05:54:34 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/05/10 05:54:34 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/05/10 05:54:34 | 000,171,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2012/05/10 05:54:34 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/05/10 05:54:34 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/05/10 05:54:34 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/05/10 05:54:34 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/05/10 05:54:34 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/05/10 05:54:34 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/05/10 05:54:34 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/05/10 05:54:34 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/05/10 05:54:34 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/05/10 05:54:34 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012/05/10 05:54:34 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/05/10 05:54:33 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/05/10 05:54:33 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2012/05/10 05:54:33 | 000,402,264 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/05/10 05:53:56 | 000,130,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/10 05:52:45 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012/05/10 05:52:42 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

========== LOP Check ==========

[2012/05/15 13:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AdFender
[2012/05/10 14:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/05/10 14:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2012/06/02 12:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/05/10 14:06:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/05/27 20:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2012/05/16 11:58:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IM
[2012/05/16 11:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IncrediMail
[2012/06/06 23:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2012/05/16 22:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2012/05/31 21:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2012/05/24 17:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AMPSoft
[2012/05/10 14:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG Secure Search
[2012/05/10 14:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG2012
[2012/05/16 18:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterTrust
[2012/05/15 13:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\OpenOffice.org
[2012/05/16 16:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Vso
[2012/06/06 23:16:32 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{EFCF872C-64B4-497E-8C82-DD1DAA91DDFA}.job

========== Purity Check ==========



< End of report >

Edited by nan77, 06 June 2012 - 10:58 PM.

  • 0

Advertisements


#2
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Hi and welcome to Geeks to Go. :)

Your presently installed Anti-Virus is creating false positive detections against the Software Firewall you have installed and active, namely Sygate Personal Firewall.

If not aware Sygate was bought out by Symantec a good few years back now and the technology incorporated into their products etc. Anyway the aforementioned is badly out of date now and considered a security risk, so my advice would be to uninstall that as follows...

Next:

Now please go to Start >> Control Panel >> Add/Remove Programs and remove the following (if present):

Sygate Personal Firewall

To do so, click once on each of the above in turn to highlight and then click on the Remove button. Follow the prompts and reboot your machine if not prompted to do so.

Next:

If you wish to reinstall a new Software Firewall, the below is suitable replacement for a XP system...

Online Armor Firewall

Or if you opt not to since it appears you are using a Router also(which will have a Hardware Firewall incorporated) ensure you reset the in-built XP Firewall as follows(only do this if you decide not to install a new Software Firewall)...

Reset SP3 Firewall:

Click on Start >> Run... and cut/paste in the following and click on OK
firewall.cpl
Click on the Advanced tab >> Restore Defaults >> At the prompt click on Yes >> OK

Now click on the General tab >> select On(recommended) >> OK.

Check your third party software is upto date:

Via the Secunia Online Software Inspector

Next:

This is a very helpful/useful set of advice from Microsoft: Microsoft Safety & Security Center

Any questions? Feel free to ask, if not stay safe!
  • 0

#3
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,665 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP