Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

No internet IE or FF & computer search has blank page [Solved]


  • This topic is locked This topic is locked

#1
edhalfdead

edhalfdead

    Member

  • Member
  • PipPip
  • 89 posts
My roommates Dell Vostro 200 can not connect with the internet. The local connection shows a strong signal but there are no packets in or out. This started Saturday morning when she noticed a X thru the Avast icon. When she clicked the icon a box came up stating that her subscription had run out.
well here is the OTL log...Sorry I'm tired...

OTL logfile created on: 6/10/2012 9:26:39 PM - Run 3
OTL by OldTimer - Version 3.2.42.2 Folder = F:\Documents and Settings\Bubbles2000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.49% Memory free
3.84 Gb Paging File | 3.05 Gb Available in Paging File | 79.57% Paging File free
Paging file location(s): F:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 6.36 Gb Total Space | 1.49 Gb Free Space | 23.42% Space Free | Partition Type: NTFS
Drive D: | 1397.26 Gb Total Space | 1309.37 Gb Free Space | 93.71% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 62.19 Gb Free Space | 41.73% Space Free | Partition Type: NTFS
Drive F: | 68.11 Gb Total Space | 1.75 Gb Free Space | 2.57% Space Free | Partition Type: NTFS

Computer Name: GARGOYLE2 | User Name: Bubbles2000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/24 11:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- F:\Documents and Settings\Bubbles2000\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/05/14 04:39:49 | 001,816,976 | ---- | M] (Bandoo Media, inc) -- F:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2012/05/02 19:19:06 | 000,595,456 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
PRC - [2012/03/21 21:14:58 | 000,918,880 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012/03/21 21:14:53 | 000,982,880 | ---- | M] () -- F:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/03/06 17:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- F:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/03 21:42:56 | 016,575,824 | ---- | M] (Comfort Software Group) -- F:\Program Files\HotAlarmClock\HotAlarmClock.exe
PRC - [2011/12/01 13:24:20 | 002,624,512 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2011/11/26 00:54:53 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- F:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/26 19:15:36 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- F:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/09/16 16:10:50 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- F:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2011/07/29 13:45:56 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/04/28 13:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2011/04/23 20:02:19 | 000,536,576 | ---- | M] () -- F:\Program Files\Nwmao\Rlkkhgs.exe
PRC - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2009/11/10 15:41:14 | 000,036,864 | ---- | M] (MAXA Research Int'l Inc.) -- F:\Program Files\MAXA Security Tools\Lock\tray.exe
PRC - [2009/09/24 18:41:40 | 000,933,888 | ---- | M] (Silicon Motion) -- F:\Program Files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/07/21 12:59:10 | 001,069,056 | ---- | M] (Audiovox Electronics Corp.) -- F:\Documents and Settings\Bubbles2000\My Documents\RCA Detective\RCADetective.exe
PRC - [2008/04/13 21:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/11 03:36:47 | 000,998,400 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/11 03:34:54 | 000,971,264 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/11 03:28:38 | 005,450,752 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/11 03:28:27 | 012,430,848 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\32b169d0703541a18c987bd2dbf9fbd9\System.Windows.Forms.ni.dll
MOD - [2012/05/11 03:28:11 | 001,587,200 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7765146be2fa459c20856ff822f90d1e\System.Drawing.ni.dll
MOD - [2012/05/11 03:26:05 | 007,953,408 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/11 03:25:47 | 011,492,352 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/03/21 21:14:58 | 000,918,880 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
MOD - [2012/03/21 21:14:53 | 000,982,880 | ---- | M] () -- F:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011/12/01 13:24:20 | 002,624,512 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
MOD - [2011/04/23 20:02:19 | 000,536,576 | ---- | M] () -- F:\Program Files\Nwmao\Rlkkhgs.exe
MOD - [2011/04/23 20:02:19 | 000,020,480 | ---- | M] () -- F:\Program Files\Nwmao\a.dll
MOD - [2010/07/04 14:32:38 | 000,010,752 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/07/04 14:32:36 | 000,004,608 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- F:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 17:11:51 | 000,059,904 | ---- | M] () -- F:\WINDOWS\system32\devenum.dll
MOD - [2007/05/07 08:06:02 | 000,128,000 | ---- | M] () -- F:\Program Files\ImageBadger\extib.dll
MOD - [2007/02/14 12:55:11 | 000,165,424 | ---- | M] () -- F:\Program Files\Panda Security\Panda Cloud Antivirus\MiniCrypto.dll
MOD - [2007/02/14 12:55:10 | 000,099,888 | ---- | M] () -- F:\Program Files\Panda Security\Panda Cloud Antivirus\APIcr.dll
MOD - [2005/04/15 14:18:30 | 000,483,328 | ---- | M] () -- F:\WINDOWS\system32\lxcglmpm.dll
MOD - [2005/03/13 11:32:14 | 000,061,440 | ---- | M] () -- F:\Program Files\Lexmark 2300 Series\lxcgcnv4.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (Ql12nses)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/11 06:05:15 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/20 18:19:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/21 21:14:58 | 000,918,880 | ---- | M] () [Auto | Running] -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Disabled | Stopped] -- F:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/03/06 16:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Disabled | Stopped] -- F:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/03/05 15:10:32 | 000,458,008 | ---- | M] (Tanuki Software, Ltd.) [Auto | Stopped] -- C:\ManageEngine\EventLog\bin\wrapper.exe -- (eventloganalyzer)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- F:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/08/13 09:13:32 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- F:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2008/04/13 21:42:12 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 17:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2005/04/15 14:15:30 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- F:\WINDOWS\system32\lxcgcoms.exe -- (lxcg_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\DOCUME~1\BUBBLE~1\LOCALS~1\Temp\vdsdk.sys -- (VDSDK)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/03/06 17:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- F:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 17:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 17:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/03/06 17:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/06 17:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 17:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- F:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 17:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- F:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 16:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/03/06 16:04:25 | 000,112,984 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- F:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012/03/06 16:03:23 | 000,196,440 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- F:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012/03/06 15:44:51 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- F:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2012/01/05 13:10:09 | 000,144,008 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2011/11/30 18:37:24 | 000,112,648 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2011/11/23 09:59:40 | 000,130,312 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2011/10/01 08:30:42 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2011/10/01 08:30:40 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2011/10/01 08:30:38 | 000,209,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2011/10/01 08:30:36 | 000,584,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2011/04/28 12:57:38 | 000,111,688 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2011/04/28 12:57:38 | 000,097,096 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2011/03/18 09:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- F:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010/12/02 18:17:50 | 000,013,696 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\avwebcam.sys -- (AVWEBCAM)
DRV - [2010/07/15 08:44:20 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/07/15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2007/05/02 16:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [1996/04/03 12:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- F:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-03-21 21:15:00&v=10.2.0.3&sap=hp
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001d097dc74a
IE - HKCU\..\SearchScopes\{909D53DD-ED5F-405B-879E-5F5CD26B7C05}: "URL" = http://www.google.co...Terms}&aq=f&oq=
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-03-21 21:15:00&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9B97950D-482C-1D79-568F-FC7B9D40C785}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....erms}&fr=mkg028
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngineURL: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "igoogle.com"
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1
FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:0.2.7
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.3
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:4.11
FF - prefs.js..extensions.enabledItems: [email protected]:0.5.5
FF - prefs.js..extensions.enabledItems: {e8f509f0-b677-11de-8a39-0800200c9a66}:1.12
FF - prefs.js..extensions.enabledItems: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.4.6.20120119024823
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.98.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.6.1.01
FF - prefs.js..extensions.enabledItems: [email protected]:7.0.1426
FF - prefs.js..extensions.enabledItems: [email protected]:10.2.0.3
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.15
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..keyword.URL: "http://isearch.avg.c...5:00&sap=ku&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: F:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: F:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: F:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: F:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: F:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: F:\Program Files\EpicPlay\npEpicHost.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/26 00:55:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: F:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/07 11:31:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: F:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\ [2012/03/21 21:15:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: F:\Program Files\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: F:\Program Files\plugins [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/01 21:38:48 | 000,000,000 | ---D | M]

[2012/05/16 23:46:41 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Extensions
[2012/06/06 14:07:40 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions
[2012/05/02 18:48:13 | 000,000,000 | ---D | M] (FireShot) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012/05/01 21:04:29 | 000,000,000 | ---D | M] (FireShot) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}(2)
[2011/07/18 00:26:50 | 000,000,000 | ---D | M] (Flashblock) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012/05/25 06:22:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/11/20 04:00:12 | 000,000,000 | ---D | M] (NoScript) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
[2012/05/16 23:46:33 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/06/09 07:49:49 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2012/05/02 18:07:56 | 000,000,000 | ---D | M] ("StumbleUpon") -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011/11/11 02:15:52 | 000,000,000 | ---D | M] (gTranslate) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2012/04/24 13:24:25 | 000,000,000 | ---D | M] (DownloadHelper) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/05/02 18:07:59 | 000,000,000 | ---D | M] (DownThemAll!) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/07/07 20:45:06 | 000,000,000 | ---D | M] (Web2PDF converter) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}
[2012/05/02 18:48:16 | 000,000,000 | ---D | M] (FoxLingo) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2012/04/24 13:50:51 | 000,000,000 | ---D | M] (Ant Video Downloader) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected](2).com
[2012/05/02 18:48:08 | 000,000,000 | ---D | M] (DeeperWeb for Google) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/05/13 10:42:49 | 000,000,000 | ---D | M] (Babylon) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/05/02 18:48:17 | 000,000,000 | ---D | M] (Show Me More) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/05/31 18:46:49 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2010/10/17 01:46:49 | 000,002,027 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\searchplugins\google-translate-any--en.xml
[2012/05/16 23:46:12 | 000,002,519 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\searchplugins\Search_Results.xml
[2012/05/22 22:43:07 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions
[2012/03/21 21:15:09 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- F:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AVG SECURE SEARCH\10.2.0.3
[2012/03/07 11:31:20 | 000,000,000 | ---D | M] (avast! WebRep) -- F:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/04/20 18:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- F:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/20 18:18:25 | 000,002,252 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/20 18:18:25 | 000,002,040 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hnhgoncokajlafhnhjmccgcmgggiehjm\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.2_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.2_0\.bak
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\plccnhhjonaiagjelpfkclblmlppjcik\

O1 HOSTS File: ([2012/05/12 03:58:29 | 000,442,053 | R--- | M]) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15215 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - F:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - F:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [*ML] F:\Program Files\MAXA Security Tools\Lock\MAXA-Lock.exe (MAXA Research Int'l Inc.)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] F:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] F:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DATAMNGR] F:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [LogMeIn GUI] F:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MAXA-LockTray] F:\Program Files\MAXA Security Tools\Lock\tray.exe (MAXA Research Int'l Inc.)
O4 - HKLM..\Run: [Odsspo] F:\Program Files\Nwmao\Rlkkhgs.exe ()
O4 - HKLM..\Run: [PSUNMain] F:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [TkBellExe] F:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] F:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [vProt] F:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] F:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
O4 - HKCU..\Run: [*ML] F:\Program Files\MAXA Security Tools\Lock\MAXA-Lock.exe (MAXA Research Int'l Inc.)
O4 - HKCU..\Run: [HotAlarmClock] F:\Program Files\HotAlarmClock\HotAlarmClock.exe (Comfort Software Group)
O4 - HKCU..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\STIMON.lnk = F:\Program Files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe (Silicon Motion)
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\CNET TechTracker.lnk = F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe ()
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\Dropbox.lnk = F:\Documents and Settings\Bubbles2000\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\RCA Detective.lnk = F:\Documents and Settings\Bubbles2000\My Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - F:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (F:\WINDOWS\system32\userinit.exe) - F:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (F:\Program Files\MAXA Security Tools\lock\MAXA-Lock.exe) - F:\Program Files\MAXA Security Tools\Lock\MAXA-Lock.exe (MAXA Research Int'l Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - F:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/20 02:20:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/27 00:03:47 | 000,027,568 | ---- | M] () - E:\autopay_DPA.pdf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/10 20:02:54 | 000,595,456 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
[2012/06/09 23:25:22 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\Panda Security
[2012/06/09 23:23:50 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Panda Cloud Antivirus
[2012/06/09 23:23:26 | 000,000,000 | ---D | C] -- F:\Program Files\Panda Security
[2012/06/09 23:23:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Panda Security
[2012/06/09 11:40:31 | 000,112,984 | ---- | C] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswFW.sys
[2012/06/09 11:40:13 | 000,196,440 | ---- | C] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswNdis2.sys
[2012/06/09 11:40:13 | 000,024,408 | ---- | C] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswKbd.sys
[2012/06/09 11:39:32 | 000,012,112 | ---- | C] (ALWIL Software) -- F:\WINDOWS\System32\drivers\aswNdis.sys
[2012/06/09 11:39:28 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/06/09 07:57:45 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Dropbox
[2012/06/09 07:57:17 | 000,000,000 | ---D | C] -- F:\Program Files\Dropbox
[2012/06/09 06:15:38 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\art2
[2012/06/08 22:36:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\couples
[2012/06/07 04:17:10 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\WindowsPowerShell
[2012/06/07 04:17:07 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\GroupPolicy
[2012/06/07 04:16:43 | 000,000,000 | ---D | C] -- F:\WINDOWS\$968930Uinstall_KB968930$
[2012/06/07 04:10:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\IObit
[2012/06/07 04:10:08 | 000,000,000 | ---D | C] -- F:\Program Files\IObit
[2012/06/04 09:37:27 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\#4 test 4 Ed(2)
[2012/06/04 06:58:15 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\wallpaper
[2012/06/04 03:32:33 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Phone id pics
[2012/06/04 03:04:13 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\neat things
[2012/06/04 02:19:03 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Me
[2012/06/04 02:13:43 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Josh
[2012/06/04 02:10:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\My doggies
[2012/06/04 02:05:31 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Leo
[2012/06/04 01:59:52 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Ed's work
[2012/06/03 21:48:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Dropbox(2)
[2012/06/03 19:25:06 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\GomPlayer
[2012/06/01 21:38:29 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2012/06/01 21:38:03 | 000,000,000 | ---D | C] -- F:\Program Files\QuickTime
[2012/06/01 21:37:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Apple Computer
[2012/05/31 05:14:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\bb
[2012/05/27 22:15:32 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\divorce stuff
[2012/05/22 22:43:10 | 000,000,000 | ---D | C] -- F:\Program Files\Mozilla Maintenance Service
[2012/05/22 22:43:10 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Mozilla
[2012/05/22 22:43:00 | 000,000,000 | ---D | C] -- F:\Program Files\Mozilla Firefox
[2012/05/21 11:28:15 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Wondershare
[2012/05/21 11:28:10 | 000,000,000 | ---D | C] -- F:\Program Files\Wondershare
[2012/05/18 14:29:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\lh
[2012/05/18 14:28:50 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\red
[2012/05/18 14:26:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\dh
[2012/05/18 14:25:57 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\ow
[2012/05/18 10:39:24 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\searchquband
[2012/05/18 10:27:36 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\tables
[2012/05/18 06:21:37 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Unused Desktop Shortcuts
[2012/05/18 05:23:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\New Folder
[2012/05/17 00:00:51 | 004,487,872 | R--- | C] (Swearware) -- F:\Documents and Settings\Bubbles2000\My Documents\ComboFix.exe
[2012/05/16 23:46:53 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Documents\FreeBurner
[2012/05/16 23:46:28 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\searchqutoolbar
[2012/05/16 23:46:23 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Free Easy Burner
[2012/05/16 23:46:20 | 000,200,704 | ---- | C] (vbAccelerator) -- F:\WINDOWS\System32\vbalExpBar6.ocx
[2012/05/16 23:46:07 | 000,000,000 | ---D | C] -- F:\Program Files\Searchqu Toolbar
[2012/05/16 23:45:57 | 000,040,960 | ---- | C] (vbAccelerator) -- F:\WINDOWS\System32\SSubTmr6.dll
[2012/05/16 23:45:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\FreeBurner
[2012/05/16 23:45:54 | 000,000,000 | ---D | C] -- F:\Program Files\Free Easy CD DVD Burner
[2012/05/13 10:43:24 | 000,000,000 | ---D | C] -- F:\Program Files\hpmonitor
[2012/05/13 10:43:20 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\BabylonToolbar
[2012/05/13 10:42:51 | 000,000,000 | ---D | C] -- F:\Program Files\BabylonToolbar
[2012/05/13 10:42:41 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Babylon
[2012/05/13 10:42:33 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\Babylon
[2012/05/13 10:42:33 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Babylon
[2012/05/13 10:42:22 | 000,000,000 | ---D | C] -- F:\Program Files\Appnimi
[2012/05/13 10:42:22 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Appnimi
[2012/05/13 07:52:11 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\vids
[2012/05/12 12:26:35 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\Test 4 Ed Done
[2012/05/12 03:33:55 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2012/05/12 03:33:46 | 000,000,000 | ---D | C] -- F:\Program Files\Spybot - Search & Destroy
[2012/05/12 03:33:46 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2012/05/02 17:56:22 | 011,824,088 | ---- | C] (Mozilla Foundation) -- F:\Program Files\xul.dll
[2012/05/02 17:56:22 | 000,646,104 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nss3.dll
[2012/05/02 17:56:22 | 000,505,816 | ---- | C] (sqlite.org) -- F:\Program Files\sqlite3.dll
[2012/05/02 17:56:22 | 000,371,672 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssckbi.dll
[2012/05/02 17:56:22 | 000,246,744 | ---- | C] (Mozilla Foundation) -- F:\Program Files\updater.exe
[2012/05/02 17:56:22 | 000,166,872 | ---- | C] (Mozilla Foundation) -- F:\Program Files\softokn3.dll
[2012/05/02 17:56:22 | 000,142,296 | ---- | C] (Mozilla Foundation) -- F:\Program Files\ssl3.dll
[2012/05/02 17:56:22 | 000,105,432 | ---- | C] (Mozilla Foundation) -- F:\Program Files\smime3.dll
[2012/05/02 17:56:22 | 000,105,432 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssdbm3.dll
[2012/05/02 17:56:22 | 000,089,048 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssutil3.dll
[2012/05/02 17:56:22 | 000,021,976 | ---- | C] (Mozilla Foundation) -- F:\Program Files\plc4.dll
[2012/05/02 17:56:22 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\xpcom.dll
[2012/05/02 17:56:22 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\plds4.dll
[2012/05/02 17:56:22 | 000,016,856 | ---- | C] (Mozilla Corporation) -- F:\Program Files\plugin-container.exe
[2012/05/02 17:56:21 | 000,912,344 | ---- | C] (Mozilla Corporation) -- F:\Program Files\firefox.exe
[2012/05/02 17:56:21 | 000,719,832 | ---- | C] (Mozilla Foundation) -- F:\Program Files\mozcrt19.dll
[2012/05/02 17:56:21 | 000,719,832 | ---- | C] (Mozilla Foundation) -- F:\Program Files\mozcpp19.dll
[2012/05/02 17:56:21 | 000,269,272 | ---- | C] (Mozilla Foundation) -- F:\Program Files\freebl3.dll
[2012/05/02 17:56:21 | 000,203,736 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nspr4.dll
[2012/05/02 17:56:21 | 000,107,480 | ---- | C] (Mozilla Foundation) -- F:\Program Files\crashreporter.exe
[2012/05/02 17:56:21 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\AccessibleMarshal.dll

========== Files - Modified Within 30 Days ==========

[2012/06/10 21:18:10 | 000,001,002 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004UA.job
[2012/06/10 21:05:00 | 000,000,830 | ---- | M] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/10 20:32:10 | 000,000,896 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/10 19:23:20 | 000,000,892 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/10 19:23:19 | 000,000,294 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-500.job
[2012/06/10 19:23:19 | 000,000,290 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
[2012/06/10 19:18:00 | 000,000,950 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004Core1cc209613fe80f2.job
[2012/06/10 04:13:00 | 000,000,302 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-500.job
[2012/06/10 03:04:37 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2012/06/09 23:24:05 | 000,000,264 | ---- | M] () -- F:\WINDOWS\System32\PSUNCpl.dat
[2012/06/09 20:50:57 | 000,000,046 | ---- | M] () -- F:\WINDOWS\System32\_WKERNEL.FRE
[2012/06/09 13:39:12 | 000,044,697 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\caring_is_faint_by_MalvaAlcea.jpg
[2012/06/09 13:26:46 | 000,026,602 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\denim-.jpg
[2012/06/09 12:39:25 | 000,040,893 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\dual nibble.jpeg
[2012/06/09 11:40:13 | 000,002,625 | ---- | M] () -- F:\WINDOWS\System32\CONFIG.NT
[2012/06/09 08:04:33 | 000,002,206 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2012/06/09 07:02:07 | 000,000,298 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
[2012/06/09 02:11:21 | 000,364,074 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Quickfix.jpg
[2012/06/08 20:22:03 | 000,000,284 | ---- | M] () -- F:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/06/08 20:14:59 | 000,002,613 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\logo4.jpg
[2012/06/07 04:54:27 | 000,484,030 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2012/06/07 04:54:27 | 000,080,082 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2012/06/07 02:47:12 | 000,038,166 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Cousin Steve.JPG
[2012/06/06 21:58:26 | 000,082,195 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\the king.jpg
[2012/06/06 18:05:14 | 000,487,091 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\work=(913)+461-3895.pdf
[2012/06/06 18:03:40 | 000,747,778 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\heather shay work maybe3233022306.pdf
[2012/06/06 14:08:43 | 000,170,183 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\dancing cato.gif
[2012/06/04 21:50:23 | 000,004,452 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\wklnhst.dat
[2012/06/04 21:41:07 | 000,067,309 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\FireShot Screen Capture #319 - 'AVON - Order Confirmed' - shop_avon_com_shop_confirmed_aspx_order_id=23900597&ccauthreportcode&paypal=5HW871020D7354602.jpg
[2012/06/04 18:51:13 | 000,015,872 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\tim's letter 5-2012.wps
[2012/06/01 21:38:30 | 000,001,613 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/06/01 12:38:35 | 000,001,055 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/01 12:38:18 | 000,001,051 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Dropbox.lnk
[2012/05/27 22:50:21 | 000,000,964 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.7z
[2012/05/27 22:46:48 | 000,008,827 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.7z
[2012/05/27 22:46:12 | 000,001,679 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.rtf
[2012/05/27 22:24:18 | 000,038,978 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.rtf
[2012/05/26 02:25:38 | 000,000,733 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2012/05/23 05:52:09 | 000,239,616 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/22 22:43:12 | 000,000,751 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/05/22 22:43:12 | 000,000,733 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/05/22 22:33:41 | 001,119,085 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\bookmarksMay22_12.html
[2012/05/22 04:08:36 | 000,043,210 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\bank statments BOA 2.jpg
[2012/05/21 11:28:16 | 000,000,833 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Wondershare PDF to Word.lnk
[2012/05/19 02:18:16 | 000,007,973 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\inmyway.jpg
[2012/05/16 23:46:23 | 000,000,844 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Easy Burner.lnk
[2012/05/16 23:46:23 | 000,000,826 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Free Easy Burner.lnk
[2012/05/16 01:21:23 | 000,002,317 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/14 23:14:37 | 000,003,401 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\index.html
[2012/05/14 23:14:37 | 000,000,061 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\autorun.inf
[2012/05/13 10:42:53 | 000,000,250 | ---- | M] () -- F:\user.js
[2012/05/13 10:42:22 | 000,001,102 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Appnimi All-In-One Password Unlocker.lnk
[2012/05/13 00:06:57 | 000,000,754 | ---- | M] () -- F:\WINDOWS\WORDPAD.INI
[2012/05/12 18:32:26 | 000,008,704 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\letter to boa about gayle.wps
[2012/05/12 17:44:51 | 000,010,752 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\Untitled Document.wps
[2012/05/12 04:31:40 | 000,000,719 | ---- | M] () -- F:\WINDOWS\wininit.ini
[2012/05/12 03:58:29 | 000,442,053 | R--- | M] () -- F:\WINDOWS\System32\drivers\etc\hosts
[2012/05/12 03:33:56 | 000,000,960 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

========== Files Created - No Company Name ==========

[2012/06/09 23:24:05 | 000,000,264 | ---- | C] () -- F:\WINDOWS\System32\PSUNCpl.dat
[2012/06/09 13:39:12 | 000,044,697 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\caring_is_faint_by_MalvaAlcea.jpg
[2012/06/09 13:26:46 | 000,026,602 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\denim-.jpg
[2012/06/09 12:39:24 | 000,040,893 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\dual nibble.jpeg
[2012/06/09 02:12:29 | 000,364,074 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Quickfix.jpg
[2012/06/08 20:14:59 | 000,002,613 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\logo4.jpg
[2012/06/07 02:47:12 | 000,038,166 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Cousin Steve.JPG
[2012/06/06 21:58:26 | 000,082,195 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\the king.jpg
[2012/06/06 18:05:14 | 000,487,091 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\work=(913)+461-3895.pdf
[2012/06/06 18:03:40 | 000,747,778 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\heather shay work maybe3233022306.pdf
[2012/06/06 14:08:42 | 000,170,183 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\dancing cato.gif
[2012/06/04 21:41:07 | 000,067,309 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\FireShot Screen Capture #319 - 'AVON - Order Confirmed' - shop_avon_com_shop_confirmed_aspx_order_id=23900597&ccauthreportcode&paypal=5HW871020D7354602.jpg
[2012/06/04 18:16:10 | 000,015,872 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\tim's letter 5-2012.wps
[2012/06/04 02:16:29 | 000,264,429 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Ed.jpg
[2012/06/04 02:11:24 | 000,036,547 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\sam.jpg
[2012/06/03 18:36:25 | 000,000,787 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\mags.rtf
[2012/06/01 22:30:41 | 000,007,973 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\inmyway.jpg
[2012/06/01 22:11:15 | 022,571,982 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\His choices.7z
[2012/06/01 21:38:30 | 000,001,613 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/05/28 03:13:00 | 000,008,827 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.7z
[2012/05/28 03:12:15 | 000,000,964 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.7z
[2012/05/27 22:51:13 | 000,001,679 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.rtf
[2012/05/27 22:50:02 | 000,038,978 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.rtf
[2012/05/26 02:25:38 | 000,000,733 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2012/05/22 22:33:39 | 001,119,085 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\bookmarksMay22_12.html
[2012/05/22 04:08:21 | 000,043,210 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\bank statments BOA 2.jpg
[2012/05/21 11:28:16 | 000,000,833 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Wondershare PDF to Word.lnk
[2012/05/18 10:27:36 | 000,003,401 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\index.html
[2012/05/18 10:27:29 | 000,000,061 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\autorun.inf
[2012/05/17 00:07:36 | 3073,571,968 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\our special vids.7z
[2012/05/16 23:46:23 | 000,000,844 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Easy Burner.lnk
[2012/05/16 23:46:23 | 000,000,826 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Free Easy Burner.lnk
[2012/05/16 23:45:55 | 000,484,352 | ---- | C] () -- F:\WINDOWS\System32\lame_enc.dll
[2012/05/13 10:42:52 | 000,000,250 | ---- | C] () -- F:\user.js
[2012/05/13 10:42:22 | 000,001,102 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Appnimi All-In-One Password Unlocker.lnk
[2012/05/12 18:32:25 | 000,008,704 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\letter to boa about gayle.wps
[2012/05/12 04:31:37 | 000,000,719 | ---- | C] () -- F:\WINDOWS\wininit.ini
[2012/05/12 03:33:56 | 000,000,960 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/05/09 09:40:01 | 000,003,072 | ---- | C] () -- F:\WINDOWS\System32\iacenc.dll
[2012/05/09 02:11:24 | 000,256,000 | ---- | C] () -- F:\WINDOWS\PEV.exe
[2012/05/09 02:11:24 | 000,208,896 | ---- | C] () -- F:\WINDOWS\MBR.exe
[2012/05/09 02:11:24 | 000,098,816 | ---- | C] () -- F:\WINDOWS\sed.exe
[2012/05/09 02:11:24 | 000,080,412 | ---- | C] () -- F:\WINDOWS\grep.exe
[2012/05/09 02:11:24 | 000,068,096 | ---- | C] () -- F:\WINDOWS\zip.exe
[2012/05/04 18:56:20 | 000,001,235 | ---- | C] () -- F:\Program Files\updates.xml
[2012/05/04 18:56:18 | 000,000,057 | ---- | C] () -- F:\Program Files\active-update.xml
[2012/05/04 18:55:46 | 000,016,246 | ---- | C] () -- F:\Program Files\removed-files
[2012/05/04 18:55:34 | 000,000,000 | ---- | C] () -- F:\Program Files\.autoreg
[2012/05/02 17:56:28 | 000,000,707 | ---- | C] () -- F:\Program Files\updater.ini
[2012/05/02 17:56:28 | 000,000,232 | ---- | C] () -- F:\Program Files\browserconfig.properties
[2012/05/02 17:56:28 | 000,000,006 | ---- | C] () -- F:\Program Files\update.locale
[2012/05/02 17:56:22 | 000,000,478 | ---- | C] () -- F:\Program Files\softokn3.chk
[2012/05/02 17:56:22 | 000,000,478 | ---- | C] () -- F:\Program Files\nssdbm3.chk
[2012/05/02 17:56:22 | 000,000,142 | ---- | C] () -- F:\Program Files\platform.ini
[2012/05/02 17:56:21 | 001,014,744 | ---- | C] () -- F:\Program Files\js3250.dll
[2012/05/02 17:56:21 | 000,031,393 | ---- | C] () -- F:\Program Files\LICENSE
[2012/05/02 17:56:21 | 000,005,183 | ---- | C] () -- F:\Program Files\blocklist.xml
[2012/05/02 17:56:21 | 000,003,803 | ---- | C] () -- F:\Program Files\crashreporter.ini
[2012/05/02 17:56:21 | 000,002,129 | ---- | C] () -- F:\Program Files\application.ini
[2012/05/02 17:56:21 | 000,000,583 | ---- | C] () -- F:\Program Files\crashreporter-override.ini
[2012/05/02 17:56:21 | 000,000,478 | ---- | C] () -- F:\Program Files\freebl3.chk
[2012/05/02 17:56:21 | 000,000,115 | ---- | C] () -- F:\Program Files\dependentlibs.list
[2012/04/26 06:33:56 | 000,044,599 | ---- | C] () -- F:\Program Files\sniffpass.zip
[2012/03/02 22:59:54 | 000,108,032 | ---- | C] () -- F:\WINDOWS\System32\ff_vfw.dll
[2012/02/20 21:46:15 | 000,000,043 | ---- | C] () -- F:\WINDOWS\gswin32.ini
[2011/11/26 23:18:56 | 002,062,304 | ---- | C] () -- F:\Program Files\installspeedfan443.exe
[2011/10/31 18:16:38 | 015,854,592 | ---- | C] () -- F:\Program Files\Setup.msi
[2011/10/28 17:22:15 | 000,204,800 | ---- | C] () -- F:\WINDOWS\System32\igfxCoIn_v4820.dll
[2011/07/08 01:48:35 | 000,000,007 | ---- | C] () -- F:\WINDOWS\treeskp.sys
[2011/07/08 01:48:35 | 000,000,007 | ---- | C] () -- F:\WINDOWS\sbacknt.bin
[2010/11/29 16:53:55 | 000,000,037 | ---- | C] () -- F:\WINDOWS\Viewer.ini
[2010/09/02 00:33:54 | 000,015,360 | ---- | C] () -- F:\WINDOWS\System32\bdmjpeg.dll
[2010/09/02 00:32:52 | 000,058,368 | ---- | C] () -- F:\WINDOWS\System32\bdmpegv.dll
[2010/08/25 06:28:07 | 000,000,031 | ---- | C] () -- F:\WINDOWS\System32\wocsodsini.dll
[2010/08/25 06:27:47 | 000,000,530 | ---- | C] () -- F:\WINDOWS\System32\tx14_ic.ini
[2010/08/25 06:09:41 | 001,774,720 | ---- | C] () -- F:\WINDOWS\System32\BootMan.exe
[2010/08/25 06:09:41 | 000,086,408 | ---- | C] () -- F:\WINDOWS\System32\setupempdrv03.exe
[2010/08/25 06:09:41 | 000,014,848 | ---- | C] () -- F:\WINDOWS\System32\EuEpmGdi.dll
[2010/08/25 06:09:41 | 000,013,192 | ---- | C] () -- F:\WINDOWS\System32\epmntdrv.sys
[2010/08/25 06:09:41 | 000,008,456 | ---- | C] () -- F:\WINDOWS\System32\EuGdiDrv.sys
[2010/07/23 22:17:42 | 000,000,132 | -H-- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\lakerda1967.sys
[2010/07/23 22:13:46 | 000,010,584 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\docXConverter (3).ini
[2010/06/28 06:32:59 | 000,000,025 | ---- | C] () -- F:\WINDOWS\cdplayer.ini
[2010/06/18 01:14:54 | 000,024,575 | ---- | C] () -- F:\WINDOWS\System32\Mpwinapppiobas69.dat
[2010/06/17 14:07:29 | 000,112,156 | ---- | C] () -- F:\WINDOWS\System32\winobj92.dat
[2010/06/15 07:29:22 | 000,000,552 | ---- | C] () -- F:\WINDOWS\System32\d3d8caps.dat

========== LOP Check ==========

[2012/02/07 15:55:16 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Alwil Software
[2012/06/09 11:49:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2011/04/24 06:04:30 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Aoiiytw
[2012/06/09 11:39:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/04/29 14:11:01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/05/13 10:42:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Babylon
[2012/05/16 23:46:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/03/21 21:14:26 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Application Data\Common Files
[2012/02/04 11:25:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Deskshare
[2011/06/05 02:07:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\eJ01803LaHpI01803
[2012/03/12 05:40:39 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\FaceOffMax
[2010/09/15 08:44:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\FileCure
[2012/06/03 08:33:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\firebird
[2010/06/02 07:03:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\IM
[2010/10/14 15:40:45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Laconic Software
[2012/02/07 12:44:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/09/05 21:30:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Masters ITC
[2012/01/15 18:06:32 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Mirolit
[2012/06/09 23:23:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Panda Security
[2012/01/26 12:06:59 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\PC1Data
[2011/08/30 00:01:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\RPSP
[2010/09/03 12:31:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ScreenVCR
[2010/07/23 20:43:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/06/08 23:21:32 | 000,000,000 | -HSD | M] -- F:\Documents and Settings\All Users\Application Data\System Restore
[2010/08/12 23:55:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2011/10/05 16:14:18 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\WeCareReminder
[2010/08/20 20:33:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\WinZip
[2011/08/06 13:59:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ZentimoService
[2011/12/29 12:47:48 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\.purple
[2010/06/02 20:42:44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Arkadium
[2012/03/21 21:15:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\AVG Secure Search
[2012/02/07 12:44:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Avnex
[2012/05/13 10:42:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Babylon
[2012/05/18 10:39:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\BabylonToolbar
[2011/05/10 13:53:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\BANDISOFT
[2011/08/29 03:15:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Business Logic
[2010/06/01 04:51:58 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive
[2012/05/07 13:39:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Chrysanth
[2012/06/10 19:27:53 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Dropbox
[2012/02/07 12:48:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\DzSoft
[2012/03/12 05:40:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\FaceOffMax
[2012/03/27 07:20:31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\FireShot
[2012/05/16 23:46:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\FreeBurner
[2011/10/10 16:23:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Garbage Finder
[2010/07/23 20:57:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Genie-Soft
[2010/09/14 13:42:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\iLike
[2010/08/11 09:11:23 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\ImageBadger
[2012/06/09 07:49:30 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\IObit
[2011/02/14 22:16:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\IrfanView
[2011/09/05 04:23:13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Listary
[2012/03/02 23:35:11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\mresreg
[2011/10/05 16:14:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\OpenCandy
[2012/06/09 23:25:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Panda Security
[2012/04/21 11:56:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\PC Cleaners
[2012/04/19 17:53:50 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\PCPro
[2011/06/05 02:08:16 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Sammsoft
[2012/05/18 10:39:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\searchquband
[2012/05/18 10:39:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\searchqutoolbar
[2012/06/10 03:02:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\SoftGrid Client
[2010/12/09 14:44:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Software Informer
[2011/12/03 01:17:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Start Menu 7
[2010/05/27 22:18:51 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Template
[2010/08/04 17:00:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\TP
[2011/11/20 04:18:44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Trillian
[2011/10/10 13:58:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\TweakNow PowerPack 2011
[2011/10/15 02:45:06 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\TweakNow WinSecret 2011
[2012/02/14 04:49:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\USBSafelyRemove
[2012/02/02 04:56:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\USBSRService
[2012/05/01 22:34:49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\uTorrent
[2011/09/18 00:21:47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\visualsearchpony.com
[2012/04/02 14:11:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\XnView
[2011/09/07 17:20:53 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Zentimo

========== Purity Check ==========



< End of report >

Any help would be great. Thank you in advance...ed
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there could you delete your current copy of OTL please and download the latest version

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.exe
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

THEN

run farbar service scanner

Posted Image

Tick "All" options.
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.

Please copy and paste the log to your reply.
  • 0

#3
edhalfdead

edhalfdead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
Thank you for the quick response Essexboy.
I did as you said with OTL but the Extras.txt did not show.
Tried a second time with the same results.
Here are the OTL & FSS files:

OTL logfile created on: 6/12/2012 4:43:48 PM - Run 4
OTL by OldTimer - Version 3.2.48.0 Folder = F:\Documents and Settings\Bubbles2000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 50.57% Memory free
3.84 Gb Paging File | 2.91 Gb Available in Paging File | 75.94% Paging File free
Paging file location(s): F:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 6.36 Gb Total Space | 1.49 Gb Free Space | 23.41% Space Free | Partition Type: NTFS
Drive D: | 1397.26 Gb Total Space | 1309.37 Gb Free Space | 93.71% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 62.19 Gb Free Space | 41.72% Space Free | Partition Type: NTFS
Drive F: | 68.11 Gb Total Space | 0.96 Gb Free Space | 1.41% Space Free | Partition Type: NTFS
Drive H: | 7.45 Gb Total Space | 5.74 Gb Free Space | 77.07% Space Free | Partition Type: FAT32

Computer Name: GARGOYLE2 | User Name: Bubbles2000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/12 16:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
PRC - [2012/05/24 11:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- F:\Documents and Settings\Bubbles2000\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/05/14 04:39:49 | 001,816,976 | ---- | M] (Bandoo Media, inc) -- F:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2012/03/21 21:14:58 | 000,918,880 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012/03/21 21:14:53 | 000,982,880 | ---- | M] () -- F:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/03/06 17:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- F:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/03 21:42:56 | 016,575,824 | ---- | M] (Comfort Software Group) -- F:\Program Files\HotAlarmClock\HotAlarmClock.exe
PRC - [2011/12/01 13:24:20 | 002,624,512 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2011/11/26 00:54:53 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- F:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/07/29 13:45:56 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/04/28 13:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2011/04/23 20:02:19 | 000,536,576 | ---- | M] () -- F:\Program Files\Nwmao\Rlkkhgs.exe
PRC - [2010/07/12 05:55:03 | 000,218,112 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Windows NT\Accessories\wordpad.exe
PRC - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2009/11/10 15:41:14 | 000,036,864 | ---- | M] (MAXA Research Int'l Inc.) -- F:\Program Files\MAXA Security Tools\Lock\tray.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/11 03:36:47 | 000,998,400 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/11 03:34:54 | 000,971,264 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/11 03:28:38 | 005,450,752 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/11 03:28:27 | 012,430,848 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\32b169d0703541a18c987bd2dbf9fbd9\System.Windows.Forms.ni.dll
MOD - [2012/05/11 03:28:11 | 001,587,200 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7765146be2fa459c20856ff822f90d1e\System.Drawing.ni.dll
MOD - [2012/05/11 03:26:05 | 007,953,408 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/11 03:25:47 | 011,492,352 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/03/21 21:14:58 | 000,918,880 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
MOD - [2012/03/21 21:14:53 | 000,982,880 | ---- | M] () -- F:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011/12/01 13:24:20 | 002,624,512 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- F:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- F:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/23 20:02:19 | 000,536,576 | ---- | M] () -- F:\Program Files\Nwmao\Rlkkhgs.exe
MOD - [2011/04/23 20:02:19 | 000,020,480 | ---- | M] () -- F:\Program Files\Nwmao\a.dll
MOD - [2010/07/04 14:32:38 | 000,010,752 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/07/04 14:32:36 | 000,004,608 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2007/05/07 08:06:02 | 000,128,000 | ---- | M] () -- F:\Program Files\ImageBadger\extib.dll
MOD - [2007/02/14 12:55:11 | 000,165,424 | ---- | M] () -- F:\Program Files\Panda Security\Panda Cloud Antivirus\MiniCrypto.dll
MOD - [2007/02/14 12:55:10 | 000,099,888 | ---- | M] () -- F:\Program Files\Panda Security\Panda Cloud Antivirus\APIcr.dll
MOD - [2005/04/15 14:18:30 | 000,483,328 | ---- | M] () -- F:\WINDOWS\system32\lxcglmpm.dll
MOD - [2005/03/13 11:32:14 | 000,061,440 | ---- | M] () -- F:\Program Files\Lexmark 2300 Series\lxcgcnv4.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (Ql12nses)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/11 06:05:15 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/20 18:19:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/21 21:14:58 | 000,918,880 | ---- | M] () [Auto | Running] -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012/03/06 17:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Disabled | Stopped] -- F:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/03/06 16:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Disabled | Stopped] -- F:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/03/05 15:10:32 | 000,458,008 | ---- | M] (Tanuki Software, Ltd.) [Auto | Stopped] -- C:\ManageEngine\EventLog\bin\wrapper.exe -- (eventloganalyzer)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- F:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/08/13 09:13:32 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- F:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2008/04/13 21:42:12 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 17:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2005/04/15 14:15:30 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- F:\WINDOWS\system32\lxcgcoms.exe -- (lxcg_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\DOCUME~1\BUBBLE~1\LOCALS~1\Temp\vdsdk.sys -- (VDSDK)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/03/06 17:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- F:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 17:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 17:02:43 | 000,024,408 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2012/03/06 17:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/06 17:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 17:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- F:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 17:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- F:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 16:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- F:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/03/06 16:04:25 | 000,112,984 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- F:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2012/03/06 16:03:23 | 000,196,440 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- F:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2012/03/06 15:44:51 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- F:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2012/01/05 13:10:09 | 000,144,008 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2011/11/30 18:37:24 | 000,112,648 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2011/11/23 09:59:40 | 000,130,312 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2011/10/01 08:30:42 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2011/10/01 08:30:40 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2011/10/01 08:30:38 | 000,209,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2011/10/01 08:30:36 | 000,584,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2011/04/28 12:57:38 | 000,111,688 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2011/04/28 12:57:38 | 000,097,096 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2011/03/18 09:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- F:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010/12/02 18:17:50 | 000,013,696 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\avwebcam.sys -- (AVWEBCAM)
DRV - [2010/07/15 08:44:20 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/07/15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2007/05/02 16:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [1996/04/03 12:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- F:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-re...q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-03-21 21:15:00&v=10.2.0.3&sap=hp
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001d097dc74a
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes\{909D53DD-ED5F-405B-879E-5F5CD26B7C05}: "URL" = http://www.google.co...Terms}&aq=f&oq=
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-03-21 21:15:00&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes\{9B97950D-482C-1D79-568F-FC7B9D40C785}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....erms}&fr=mkg028
IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngineURL: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "igoogle.com"
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1
FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: toolbar[email protected]:0.2.7
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:15.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.3
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:4.11
FF - prefs.js..extensions.enabledItems: [email protected]:0.5.5
FF - prefs.js..extensions.enabledItems: {e8f509f0-b677-11de-8a39-0800200c9a66}:1.12
FF - prefs.js..extensions.enabledItems: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.4.6.20120119024823
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.98.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.6.1.01
FF - prefs.js..extensions.enabledItems: [email protected]:7.0.1426
FF - prefs.js..extensions.enabledItems: [email protected]:10.2.0.3
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.15
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.13
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..keyword.URL: "http://isearch.avg.c...5:00&sap=ku&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: F:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: F:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: F:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: F:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: F:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: F:\Program Files\EpicPlay\npEpicHost.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/26 00:55:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: F:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/07 11:31:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: F:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\ [2012/03/21 21:15:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: F:\Program Files\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: F:\Program Files\plugins [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/01 21:38:48 | 000,000,000 | ---D | M]

[2012/05/16 23:46:41 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Extensions
[2012/06/06 14:07:40 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions
[2012/05/02 18:48:13 | 000,000,000 | ---D | M] (FireShot) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012/05/01 21:04:29 | 000,000,000 | ---D | M] (FireShot) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}(2)
[2011/07/18 00:26:50 | 000,000,000 | ---D | M] (Flashblock) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012/05/25 06:22:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/11/20 04:00:12 | 000,000,000 | ---D | M] (NoScript) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
[2012/05/16 23:46:33 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/06/09 07:49:49 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2012/05/02 18:07:56 | 000,000,000 | ---D | M] ("StumbleUpon") -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011/11/11 02:15:52 | 000,000,000 | ---D | M] (gTranslate) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2012/04/24 13:24:25 | 000,000,000 | ---D | M] (DownloadHelper) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/05/02 18:07:59 | 000,000,000 | ---D | M] (DownThemAll!) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/07/07 20:45:06 | 000,000,000 | ---D | M] (Web2PDF converter) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}
[2012/05/02 18:48:16 | 000,000,000 | ---D | M] (FoxLingo) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2012/04/24 13:50:51 | 000,000,000 | ---D | M] (Ant Video Downloader) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected](2).com
[2012/05/02 18:48:08 | 000,000,000 | ---D | M] (DeeperWeb for Google) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/05/13 10:42:49 | 000,000,000 | ---D | M] (Babylon) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/05/02 18:48:17 | 000,000,000 | ---D | M] (Show Me More) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/05/31 18:46:49 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2010/10/17 01:46:49 | 000,002,027 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\searchplugins\google-translate-any--en.xml
[2012/05/16 23:46:12 | 000,002,519 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\searchplugins\Search_Results.xml
[2012/05/22 22:43:07 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions
[2012/06/06 14:07:39 | 000,061,219 | ---- | M] () (No name found) -- F:\DOCUMENTS AND SETTINGS\BUBBLES2000\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\X88K25G8.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012/04/20 18:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- F:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/20 18:18:25 | 000,002,252 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/20 18:18:25 | 000,002,040 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hnhgoncokajlafhnhjmccgcmgggiehjm\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.2_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.2_0\.bak
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\plccnhhjonaiagjelpfkclblmlppjcik\

O1 HOSTS File: ([2012/05/12 03:58:29 | 000,442,053 | R--- | M]) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15215 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - F:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - F:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] F:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] F:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DATAMNGR] F:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [LogMeIn GUI] F:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MAXA-LockTray] F:\Program Files\MAXA Security Tools\Lock\tray.exe (MAXA Research Int'l Inc.)
O4 - HKLM..\Run: [Odsspo] F:\Program Files\Nwmao\Rlkkhgs.exe ()
O4 - HKLM..\Run: [PSUNMain] F:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [TkBellExe] F:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] F:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [vProt] F:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] F:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
O4 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004..\Run: [HotAlarmClock] F:\Program Files\HotAlarmClock\HotAlarmClock.exe (Comfort Software Group)
O4 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\STIMON.lnk = F:\Program Files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe (Silicon Motion)
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\CNET TechTracker.lnk = F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe ()
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\Dropbox.lnk = F:\Documents and Settings\Bubbles2000\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\RCA Detective.lnk = F:\Documents and Settings\Bubbles2000\My Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - F:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (F:\WINDOWS\system32\userinit.exe) - F:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004 Winlogon: Shell - (explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - F:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/20 02:20:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/27 00:03:47 | 000,027,568 | ---- | M] () - E:\autopay_DPA.pdf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.dll (Microsoft Corporation)

CREATERESTOREPOINT
System Restore Service not available.

========== Files/Folders - Created Within 30 Days ==========

[2012/06/12 16:42:25 | 000,596,480 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
[2012/06/12 16:25:25 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\more sayings
[2012/06/12 16:22:38 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\8-18-11VOC
[2012/06/11 12:38:32 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Ed's test 5
[2012/06/11 09:54:33 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Eds test 6
[2012/06/09 23:25:22 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\Panda Security
[2012/06/09 23:23:50 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Panda Cloud Antivirus
[2012/06/09 23:23:26 | 000,000,000 | ---D | C] -- F:\Program Files\Panda Security
[2012/06/09 23:23:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Panda Security
[2012/06/09 11:40:31 | 000,112,984 | ---- | C] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswFW.sys
[2012/06/09 11:40:13 | 000,196,440 | ---- | C] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswNdis2.sys
[2012/06/09 11:40:13 | 000,024,408 | ---- | C] (AVAST Software) -- F:\WINDOWS\System32\drivers\aswKbd.sys
[2012/06/09 11:39:32 | 000,012,112 | ---- | C] (ALWIL Software) -- F:\WINDOWS\System32\drivers\aswNdis.sys
[2012/06/09 11:39:28 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/06/09 07:57:45 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Dropbox
[2012/06/09 07:57:17 | 000,000,000 | ---D | C] -- F:\Program Files\Dropbox
[2012/06/09 06:15:38 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\art2
[2012/06/08 22:36:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\couples
[2012/06/07 04:17:10 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\WindowsPowerShell
[2012/06/07 04:17:07 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\GroupPolicy
[2012/06/07 04:16:43 | 000,000,000 | ---D | C] -- F:\WINDOWS\$968930Uinstall_KB968930$
[2012/06/07 04:10:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\IObit
[2012/06/07 04:10:08 | 000,000,000 | ---D | C] -- F:\Program Files\IObit
[2012/06/04 09:37:27 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\#4 test 4 Ed(2)
[2012/06/04 06:58:15 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\wallpaper
[2012/06/04 03:04:13 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\neat things
[2012/06/04 02:10:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\My doggies
[2012/06/04 02:00:50 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Nastyness
[2012/06/03 21:48:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Dropbox(2)
[2012/06/03 19:25:06 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\GomPlayer
[2012/06/02 03:51:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\butts
[2012/06/01 22:32:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\ximages
[2012/06/01 22:11:58 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\All eds tests and results
[2012/06/01 22:02:08 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\new women
[2012/06/01 21:38:29 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2012/06/01 21:38:03 | 000,000,000 | ---D | C] -- F:\Program Files\QuickTime
[2012/06/01 21:37:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Apple Computer
[2012/05/31 05:14:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\bb
[2012/05/27 22:15:32 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\divorce stuff
[2012/05/23 05:21:59 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\young
[2012/05/22 22:43:10 | 000,000,000 | ---D | C] -- F:\Program Files\Mozilla Maintenance Service
[2012/05/22 22:43:10 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Mozilla
[2012/05/22 22:43:00 | 000,000,000 | ---D | C] -- F:\Program Files\Mozilla Firefox
[2012/05/21 11:28:15 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Wondershare
[2012/05/21 11:28:10 | 000,000,000 | ---D | C] -- F:\Program Files\Wondershare
[2012/05/18 14:29:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\lh
[2012/05/18 14:28:50 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\red
[2012/05/18 14:26:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\dh
[2012/05/18 10:39:24 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\searchquband
[2012/05/18 10:27:36 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\tables
[2012/05/18 06:21:37 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Unused Desktop Shortcuts
[2012/05/18 05:23:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\New Folder
[2012/05/17 00:00:51 | 004,487,872 | R--- | C] (Swearware) -- F:\Documents and Settings\Bubbles2000\My Documents\ComboFix.exe
[2012/05/16 23:46:53 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Documents\FreeBurner
[2012/05/16 23:46:28 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\searchqutoolbar
[2012/05/16 23:46:23 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Free Easy Burner
[2012/05/16 23:46:20 | 000,200,704 | ---- | C] (vbAccelerator) -- F:\WINDOWS\System32\vbalExpBar6.ocx
[2012/05/16 23:46:07 | 000,000,000 | ---D | C] -- F:\Program Files\Searchqu Toolbar
[2012/05/16 23:45:57 | 000,040,960 | ---- | C] (vbAccelerator) -- F:\WINDOWS\System32\SSubTmr6.dll
[2012/05/16 23:45:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\FreeBurner
[2012/05/16 23:45:54 | 000,000,000 | ---D | C] -- F:\Program Files\Free Easy CD DVD Burner
[2012/05/02 17:56:22 | 011,824,088 | ---- | C] (Mozilla Foundation) -- F:\Program Files\xul.dll
[2012/05/02 17:56:22 | 000,646,104 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nss3.dll
[2012/05/02 17:56:22 | 000,505,816 | ---- | C] (sqlite.org) -- F:\Program Files\sqlite3.dll
[2012/05/02 17:56:22 | 000,371,672 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssckbi.dll
[2012/05/02 17:56:22 | 000,246,744 | ---- | C] (Mozilla Foundation) -- F:\Program Files\updater.exe
[2012/05/02 17:56:22 | 000,166,872 | ---- | C] (Mozilla Foundation) -- F:\Program Files\softokn3.dll
[2012/05/02 17:56:22 | 000,142,296 | ---- | C] (Mozilla Foundation) -- F:\Program Files\ssl3.dll
[2012/05/02 17:56:22 | 000,105,432 | ---- | C] (Mozilla Foundation) -- F:\Program Files\smime3.dll
[2012/05/02 17:56:22 | 000,105,432 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssdbm3.dll
[2012/05/02 17:56:22 | 000,089,048 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssutil3.dll
[2012/05/02 17:56:22 | 000,021,976 | ---- | C] (Mozilla Foundation) -- F:\Program Files\plc4.dll
[2012/05/02 17:56:22 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\xpcom.dll
[2012/05/02 17:56:22 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\plds4.dll
[2012/05/02 17:56:22 | 000,016,856 | ---- | C] (Mozilla Corporation) -- F:\Program Files\plugin-container.exe
[2012/05/02 17:56:21 | 000,912,344 | ---- | C] (Mozilla Corporation) -- F:\Program Files\firefox.exe
[2012/05/02 17:56:21 | 000,719,832 | ---- | C] (Mozilla Foundation) -- F:\Program Files\mozcrt19.dll
[2012/05/02 17:56:21 | 000,719,832 | ---- | C] (Mozilla Foundation) -- F:\Program Files\mozcpp19.dll
[2012/05/02 17:56:21 | 000,269,272 | ---- | C] (Mozilla Foundation) -- F:\Program Files\freebl3.dll
[2012/05/02 17:56:21 | 000,203,736 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nspr4.dll
[2012/05/02 17:56:21 | 000,107,480 | ---- | C] (Mozilla Foundation) -- F:\Program Files\crashreporter.exe
[2012/05/02 17:56:21 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\AccessibleMarshal.dll

========== Files - Modified Within 30 Days ==========

[2012/06/12 16:32:10 | 000,000,896 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/12 16:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
[2012/06/12 16:18:10 | 000,001,002 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004UA.job
[2012/06/12 16:05:00 | 000,000,830 | ---- | M] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/12 14:15:41 | 000,042,682 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\3.JPG
[2012/06/12 08:32:00 | 000,000,892 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/11 19:18:00 | 000,000,950 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004Core1cc209613fe80f2.job
[2012/06/11 17:03:12 | 000,000,091 | ---- | M] () -- F:\WINDOWS\DVM.INI
[2012/06/11 03:46:41 | 000,000,294 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-500.job
[2012/06/11 03:46:41 | 000,000,290 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
[2012/06/11 00:37:42 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2012/06/10 21:50:56 | 000,239,616 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/10 04:13:00 | 000,000,302 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-500.job
[2012/06/09 23:24:05 | 000,000,264 | ---- | M] () -- F:\WINDOWS\System32\PSUNCpl.dat
[2012/06/09 20:50:57 | 000,000,046 | ---- | M] () -- F:\WINDOWS\System32\_WKERNEL.FRE
[2012/06/09 12:39:25 | 000,040,893 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\dual nibble.jpeg
[2012/06/09 11:40:13 | 000,002,625 | ---- | M] () -- F:\WINDOWS\System32\CONFIG.NT
[2012/06/09 08:04:33 | 000,002,206 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2012/06/09 07:02:07 | 000,000,298 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
[2012/06/08 20:22:03 | 000,000,284 | ---- | M] () -- F:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/06/08 20:14:59 | 000,002,613 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\logo4.jpg
[2012/06/07 04:54:27 | 000,484,030 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2012/06/07 04:54:27 | 000,080,082 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2012/06/06 21:58:26 | 000,082,195 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\the king.jpg
[2012/06/06 18:05:14 | 000,487,091 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\work=(913)+461-3895.pdf
[2012/06/06 18:03:40 | 000,747,778 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\heather shay work maybe3233022306.pdf
[2012/06/04 21:50:23 | 000,004,452 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\wklnhst.dat
[2012/06/04 21:41:07 | 000,067,309 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\FireShot Screen Capture #319 - 'AVON - Order Confirmed' - shop_avon_com_shop_confirmed_aspx_order_id=23900597&ccauthreportcode&paypal=5HW871020D7354602.jpg
[2012/06/04 18:51:13 | 000,015,872 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\tim's letter 5-2012.wps
[2012/06/01 21:38:30 | 000,001,613 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/06/01 12:38:35 | 000,001,055 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/01 12:38:18 | 000,001,051 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Dropbox.lnk
[2012/05/27 22:50:21 | 000,000,964 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.7z
[2012/05/27 22:46:48 | 000,008,827 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.7z
[2012/05/27 22:46:12 | 000,001,679 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.rtf
[2012/05/27 22:24:18 | 000,038,978 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.rtf
[2012/05/27 17:35:55 | 000,173,861 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\[bleep].jpg
[2012/05/26 02:25:38 | 000,000,733 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2012/05/22 22:43:12 | 000,000,751 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/05/22 22:43:12 | 000,000,733 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/05/22 22:33:41 | 001,119,085 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\bookmarksMay22_12.html
[2012/05/22 04:08:36 | 000,043,210 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\bank statments BOA 2.jpg
[2012/05/21 11:28:16 | 000,000,833 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Wondershare PDF to Word.lnk
[2012/05/19 02:18:16 | 000,007,973 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\inmyway.jpg
[2012/05/19 02:13:35 | 000,017,662 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\smelling their [bleep].jpg
[2012/05/16 23:46:23 | 000,000,844 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Easy Burner.lnk
[2012/05/16 23:46:23 | 000,000,826 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Free Easy Burner.lnk
[2012/05/16 01:21:23 | 000,002,317 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/14 23:14:37 | 000,003,401 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\index.html
[2012/05/14 23:14:37 | 000,000,061 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\autorun.inf

========== Files Created - No Company Name ==========

[2012/06/12 16:31:24 | 000,017,662 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\smelling their [bleep].jpg
[2012/06/12 14:15:41 | 000,042,682 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\3.JPG
[2012/06/12 13:53:23 | 000,073,795 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Snapshot000010.jpg
[2012/06/10 22:11:45 | 000,151,347 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Joulie-Valkyria.jpg
[2012/06/10 02:48:42 | 000,121,134 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\big-bubbles-big-bubble-gum-blown-hooters-tits-boobs-demotivational-poster-1243937558.jpg
[2012/06/09 23:24:05 | 000,000,264 | ---- | C] () -- F:\WINDOWS\System32\PSUNCpl.dat
[2012/06/09 12:39:24 | 000,040,893 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\dual nibble.jpeg
[2012/06/08 20:14:59 | 000,002,613 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\logo4.jpg
[2012/06/06 21:58:26 | 000,082,195 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\the king.jpg
[2012/06/06 18:05:14 | 000,487,091 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\work=(913)+461-3895.pdf
[2012/06/06 18:03:40 | 000,747,778 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\heather shay work maybe3233022306.pdf
[2012/06/04 21:41:07 | 000,067,309 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\FireShot Screen Capture #319 - 'AVON - Order Confirmed' - shop_avon_com_shop_confirmed_aspx_order_id=23900597&ccauthreportcode&paypal=5HW871020D7354602.jpg
[2012/06/04 18:16:10 | 000,015,872 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\tim's letter 5-2012.wps
[2012/06/04 02:16:29 | 000,264,429 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Ed.jpg
[2012/06/03 18:36:25 | 000,000,787 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\mags.rtf
[2012/06/01 22:30:41 | 000,007,973 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\inmyway.jpg
[2012/06/01 22:11:15 | 022,571,982 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\His choices.7z
[2012/06/01 21:38:30 | 000,001,613 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/05/28 03:13:00 | 000,008,827 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.7z
[2012/05/28 03:12:15 | 000,000,964 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.7z
[2012/05/27 22:51:13 | 000,001,679 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.rtf
[2012/05/27 22:50:02 | 000,038,978 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.rtf
[2012/05/27 17:35:53 | 000,173,861 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\[bleep].jpg
[2012/05/26 02:25:38 | 000,000,733 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2012/05/22 22:33:39 | 001,119,085 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\bookmarksMay22_12.html
[2012/05/22 04:08:21 | 000,043,210 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\bank statments BOA 2.jpg
[2012/05/21 11:28:16 | 000,000,833 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Wondershare PDF to Word.lnk
[2012/05/18 10:27:36 | 000,003,401 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\index.html
[2012/05/18 10:27:29 | 000,000,061 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\autorun.inf
[2012/05/16 23:46:23 | 000,000,844 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Easy Burner.lnk
[2012/05/16 23:46:23 | 000,000,826 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Free Easy Burner.lnk
[2012/05/16 23:45:55 | 000,484,352 | ---- | C] () -- F:\WINDOWS\System32\lame_enc.dll
[2012/05/16 07:45:24 | 000,035,301 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\PenisParts.jpg
[2012/05/12 04:31:37 | 000,000,719 | ---- | C] () -- F:\WINDOWS\wininit.ini
[2012/05/09 09:40:01 | 000,003,072 | ---- | C] () -- F:\WINDOWS\System32\iacenc.dll
[2012/05/09 02:11:24 | 000,256,000 | ---- | C] () -- F:\WINDOWS\PEV.exe
[2012/05/09 02:11:24 | 000,208,896 | ---- | C] () -- F:\WINDOWS\MBR.exe
[2012/05/09 02:11:24 | 000,098,816 | ---- | C] () -- F:\WINDOWS\sed.exe
[2012/05/09 02:11:24 | 000,080,412 | ---- | C] () -- F:\WINDOWS\grep.exe
[2012/05/09 02:11:24 | 000,068,096 | ---- | C] () -- F:\WINDOWS\zip.exe
[2012/05/04 18:56:20 | 000,001,235 | ---- | C] () -- F:\Program Files\updates.xml
[2012/05/04 18:56:18 | 000,000,057 | ---- | C] () -- F:\Program Files\active-update.xml
[2012/05/04 18:55:46 | 000,016,246 | ---- | C] () -- F:\Program Files\removed-files
[2012/05/04 18:55:34 | 000,000,000 | ---- | C] () -- F:\Program Files\.autoreg
[2012/05/02 17:56:28 | 000,000,707 | ---- | C] () -- F:\Program Files\updater.ini
[2012/05/02 17:56:28 | 000,000,232 | ---- | C] () -- F:\Program Files\browserconfig.properties
[2012/05/02 17:56:28 | 000,000,006 | ---- | C] () -- F:\Program Files\update.locale
[2012/05/02 17:56:22 | 000,000,478 | ---- | C] () -- F:\Program Files\softokn3.chk
[2012/05/02 17:56:22 | 000,000,478 | ---- | C] () -- F:\Program Files\nssdbm3.chk
[2012/05/02 17:56:22 | 000,000,142 | ---- | C] () -- F:\Program Files\platform.ini
[2012/05/02 17:56:21 | 001,014,744 | ---- | C] () -- F:\Program Files\js3250.dll
[2012/05/02 17:56:21 | 000,031,393 | ---- | C] () -- F:\Program Files\LICENSE
[2012/05/02 17:56:21 | 000,005,183 | ---- | C] () -- F:\Program Files\blocklist.xml
[2012/05/02 17:56:21 | 000,003,803 | ---- | C] () -- F:\Program Files\crashreporter.ini
[2012/05/02 17:56:21 | 000,002,129 | ---- | C] () -- F:\Program Files\application.ini
[2012/05/02 17:56:21 | 000,000,583 | ---- | C] () -- F:\Program Files\crashreporter-override.ini
[2012/05/02 17:56:21 | 000,000,478 | ---- | C] () -- F:\Program Files\freebl3.chk
[2012/05/02 17:56:21 | 000,000,115 | ---- | C] () -- F:\Program Files\dependentlibs.list
[2012/04/26 06:33:56 | 000,044,599 | ---- | C] () -- F:\Program Files\sniffpass.zip
[2012/03/02 22:59:54 | 000,108,032 | ---- | C] () -- F:\WINDOWS\System32\ff_vfw.dll
[2012/02/20 21:46:15 | 000,000,043 | ---- | C] () -- F:\WINDOWS\gswin32.ini
[2011/11/26 23:18:56 | 002,062,304 | ---- | C] () -- F:\Program Files\installspeedfan443.exe
[2011/10/31 18:16:38 | 015,854,592 | ---- | C] () -- F:\Program Files\Setup.msi
[2011/10/28 17:22:15 | 000,204,800 | ---- | C] () -- F:\WINDOWS\System32\igfxCoIn_v4820.dll
[2011/07/08 01:48:35 | 000,000,007 | ---- | C] () -- F:\WINDOWS\treeskp.sys
[2011/07/08 01:48:35 | 000,000,007 | ---- | C] () -- F:\WINDOWS\sbacknt.bin
[2010/11/29 16:53:55 | 000,000,037 | ---- | C] () -- F:\WINDOWS\Viewer.ini
[2010/09/02 00:33:54 | 000,015,360 | ---- | C] () -- F:\WINDOWS\System32\bdmjpeg.dll
[2010/09/02 00:32:52 | 000,058,368 | ---- | C] () -- F:\WINDOWS\System32\bdmpegv.dll
[2010/08/25 06:28:07 | 000,000,031 | ---- | C] () -- F:\WINDOWS\System32\wocsodsini.dll
[2010/08/25 06:27:47 | 000,000,530 | ---- | C] () -- F:\WINDOWS\System32\tx14_ic.ini
[2010/08/25 06:09:41 | 001,774,720 | ---- | C] () -- F:\WINDOWS\System32\BootMan.exe
[2010/08/25 06:09:41 | 000,086,408 | ---- | C] () -- F:\WINDOWS\System32\setupempdrv03.exe
[2010/08/25 06:09:41 | 000,014,848 | ---- | C] () -- F:\WINDOWS\System32\EuEpmGdi.dll
[2010/08/25 06:09:41 | 000,013,192 | ---- | C] () -- F:\WINDOWS\System32\epmntdrv.sys
[2010/08/25 06:09:41 | 000,008,456 | ---- | C] () -- F:\WINDOWS\System32\EuGdiDrv.sys
[2010/07/23 22:17:42 | 000,000,132 | -H-- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\lakerda1967.sys
[2010/07/23 22:13:46 | 000,010,584 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\docXConverter (3).ini
[2010/06/28 06:32:59 | 000,000,025 | ---- | C] () -- F:\WINDOWS\cdplayer.ini
[2010/06/18 01:14:54 | 000,024,575 | ---- | C] () -- F:\WINDOWS\System32\Mpwinapppiobas69.dat
[2010/06/17 14:07:29 | 000,112,156 | ---- | C] () -- F:\WINDOWS\System32\winobj92.dat
[2010/06/15 07:29:22 | 000,000,552 | ---- | C] () -- F:\WINDOWS\System32\d3d8caps.dat

========== LOP Check ==========

[2012/02/07 15:55:16 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Alwil Software
[2012/06/09 11:49:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2011/04/24 06:04:30 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Aoiiytw
[2012/06/09 11:39:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/04/29 14:11:01 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/05/13 10:42:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Babylon
[2012/05/16 23:46:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/03/21 21:14:26 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Application Data\Common Files
[2012/02/04 11:25:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Deskshare
[2011/06/05 02:07:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\eJ01803LaHpI01803
[2012/03/12 05:40:39 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\FaceOffMax
[2010/09/15 08:44:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\FileCure
[2012/06/03 08:33:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\firebird
[2010/06/02 07:03:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\IM
[2010/10/14 15:40:45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Laconic Software
[2012/02/07 12:44:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/09/05 21:30:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Masters ITC
[2012/01/15 18:06:32 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Mirolit
[2012/06/09 23:23:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Panda Security
[2012/01/26 12:06:59 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\PC1Data
[2011/08/30 00:01:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\RPSP
[2010/09/03 12:31:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ScreenVCR
[2010/07/23 20:43:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/06/08 23:21:32 | 000,000,000 | -HSD | M] -- F:\Documents and Settings\All Users\Application Data\System Restore
[2010/08/12 23:55:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2011/10/05 16:14:18 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\WeCareReminder
[2010/08/20 20:33:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\WinZip
[2011/08/06 13:59:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ZentimoService
[2011/12/29 12:47:48 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\.purple
[2010/06/02 20:42:44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Arkadium
[2012/03/21 21:15:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\AVG Secure Search
[2012/02/07 12:44:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Avnex
[2012/05/13 10:42:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Babylon
[2012/05/18 10:39:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\BabylonToolbar
[2011/05/10 13:53:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\BANDISOFT
[2011/08/29 03:15:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Business Logic
[2010/06/01 04:51:58 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive
[2012/05/07 13:39:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Chrysanth
[2012/06/11 12:54:17 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Dropbox
[2012/02/07 12:48:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\DzSoft
[2012/03/12 05:40:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\FaceOffMax
[2012/03/27 07:20:31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\FireShot
[2012/05/16 23:46:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\FreeBurner
[2011/10/10 16:23:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Garbage Finder
[2010/07/23 20:57:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Genie-Soft
[2010/09/14 13:42:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\iLike
[2010/08/11 09:11:23 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\ImageBadger
[2012/06/09 07:49:30 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\IObit
[2011/02/14 22:16:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\IrfanView
[2011/09/05 04:23:13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Listary
[2012/03/02 23:35:11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\mresreg
[2011/10/05 16:14:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\OpenCandy
[2012/06/09 23:25:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Panda Security
[2012/04/21 11:56:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\PC Cleaners
[2012/04/19 17:53:50 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\PCPro
[2011/06/05 02:08:16 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Sammsoft
[2012/05/18 10:39:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\searchquband
[2012/05/18 10:39:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\searchqutoolbar
[2012/06/10 03:02:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\SoftGrid Client
[2010/12/09 14:44:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Software Informer
[2011/12/03 01:17:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Start Menu 7
[2010/05/27 22:18:51 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Template
[2010/08/04 17:00:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\TP
[2011/11/20 04:18:44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Trillian
[2011/10/10 13:58:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\TweakNow PowerPack 2011
[2011/10/15 02:45:06 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\TweakNow WinSecret 2011
[2012/02/14 04:49:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\USBSafelyRemove
[2012/02/02 04:56:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\USBSRService
[2012/05/01 22:34:49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\uTorrent
[2011/09/18 00:21:47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\visualsearchpony.com
[2012/04/02 14:11:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\XnView
[2011/09/07 17:20:53 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Zentimo
[2010/07/23 20:56:07 | 000,000,000 | ---D | M] -- F:\Documents and Settings\LocalService\Application Data\Genie-Soft
[2012/02/02 04:56:05 | 000,000,000 | ---D | M] -- F:\Documents and Settings\LocalService\Application Data\USBSRService

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2012/04/24 15:03:38 | 015,869,112 | ---- | M] (Mozilla) -- F:\9.0_FirefoxSetup.exe

< MD5 for: EXPLORER.EXE >
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- F:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- F:\WINDOWS\explorer.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- F:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 03:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- F:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/02/06 04:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- F:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- F:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- F:\WINDOWS\ServicePackFiles\i386\services.exe
[2009/02/06 03:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- F:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- F:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- F:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- F:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- F:\WINDOWS\system32\services.exe
[2004/08/04 03:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- F:\WINDOWS\$NtUninstallKB956572_0$\services.exe

< MD5 for: SVCHOST.EXE >
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- F:\WINDOWS\ERDNT\cache\svchost.exe
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- F:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- F:\WINDOWS\system32\svchost.exe
[2004/08/04 03:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- F:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2012/01/13 15:53:20 | 000,182,856 | ---- | M] () Unable to obtain MD5 -- F:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 03:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- F:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- F:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- F:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- F:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 03:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- F:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- F:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- F:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- F:\WINDOWS\system32\winlogon.exe
[2012/01/13 15:53:20 | 000,182,856 | ---- | M] () Unable to obtain MD5 -- F:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< End of report >

*********************************************************************************************************************************************

Farbar Service Scanner Version: 09-06-2012
Ran by Bubbles2000 (administrator) on 12-06-2012 at 17:06:56
Running from "F:\Documents and Settings\Bubbles2000\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error: Yahoo IP is unreachable
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
F:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
F:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
F:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
F:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
F:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
F:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
F:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
F:\WINDOWS\system32\netman.dll => MD5 is legit
F:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
F:\WINDOWS\system32\srsvc.dll => MD5 is legit
F:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
F:\WINDOWS\system32\wscsvc.dll => MD5 is legit
F:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
F:\WINDOWS\system32\wuauserv.dll => MD5 is legit
F:\WINDOWS\system32\qmgr.dll => MD5 is legit
F:\WINDOWS\system32\es.dll => MD5 is legit
F:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
F:\WINDOWS\system32\svchost.exe => MD5 is legit
F:\WINDOWS\system32\rpcss.dll => MD5 is legit
F:\WINDOWS\system32\services.exe => MD5 is legit


**** End of log ****

Hope this helps without the Extras.txt file

Again thank you...ed

Edited by edhalfdead, 12 June 2012 - 07:55 PM.

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm the registry data and files for the net appear OK

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    SRV - File not found [On_Demand | Stopped] -- -- (Ql12nses)
    IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-re...q={searchTerms}
    IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001d097dc74a
    IE - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-re...q={searchTerms}
    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
    FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
    FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.6.1.01
    FF - prefs.js..extensions.enabledItems: f[email protected]:1.2.0
    [2012/05/16 23:46:33 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
    [2012/05/13 10:42:49 | 000,000,000 | ---D | M] (Babylon) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
    O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - F:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
    O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - F:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
    O3 - HKLM\..\Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKU\S-1-5-21-1177238915-1647877149-725345543-1004\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
    O4 - HKLM..\Run: [DATAMNGR] F:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
    O4 - HKLM..\Run: [Odsspo] F:\Program Files\Nwmao\Rlkkhgs.exe ()
    O4 - HKLM..\Run: [Wondershare Helper Compact.exe] F:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe File not found
    [2012/05/16 23:46:28 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\searchqutoolbar
    [2011/04/24 06:04:30 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Aoiiytw
    [2012/05/13 10:42:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Babylon
    [2011/06/05 02:07:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\eJ01803LaHpI01803
    [2011/10/05 16:14:18 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\WeCareReminder
    [2012/02/07 12:44:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Avnex
    [2012/05/13 10:42:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Babylon
    [2012/05/18 10:39:29 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\BabylonToolbar
    [2012/05/18 10:39:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\searchquband
    [2012/05/18 10:39:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\searchqutoolbar

    :Files
    ipconfig /flushdns /c
    F:\Program Files\Nwmao
    F:\Program Files\Searchqu Toolbar
    F:\Program Files\BabylonToolbar

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#5
edhalfdead

edhalfdead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
Hi Essexboy, After running the OTL fix & ComboFix the search program is now working. Firefox & IE still can not access the internet.

Here are the reports you requested:

All processes killed
========== OTL ==========
Service Ql12nses stopped successfully!
Service Ql12nses deleted successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ not found.
Registry key HKEY_USERS\S-1-5-21-1177238915-1647877149-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1177238915-1647877149-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
Prefs.js: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0 removed from extensions.enabledItems
Prefs.js: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.6.1.01 removed from extensions.enabledItems
Prefs.js: [email protected]:1.2.0 removed from extensions.enabledItems
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.WebTV\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.WebTV\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.WebTV\skin\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.WebTV\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.WebTV\js folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.WebTV\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.WebTV\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.WebTV folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.VirtualEarth\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.VirtualEarth\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.VirtualEarth\skin\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.VirtualEarth\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.VirtualEarth\js folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.VirtualEarth\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.VirtualEarth\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.VirtualEarth folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.ToyCars\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.ToyCars\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.ToyCars\skin\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.ToyCars\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.ToyCars folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.TheFreeDictionary\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.TheFreeDictionary\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.TheFreeDictionary\skin\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.TheFreeDictionary\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.TheFreeDictionary folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.SkeetShooting\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.SkeetShooting\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.SkeetShooting\skin\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.SkeetShooting\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.SkeetShooting folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.ScrabbleShortcut folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MahJongConnect\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MahJongConnect\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MahJongConnect\skin\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MahJongConnect\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.MahJongConnect folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.JumpMyLove\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.JumpMyLove\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.JumpMyLove\skin\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.JumpMyLove\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.JumpMyLove folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.HotmailShortcut folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.GoogleMap folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.CompareWeatherTime\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.CompareWeatherTime\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.CompareWeatherTime\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.CompareWeatherTime folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Calculator\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Calculator\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Calculator\skin\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Calculator\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Calculator\js folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Calculator\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Calculator\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Calculator folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Bejeweled2deluxe folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Ballons\skin\scripts folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Ballons\skin\images folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Ballons\skin\css folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Ballons\skin folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Ballons folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]\defaults\preferences folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]\defaults folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]\content\imgs\flgs folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]\content\imgs folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]\content folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]\components folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected] folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
F:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
File F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1177238915-1647877149-725345543-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-1177238915-1647877149-725345543-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Odsspo deleted successfully.
F:\Program Files\Nwmao\Rlkkhgs.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe deleted successfully.
F:\Documents and Settings\Bubbles2000\Application Data\searchqutoolbar folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Guest\20111230 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Guest folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120614 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120613 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120612 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120611 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120610 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120609 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120608 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120607 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120606 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120605 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120604 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120603 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120602 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120601 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120531 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120530 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120529 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120528 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120527 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120526 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120525 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120524 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120523 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120522 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120521 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120520 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120519 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120518 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120517 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120516 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120515 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120514 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000\20120513 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm\Bubbles2000 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw\Piuutrm folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Aoiiytw folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Babylon folder moved successfully.
Folder F:\Documents and Settings\All Users\Application Data\eJ01803LaHpI01803\ not found.
F:\Documents and Settings\All Users\Application Data\WeCareReminder folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Avnex\VCS7 folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Avnex folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\Babylon folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\BabylonToolbar\BabylonToolbar folder moved successfully.
F:\Documents and Settings\Bubbles2000\Application Data\searchquband folder moved successfully.
Folder F:\Documents and Settings\Bubbles2000\Application Data\searchqutoolbar\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
F:\Documents and Settings\Bubbles2000\Desktop\cmd.bat deleted successfully.
F:\Documents and Settings\Bubbles2000\Desktop\cmd.txt deleted successfully.
F:\Program Files\Nwmao folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\components folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome\content folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\chrome folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\ToolBar folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\FirefoxExtension\content folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\FirefoxExtension\components folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr\FirefoxExtension folder moved successfully.
F:\Program Files\Searchqu Toolbar\Datamngr folder moved successfully.
F:\Program Files\Searchqu Toolbar folder moved successfully.
F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh folder moved successfully.
F:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17 folder moved successfully.
F:\Program Files\BabylonToolbar\BabylonToolbar folder moved successfully.
F:\Program Files\BabylonToolbar folder moved successfully.
========== COMMANDS ==========
F:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Bubbles2000
->Temp folder emptied: 558876269 bytes
->Temporary Internet Files folder emptied: 2744670 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 217976342 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 5464 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 295392 bytes
->Temporary Internet Files folder emptied: 33103 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 47940847 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1923461 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 70105256 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3601980155 bytes

Total Files Cleaned = 4,293.00 mb

System Restore Service not available.

OTL by OldTimer - Version 3.2.48.0 log created on 06142012_205735

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

********************************************************************************************************************************************

ComboFix 12-06-13.05 - Bubbles2000 06/15/2012 1:54.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1468 [GMT -7:00]
Running from: f:\documents and settings\Bubbles2000\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-05-15 to 2012-06-15 )))))))))))))))))))))))))))))))
.
.
2012-06-15 03:53 . 2012-06-15 03:53 40776 ----a-w- f:\windows\system32\drivers\mbamswissarmy.sys
2012-06-10 06:25 . 2012-06-10 06:25 -------- dc----w- f:\documents and settings\Bubbles2000\Application Data\Panda Security
2012-06-10 06:23 . 2012-06-10 06:23 -------- dc----w- f:\documents and settings\All Users\Application Data\Panda Security
2012-06-10 06:23 . 2012-06-10 06:23 -------- d-----w- f:\program files\Panda Security
2012-06-09 18:40 . 2012-03-06 23:04 112984 ----a-w- f:\windows\system32\drivers\aswFW.sys
2012-06-09 18:40 . 2012-03-07 00:02 24408 ----a-w- f:\windows\system32\drivers\aswKbd.sys
2012-06-09 18:40 . 2012-03-06 23:03 196440 ----a-w- f:\windows\system32\drivers\aswNdis2.sys
2012-06-09 18:39 . 2012-03-06 22:44 12112 ----a-w- f:\windows\system32\drivers\aswNdis.sys
2012-06-09 18:39 . 2012-06-09 18:39 -------- dc----w- f:\documents and settings\All Users\Application Data\AVAST Software
2012-06-09 15:01 . 2012-06-09 15:01 -------- d-----w- f:\windows\system32\wbem\Repository
2012-06-09 14:57 . 2012-06-09 14:57 -------- d-----w- f:\program files\Dropbox
2012-06-07 11:17 . 2012-06-07 11:17 -------- d-----w- f:\windows\system32\GroupPolicy
2012-06-07 11:16 . 2012-06-09 14:49 -------- dc----w- f:\windows\$968930Uinstall_KB968930$
2012-06-07 11:10 . 2012-06-09 14:49 -------- dc----w- f:\documents and settings\Bubbles2000\Application Data\IObit
2012-06-07 11:10 . 2012-06-09 14:28 -------- d-----w- f:\program files\IObit
2012-06-02 04:38 . 2012-06-02 04:38 159744 ----a-w- f:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2012-06-02 04:38 . 2012-06-02 04:38 159744 ----a-w- f:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2012-06-02 04:38 . 2012-06-02 04:38 159744 ----a-w- f:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2012-06-02 04:38 . 2012-06-02 04:38 159744 ----a-w- f:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2012-06-02 04:38 . 2012-06-02 04:38 159744 ----a-w- f:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2012-06-02 04:38 . 2012-06-02 04:38 -------- d-----w- f:\program files\QuickTime
2012-06-02 04:37 . 2012-06-02 04:37 -------- dc----w- f:\documents and settings\All Users\Application Data\Apple Computer
2012-05-23 05:43 . 2012-05-23 05:43 -------- d-----w- f:\program files\Mozilla Maintenance Service
2012-05-21 18:28 . 2012-05-21 18:28 -------- d-----w- f:\program files\Wondershare
2012-05-19 03:22 . 2012-05-19 03:22 -------- d-sh--w- f:\documents and settings\NetworkService\IETldCache
2012-05-17 06:46 . 2011-09-28 16:20 200704 ----a-w- f:\windows\system32\vbalExpBar6.ocx
2012-05-17 06:45 . 2011-09-28 16:20 15360 ----a-w- f:\windows\system32\inetfr.DLL
2012-05-17 06:45 . 2011-09-28 16:20 115920 ----a-w- f:\windows\system32\msinet.OCX
2012-05-17 06:45 . 2011-09-28 16:20 40960 ----a-w- f:\windows\system32\SSubTmr6.dll
2012-05-17 06:45 . 2011-09-28 16:20 119568 ----a-w- f:\windows\system32\VB6FR.DLL
2012-05-17 06:45 . 2011-09-28 16:20 141312 ----a-w- f:\windows\system32\MSCMCFR.DLL
2012-05-17 06:45 . 2011-09-28 16:20 484352 ----a-w- f:\windows\system32\lame_enc.dll
2012-05-17 06:45 . 2011-09-28 16:20 32768 ----a-w- f:\windows\system32\CMDLGFR.DLL
2012-05-17 06:45 . 2012-05-17 06:46 -------- d-----w- f:\program files\Free Easy CD DVD Burner
2012-05-17 06:45 . 2012-05-17 06:46 -------- dc----w- f:\documents and settings\Bubbles2000\Application Data\FreeBurner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-31 13:22 . 2004-08-04 10:00 599040 ----a-w- f:\windows\system32\crypt32.dll
2012-05-11 13:05 . 2011-11-22 15:42 419488 ----a-w- f:\windows\system32\FlashPlayerApp.exe
2012-05-11 13:05 . 2011-11-14 15:18 70304 ----a-w- f:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-07 20:30 . 2011-10-03 06:31 230808 ----a-r- f:\windows\system32\cpnprt2.cid
2012-05-05 01:55 . 2012-05-03 00:56 11824088 ----a-w- f:\program files\xul.dll
2012-05-05 01:55 . 2012-05-03 00:56 246744 ----a-w- f:\program files\updater.exe
2012-05-05 01:55 . 2012-05-03 00:56 19416 ----a-w- f:\program files\xpcom.dll
2012-05-05 01:55 . 2012-05-03 00:56 142296 ----a-w- f:\program files\ssl3.dll
2012-05-05 01:55 . 2012-05-03 00:56 505816 ----a-w- f:\program files\sqlite3.dll
2012-05-05 01:55 . 2012-05-03 00:56 166872 ----a-w- f:\program files\softokn3.dll
2012-05-05 01:55 . 2012-05-03 00:56 105432 ----a-w- f:\program files\smime3.dll
2012-05-05 01:55 . 2012-05-03 00:56 21976 ----a-w- f:\program files\plc4.dll
2012-05-05 01:55 . 2012-05-03 00:56 19416 ----a-w- f:\program files\plds4.dll
2012-05-05 01:55 . 2012-05-03 00:56 16856 ----a-w- f:\program files\plugin-container.exe
2012-05-05 01:55 . 2012-05-03 00:56 89048 ----a-w- f:\program files\nssutil3.dll
2012-05-05 01:55 . 2012-05-03 00:56 371672 ----a-w- f:\program files\nssckbi.dll
2012-05-05 01:55 . 2012-05-03 00:56 105432 ----a-w- f:\program files\nssdbm3.dll
2012-05-05 01:55 . 2012-05-03 00:56 646104 ----a-w- f:\program files\nss3.dll
2012-05-05 01:55 . 2012-05-03 00:56 203736 ----a-w- f:\program files\nspr4.dll
2012-05-05 01:55 . 2012-05-03 00:56 719832 ----a-w- f:\program files\mozcrt19.dll
2012-05-05 01:55 . 2012-05-03 00:56 719832 ----a-w- f:\program files\mozcpp19.dll
2012-05-05 01:55 . 2012-05-03 00:56 912344 ----a-w- f:\program files\firefox.exe
2012-05-05 01:55 . 2012-05-03 00:56 269272 ----a-w- f:\program files\freebl3.dll
2012-05-05 01:55 . 2012-05-03 00:56 1014744 ----a-w- f:\program files\js3250.dll
2012-05-05 01:55 . 2012-05-03 00:56 107480 ----a-w- f:\program files\crashreporter.exe
2012-05-05 01:55 . 2012-05-03 00:56 19416 ----a-w- f:\program files\AccessibleMarshal.dll
2012-04-24 22:03 . 2012-04-24 22:02 15869112 -c--a-w- F:\9.0_FirefoxSetup.exe
2012-04-19 03:56 . 2012-04-19 03:56 94208 ----a-w- f:\windows\system32\QuickTimeVR.qtx
2012-04-19 03:56 . 2012-04-19 03:56 69632 ----a-w- f:\windows\system32\QuickTime.qts
2012-04-11 13:14 . 2005-03-30 01:21 2148352 ----a-w- f:\windows\system32\ntoskrnl.exe
2012-04-11 13:12 . 2004-08-04 10:00 1862272 ----a-w- f:\windows\system32\win32k.sys
2012-04-11 12:35 . 2005-03-30 01:01 2026496 ----a-w- f:\windows\system32\ntkrnlpa.exe
2011-10-26 00:07 . 2011-11-01 01:16 15854592 ----a-w- f:\program files\Setup.msi
2011-06-03 04:13 . 2011-11-27 06:18 2062304 -c--a-w- f:\program files\installspeedfan443.exe
2012-04-21 01:19 . 2012-05-23 05:43 97208 ----a-w- f:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( [email protected]_09.31.07 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-12 08:02 . 2009-07-12 08:02 51008 f:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 51008 f:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 59728 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 59728 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 42832 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 42832 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 43344 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 43344 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 61264 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 61264 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 62800 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 62800 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 61760 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 61760 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 61776 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 61776 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 53568 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 53568 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 63296 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 63296 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 36688 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 36688 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 35648 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 35648 f:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-12 08:05 . 2009-07-12 08:05 59904 f:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-12 07:05 . 2009-07-12 07:05 59904 f:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
- 2009-07-12 08:05 . 2009-07-12 08:05 59904 f:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2009-07-12 07:05 . 2009-07-12 07:05 59904 f:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2005-09-23 08:35 . 2005-09-23 08:35 65536 f:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 49152 f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 49152 f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 61440 f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 61440 f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 61440 f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 57344 f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 65536 f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 45056 f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2005-09-23 07:58 . 2005-09-23 07:58 40960 f:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
+ 2005-09-23 08:16 . 2005-09-23 08:16 57344 f:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2005-09-23 08:16 . 2005-09-23 08:16 69632 f:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2005-09-23 06:49 . 2005-09-23 06:49 95744 f:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
+ 2012-06-15 04:02 . 2012-06-15 04:02 16384 f:\windows\Temp\Perflib_Perfdata_5b4.dat
+ 2011-01-07 22:39 . 2010-03-18 16:15 51024 f:\windows\system32\vcomp100.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 51024 f:\windows\system32\vcomp100.dll
+ 2004-08-04 10:00 . 2012-06-07 11:54 80082 f:\windows\system32\perfc009.dat
- 2004-08-04 10:00 . 2012-03-11 12:24 80082 f:\windows\system32\perfc009.dat
- 2006-03-04 03:33 . 2011-11-04 19:20 66560 f:\windows\system32\mshtmled.dll
+ 2006-03-04 03:33 . 2012-03-01 11:01 66560 f:\windows\system32\mshtmled.dll
- 2009-03-08 11:31 . 2011-11-04 19:20 55296 f:\windows\system32\msfeedsbs.dll
+ 2009-03-08 11:31 . 2012-03-01 11:01 55296 f:\windows\system32\msfeedsbs.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 80720 f:\windows\system32\mfcm100u.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 80720 f:\windows\system32\mfcm100u.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 80208 f:\windows\system32\mfcm100.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 80208 f:\windows\system32\mfcm100.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 60752 f:\windows\system32\mfc100rus.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 60752 f:\windows\system32\mfc100rus.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 43344 f:\windows\system32\mfc100kor.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 43344 f:\windows\system32\mfc100kor.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 43856 f:\windows\system32\mfc100jpn.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 43856 f:\windows\system32\mfc100jpn.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 62288 f:\windows\system32\mfc100ita.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 62288 f:\windows\system32\mfc100ita.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 64336 f:\windows\system32\mfc100fra.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 64336 f:\windows\system32\mfc100fra.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 63824 f:\windows\system32\mfc100esn.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 63824 f:\windows\system32\mfc100esn.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 55120 f:\windows\system32\mfc100enu.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 55120 f:\windows\system32\mfc100enu.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 64336 f:\windows\system32\mfc100deu.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 64336 f:\windows\system32\mfc100deu.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 36176 f:\windows\system32\mfc100cht.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 36176 f:\windows\system32\mfc100cht.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 36176 f:\windows\system32\mfc100chs.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 36176 f:\windows\system32\mfc100chs.dll
- 2004-08-04 10:00 . 2011-11-04 19:20 43520 f:\windows\system32\licmgr10.dll
+ 2004-08-04 10:00 . 2012-03-01 11:01 43520 f:\windows\system32\licmgr10.dll
- 2004-08-04 10:00 . 2011-11-04 19:20 25600 f:\windows\system32\jsproxy.dll
+ 2004-08-04 10:00 . 2012-03-01 11:01 25600 f:\windows\system32\jsproxy.dll
+ 2009-12-03 05:23 . 2011-10-01 15:30 18280 f:\windows\system32\drivers\Sftvolxp.sys
- 2009-12-03 05:23 . 2010-09-14 12:46 18280 f:\windows\system32\drivers\Sftvolxp.sys
- 2009-12-03 05:23 . 2010-09-14 12:46 20584 f:\windows\system32\drivers\Sftredirxp.sys
+ 2009-12-03 05:23 . 2011-10-01 15:30 20584 f:\windows\system32\drivers\Sftredirxp.sys
+ 2011-04-28 19:57 . 2011-04-28 19:57 97096 f:\windows\system32\drivers\PSINFile.sys
+ 2010-05-29 13:33 . 2012-03-01 11:01 12800 f:\windows\system32\dllcache\xpshims.dll
- 2010-05-29 13:33 . 2011-11-04 19:20 12800 f:\windows\system32\dllcache\xpshims.dll
- 2006-03-04 03:33 . 2011-11-04 19:20 66560 f:\windows\system32\dllcache\mshtmled.dll
+ 2006-03-04 03:33 . 2012-03-01 11:01 66560 f:\windows\system32\dllcache\mshtmled.dll
- 2010-05-29 13:33 . 2011-11-04 19:20 55296 f:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-05-29 13:33 . 2012-03-01 11:01 55296 f:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-04 10:00 . 2012-03-01 11:01 43520 f:\windows\system32\dllcache\licmgr10.dll
- 2004-08-04 10:00 . 2011-11-04 19:20 43520 f:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-04 10:00 . 2012-03-01 11:01 25600 f:\windows\system32\dllcache\jsproxy.dll
- 2004-08-04 10:00 . 2011-11-04 19:20 25600 f:\windows\system32\dllcache\jsproxy.dll
- 2010-05-27 10:38 . 2012-04-29 21:10 32768 f:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2010-05-27 10:38 . 2012-06-09 18:44 32768 f:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-05-27 10:38 . 2012-04-29 21:10 16384 f:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-06-09 18:45 . 2012-06-09 18:44 16384 f:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2011-12-15 20:08 . 2011-12-15 20:08 57616 f:\windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
- 2010-03-18 21:16 . 2010-03-18 21:16 44368 f:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
+ 2011-05-17 16:27 . 2010-03-18 21:16 44368 f:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 87408 f:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 87408 f:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 93024 f:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 93024 f:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 35688 f:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 35688 f:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 17784 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 17784 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 58240 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 58240 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 44920 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 44920 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 37240 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 37240 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 64352 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 64352 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 51032 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 51032 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 50552 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 50552 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 81784 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 81784 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 81800 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 81800 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 39784 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 39784 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 68952 f:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 68952 f:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 12128 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 12128 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 97680 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 97680 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 17240 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 17240 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 78168 f:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 78168 f:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 81248 f:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 81248 f:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-05-13 17:43 . 2012-05-13 17:43 29696 f:\windows\Installer\bc77dab.msi
- 2011-09-14 10:01 . 2011-09-14 10:01 89952 f:\windows\Installer\{90140000-006D-0409-0000-0000000FF1CE}\cvhicon.exe
+ 2012-05-11 10:13 . 2012-05-11 10:13 89952 f:\windows\Installer\{90140000-006D-0409-0000-0000000FF1CE}\cvhicon.exe
+ 2012-05-11 10:32 . 2011-11-04 19:20 12800 f:\windows\ie8updates\KB2675157-IE8\xpshims.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 66560 f:\windows\ie8updates\KB2675157-IE8\mshtmled.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 55296 f:\windows\ie8updates\KB2675157-IE8\msfeedsbs.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 43520 f:\windows\ie8updates\KB2675157-IE8\licmgr10.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 25600 f:\windows\ie8updates\KB2675157-IE8\jsproxy.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 96768 f:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\05787d96761cf20b76b927ace10ef1d3\UIAutomationProvider.ni.dll
+ 2012-05-11 10:41 . 2012-05-11 10:41 35328 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\b9b7098a0488ac87026a0cadd2d7d972\System.Windows.Presentation.ni.dll
+ 2012-05-11 10:41 . 2012-05-11 10:41 71680 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\e5cf7be6b9deee73d674f2bc43752fed\System.Web.ApplicationServices.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 82432 f:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\39c6c5375d1763165dd8c1623bd10668\System.ServiceModel.Channels.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 78848 f:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\59be5fb54e018032511415f0b0523ee3\System.AddIn.Contract.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 11776 f:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\46f273930666397a8cb538ffe9190eef\Microsoft.VisualC.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 44544 f:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
+ 2012-05-11 10:34 . 2012-05-11 10:34 47616 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\b4bef189a1e9b2387155f5183330c324\WindowsLiveWriter.ni.exe
+ 2012-05-11 10:35 . 2012-05-11 10:35 99840 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6475787e887a7470d3ad7b93100f7045\WindowsLive.Writer.Api.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 60928 f:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 37888 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 36864 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\eb6fa156a42fd4d0c2ab54dfbba71381\System.Web.DynamicData.Design.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 94208 f:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 82944 f:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll
+ 2012-05-11 10:26 . 2012-05-11 10:26 47104 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe
+ 2012-05-11 10:26 . 2012-05-11 10:26 39424 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 55296 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 15872 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f00a18225430e7531135589688d650a1\Microsoft.VisualC.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 65024 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 74752 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 14336 f:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe
+ 2012-05-11 10:34 . 2012-05-11 10:34 25600 f:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 77824 f:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 77824 f:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 81920 f:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 81920 f:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 81920 f:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 81920 f:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 32768 f:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 32768 f:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 12800 f:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 12800 f:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 28672 f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 28672 f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 77824 f:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 77824 f:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 36864 f:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 36864 f:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 77824 f:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 77824 f:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 13312 f:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 13312 f:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 10752 f:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 10752 f:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 72192 f:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 72192 f:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 69120 f:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 69120 f:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-05-11 10:14 . 2010-07-05 13:15 26488 f:\windows\$hf_mig$\KB2695962\update\spcustom.dll
+ 2012-05-11 10:14 . 2010-07-05 13:15 17272 f:\windows\$hf_mig$\KB2695962\spmsg.dll
+ 2012-05-11 10:14 . 2010-07-05 13:15 26488 f:\windows\$hf_mig$\KB2686509\update\spcustom.dll
+ 2012-05-11 10:14 . 2010-07-05 13:15 17272 f:\windows\$hf_mig$\KB2686509\spmsg.dll
+ 2012-05-11 10:01 . 2010-07-05 13:15 26488 f:\windows\$hf_mig$\KB2676562\update\spcustom.dll
+ 2012-05-09 16:41 . 2012-04-11 13:53 16896 f:\windows\$hf_mig$\KB2676562\update\mpsyschk.dll
+ 2012-05-11 10:01 . 2010-07-05 13:15 17272 f:\windows\$hf_mig$\KB2676562\spmsg.dll
+ 2012-05-11 10:32 . 2010-07-05 13:15 26488 f:\windows\$hf_mig$\KB2675157-IE8\update\spcustom.dll
+ 2012-05-11 10:32 . 2010-07-05 13:15 17272 f:\windows\$hf_mig$\KB2675157-IE8\spmsg.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 12800 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\xpshims.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 66560 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtmled.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 55296 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeedsbs.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 43520 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\licmgr10.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 25600 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\jsproxy.dll
+ 2012-05-11 10:00 . 2010-07-05 13:15 26488 f:\windows\$hf_mig$\KB2661637\update\spcustom.dll
+ 2012-05-11 10:00 . 2010-07-05 13:15 17272 f:\windows\$hf_mig$\KB2661637\spmsg.dll
+ 2012-05-11 10:03 . 2010-07-05 13:15 26488 f:\windows\$hf_mig$\KB2653956\update\spcustom.dll
+ 2012-05-11 10:03 . 2010-07-05 13:15 17272 f:\windows\$hf_mig$\KB2653956\spmsg.dll
+ 2012-05-11 10:12 . 2010-07-05 13:15 26488 f:\windows\$hf_mig$\KB2621440\update\spcustom.dll
+ 2012-05-11 10:12 . 2010-07-05 13:15 17272 f:\windows\$hf_mig$\KB2621440\spmsg.dll
+ 2012-05-11 10:30 . 2010-07-05 13:15 26488 f:\windows\$hf_mig$\KB2585542\update\spcustom.dll
+ 2012-05-11 10:30 . 2010-07-05 13:15 17272 f:\windows\$hf_mig$\KB2585542\spmsg.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 8192 f:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 8192 f:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-05-09 16:40 . 2012-01-11 19:06 3072 f:\windows\system32\iacenc.dll
+ 2012-05-09 16:40 . 2012-01-11 19:06 3072 f:\windows\system32\dllcache\iacenc.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 9728 f:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\fd866b4158c3bd2a26c875f2896c5573\dfsvc.ni.exe
- 2012-01-11 11:07 . 2012-01-11 11:07 7168 f:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 7168 f:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 5632 f:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 5632 f:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 6656 f:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 6656 f:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-05-09 16:40 . 2012-04-19 11:26 8192 f:\windows\$hf_mig$\KB2686509\update\kblChecker.dll
+ 2012-05-09 16:40 . 2012-01-11 19:05 3072 f:\windows\$hf_mig$\KB2661637\SP3QFE\iacenc.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 109568 f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 109568 f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 246128 f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 246128 f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 113664 f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 113664 f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 258048 f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 258048 f:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 653120 f:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 653120 f:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 569664 f:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 569664 f:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-12 07:05 . 2009-07-12 07:05 225280 f:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-12 08:05 . 2009-07-12 08:05 225280 f:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 159032 f:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 159032 f:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2012-04-06 06:13 . 2012-04-06 06:13 299080 f:\windows\system32\XPSViewer\XPSViewer.exe
- 2004-08-04 10:00 . 2009-12-24 06:59 177664 f:\windows\system32\wintrust.dll
+ 2004-08-04 10:00 . 2012-02-29 14:10 177664 f:\windows\system32\wintrust.dll
- 2006-03-04 03:33 . 2011-11-04 19:20 916992 f:\windows\system32\wininet.dll
+ 2006-03-04 03:33 . 2012-03-01 11:01 916992 f:\windows\system32\wininet.dll
+ 2004-08-04 10:00 . 2011-11-16 14:21 354816 f:\windows\system32\winhttp.dll
- 2004-08-04 10:00 . 2009-08-25 09:17 354816 f:\windows\system32\winhttp.dll
- 2004-08-04 10:00 . 2011-11-04 19:20 105984 f:\windows\system32\url.dll
+ 2004-08-04 10:00 . 2012-03-01 11:01 105984 f:\windows\system32\url.dll
+ 2004-08-04 10:00 . 2011-11-16 14:21 152064 f:\windows\system32\schannel.dll
- 2004-08-04 10:00 . 2012-03-11 12:24 484030 f:\windows\system32\perfh009.dat
+ 2004-08-04 10:00 . 2012-06-07 11:54 484030 f:\windows\system32\perfh009.dat
+ 2004-08-04 10:00 . 2012-03-01 11:01 206848 f:\windows\system32\occache.dll
- 2004-08-04 10:00 . 2011-11-04 19:20 206848 f:\windows\system32\occache.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 770384 f:\windows\system32\msvcr100.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 770384 f:\windows\system32\msvcr100.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 421200 f:\windows\system32\msvcp100.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 421200 f:\windows\system32\msvcp100.dll
- 2006-03-04 03:33 . 2011-11-04 19:20 611840 f:\windows\system32\mstime.dll
+ 2006-03-04 03:33 . 2012-03-01 11:01 611840 f:\windows\system32\mstime.dll
- 2009-03-08 11:32 . 2011-11-04 19:20 602112 f:\windows\system32\msfeeds.dll
+ 2009-03-08 11:32 . 2012-03-01 11:01 602112 f:\windows\system32\msfeeds.dll
+ 2012-05-11 12:41 . 2012-05-11 12:41 351904 f:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe
+ 2012-05-11 13:05 . 2012-05-11 13:05 351904 f:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
+ 2012-05-11 13:05 . 2012-05-11 13:05 424096 f:\windows\system32\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.dll
+ 2011-11-22 15:42 . 2012-05-11 13:05 257696 f:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2004-08-04 10:00 . 2012-02-29 14:10 148480 f:\windows\system32\imagehlp.dll
- 2006-03-04 03:33 . 2011-11-04 19:20 184320 f:\windows\system32\iepeers.dll
+ 2006-03-04 03:33 . 2012-03-01 11:01 184320 f:\windows\system32\iepeers.dll
- 2004-08-04 10:00 . 2011-11-04 19:20 387584 f:\windows\system32\iedkcs32.dll
+ 2004-08-04 10:00 . 2012-03-01 11:01 387584 f:\windows\system32\iedkcs32.dll
+ 2004-08-04 10:00 . 2012-02-29 12:17 174080 f:\windows\system32\ie4uinit.exe
- 2004-08-04 10:00 . 2011-11-04 11:24 174080 f:\windows\system32\ie4uinit.exe
- 2010-05-27 01:40 . 2012-02-26 02:38 157160 f:\windows\system32\FNTCACHE.DAT
+ 2010-05-27 01:40 . 2012-05-11 10:50 157160 f:\windows\system32\FNTCACHE.DAT
+ 2009-12-03 05:23 . 2011-10-01 15:30 209512 f:\windows\system32\drivers\Sftplayxp.sys
+ 2009-12-03 05:23 . 2011-10-01 15:30 584680 f:\windows\system32\drivers\Sftfsxp.sys
+ 2010-05-27 10:32 . 2012-01-09 16:20 139784 f:\windows\system32\drivers\rdpwd.sys
+ 2011-12-01 01:37 . 2011-12-01 01:37 112648 f:\windows\system32\drivers\PSINProt.sys
+ 2011-04-28 19:57 . 2011-04-28 19:57 111688 f:\windows\system32\drivers\PSINProc.sys
+ 2011-11-23 16:59 . 2011-11-23 16:59 130312 f:\windows\system32\drivers\PSINKNC.sys
+ 2012-01-05 20:10 . 2012-01-05 20:10 144008 f:\windows\system32\drivers\PSINAflt.sys
- 2009-12-24 06:59 . 2009-12-24 06:59 177664 f:\windows\system32\dllcache\wintrust.dll
+ 2009-12-24 06:59 . 2012-02-29 14:10 177664 f:\windows\system32\dllcache\wintrust.dll
- 2006-03-04 03:33 . 2011-11-04 19:20 916992 f:\windows\system32\dllcache\wininet.dll
+ 2006-03-04 03:33 . 2012-03-01 11:01 916992 f:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:30 . 2011-11-16 14:21 354816 f:\windows\system32\dllcache\winhttp.dll
- 2008-12-16 12:30 . 2009-08-25 09:17 354816 f:\windows\system32\dllcache\winhttp.dll
- 2004-08-04 10:00 . 2011-11-04 19:20 105984 f:\windows\system32\dllcache\url.dll
+ 2004-08-04 10:00 . 2012-03-01 11:01 105984 f:\windows\system32\dllcache\url.dll
+ 2008-12-05 06:54 . 2011-11-16 14:21 152064 f:\windows\system32\dllcache\schannel.dll
+ 2011-08-10 08:34 . 2012-01-09 16:20 139784 f:\windows\system32\dllcache\rdpwd.sys
- 2004-08-04 10:00 . 2011-11-04 19:20 206848 f:\windows\system32\dllcache\occache.dll
+ 2004-08-04 10:00 . 2012-03-01 11:01 206848 f:\windows\system32\dllcache\occache.dll
- 2006-03-04 03:33 . 2011-11-04 19:20 611840 f:\windows\system32\dllcache\mstime.dll
+ 2006-03-04 03:33 . 2012-03-01 11:01 611840 f:\windows\system32\dllcache\mstime.dll
- 2010-05-29 13:33 . 2011-11-04 19:20 602112 f:\windows\system32\dllcache\msfeeds.dll
+ 2010-05-29 13:33 . 2012-03-01 11:01 602112 f:\windows\system32\dllcache\msfeeds.dll
+ 2012-02-29 14:10 . 2012-02-29 14:10 148480 f:\windows\system32\dllcache\imagehlp.dll
+ 2010-05-29 13:33 . 2012-03-01 11:01 247808 f:\windows\system32\dllcache\ieproxy.dll
- 2010-05-29 13:33 . 2011-11-04 19:20 247808 f:\windows\system32\dllcache\ieproxy.dll
- 2006-03-04 03:33 . 2011-11-04 19:20 184320 f:\windows\system32\dllcache\iepeers.dll
+ 2006-03-04 03:33 . 2012-03-01 11:01 184320 f:\windows\system32\dllcache\iepeers.dll
- 2010-06-11 04:59 . 2011-11-04 19:20 743424 f:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-11 04:59 . 2012-03-01 11:01 743424 f:\windows\system32\dllcache\iedvtool.dll
- 2004-08-04 10:00 . 2011-11-04 19:20 387584 f:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-04 10:00 . 2012-03-01 11:01 387584 f:\windows\system32\dllcache\iedkcs32.dll
- 2004-08-04 10:00 . 2011-11-04 11:24 174080 f:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-04 10:00 . 2012-02-29 12:17 174080 f:\windows\system32\dllcache\ie4uinit.exe
- 2011-09-03 10:17 . 2011-09-28 07:06 599040 f:\windows\system32\dllcache\crypt32.dll
+ 2011-09-03 10:17 . 2012-05-31 13:22 599040 f:\windows\system32\dllcache\crypt32.dll
+ 2004-08-04 10:00 . 2011-09-28 07:06 599040 f:\windows\system32\crypt32(3).dll
+ 2012-06-09 15:07 . 2012-06-09 18:42 262144 f:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
- 2012-05-02 04:21 . 2012-05-02 04:22 262144 f:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
+ 2011-01-07 22:39 . 2010-03-18 16:15 138056 f:\windows\system32\atl100.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 138056 f:\windows\system32\atl100.dll
+ 2012-01-19 20:08 . 2012-01-19 20:08 917272 f:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 182056 f:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2011-04-06 23:48 . 2010-03-18 21:16 231760 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
- 2010-03-18 21:16 . 2010-03-18 21:16 231760 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
+ 2012-01-22 00:40 . 2010-03-18 21:16 607064 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
- 2010-03-18 21:16 . 2010-03-18 21:16 607064 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 156440 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 518400 f:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2011-05-17 16:27 . 2010-03-18 21:16 413008 f:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
- 2010-03-18 21:16 . 2010-03-18 21:16 413008 f:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 957200 f:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 386824 f:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2012-04-06 06:52 . 2012-04-06 06:52 131168 f:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2012-01-31 10:38 . 2008-07-25 18:17 626688 f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2008-07-25 18:17 . 2008-07-25 18:17 626688 f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 389888 f:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 364816 f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 989968 f:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 350592 f:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 350592 f:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 163168 f:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 163168 f:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 138592 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 138592 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 699224 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 699224 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 857960 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 857960 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 675672 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 675672 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 113512 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 113512 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 129912 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 129912 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 390008 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 390008 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 505208 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 505208 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 261472 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 261472 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 122264 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 122264 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 291184 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 291184 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 349568 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 349568 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 231760 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 231760 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 253280 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 253280 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 378720 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 378720 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 134528 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 134528 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 123736 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 123736 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 392552 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 392552 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 125816 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 125816 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 120152 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 120152 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 607064 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 607064 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 395120 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 395120 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 182144 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 182144 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 285072 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 285072 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 829280 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 829280 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 747360 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 747360 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 436600 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 436600 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 683872 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 683872 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 409448 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 409448 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 210816 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 210816 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 156440 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 122248 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 122248 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 525704 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 525704 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 112976 f:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 112976 f:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 581464 f:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 581464 f:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 832856 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 832856 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 194424 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 194424 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 478576 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 478576 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 167288 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 167288 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 232304 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 232304 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 661352 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 661352 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 349576 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 349576 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 387960 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 387960 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 746336 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 746336 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 505184 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 505184 f:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 269672 f:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 269672 f:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 334688 f:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 334688 f:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 170368 f:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 170368 f:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-02-03 06:56 . 2012-02-03 06:56 963584 f:\windows\Installer\a7a141b.msp
+ 2011-12-22 23:50 . 2011-12-22 23:50 256000 f:\windows\Installer\a6c95ba.msp
+ 2012-05-21 18:28 . 2012-05-21 18:28 213504 f:\windows\Installer\109963d7.msi
+ 2012-06-10 06:24 . 2012-06-10 06:24 339968 f:\windows\Installer\{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe
+ 2010-03-18 21:16 . 2010-03-18 21:16 915800 f:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\wpftxt_x86.dll
+ 2010-03-18 21:16 . 2010-03-18 21:16 181096 f:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationHostDLL_X86.dll
+ 2010-02-28 09:33 . 2010-02-28 09:33 379808 f:\windows\Installer\$PatchCache$\Managed\00004109D60090400000000000F01FEC\14.0.4763\CVHBS.EXE
+ 2012-05-11 10:32 . 2011-11-04 19:20 916992 f:\windows\ie8updates\KB2675157-IE8\wininet.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 105984 f:\windows\ie8updates\KB2675157-IE8\url.dll
+ 2012-05-11 10:32 . 2010-07-05 13:16 382840 f:\windows\ie8updates\KB2675157-IE8\spuninst\updspapi.dll
+ 2012-05-11 10:32 . 2010-07-05 13:15 231288 f:\windows\ie8updates\KB2675157-IE8\spuninst\spuninst.exe
+ 2012-05-11 10:32 . 2011-11-04 19:20 206848 f:\windows\ie8updates\KB2675157-IE8\occache.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 611840 f:\windows\ie8updates\KB2675157-IE8\mstime.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 602112 f:\windows\ie8updates\KB2675157-IE8\msfeeds.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 247808 f:\windows\ie8updates\KB2675157-IE8\ieproxy.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 184320 f:\windows\ie8updates\KB2675157-IE8\iepeers.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 743424 f:\windows\ie8updates\KB2675157-IE8\iedvtool.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 387584 f:\windows\ie8updates\KB2675157-IE8\iedkcs32.dll
+ 2012-05-11 10:32 . 2011-11-04 11:24 174080 f:\windows\ie8updates\KB2675157-IE8\ie4uinit.exe
+ 2012-05-11 10:41 . 2012-05-11 10:41 253952 f:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\669ecbe438ec01025f4f2d02a8efaf4b\WindowsFormsIntegration.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 196096 f:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll
+ 2012-05-11 10:41 . 2012-05-11 10:41 484352 f:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\9b0ac8d84952a581adf18051bb60bea1\UIAutomationClient.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 391680 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f44e12702dadeae606b8eaca609b1336\System.Xml.Linq.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 188928 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\59fb92c38f1035e7b11a23fc6e82c992\System.Windows.Input.Manipulations.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 646656 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\ce2aa3a5e89c326055ac8e2a309232f7\System.Transactions.ni.dll
+ 2012-05-11 10:41 . 2012-05-11 10:41 221696 f:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\dbc4c0be36767456143cefecc1ce2809\System.ServiceProcess.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 365056 f:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\284141392cdba7fa4b2a4668125329a9\System.ServiceModel.Routing.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 729088 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\efe46aa882d9ac31f7fbbdc004fc99d5\System.Security.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 311296 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6a37764b2df9b3f9c7775701027ef779\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 762368 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0f9d7198d2c0a3953fb59b1aca0d35f7\System.Runtime.Remoting.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 145408 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 652800 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\b0a7e53e8aaaca2d2ae065e85f959ff4\System.Net.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 626176 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\7439cb7f06f37d03095d9cffca7b0f96\System.Messaging.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 395264 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\d7cba8bd14e7352bc6b1f7cd35b7fd43\System.Management.Instrumentation.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 413696 f:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\100d056c9dc360ec5a25ff227a14840b\System.IO.Log.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 229376 f:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\5e38634854f36e1aff7500a351830427\System.IdentityModel.Selectors.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 236032 f:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\26ee061618887d629a9f7072970ffb85\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 786944 f:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\26ee061618887d629a9f7072970ffb85\System.EnterpriseServices.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 377344 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\1203e60a51fe0f726fbeaf0456f938a5\System.Dynamic.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 468992 f:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\c75c07a581ad459c8474cd83aa7dabf4\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 913920 f:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\80373cd811bf63ae93af1733a6c7e1c5\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 112640 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\6fbe438983c9ca94c80d64225ad2e5ce\System.Device.ni.dll
+ 2012-05-11 10:39 . 2012-05-11 10:39 134656 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\950c346ef6261ecc93ced8d995914a1d\System.Data.DataSetExtensions.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 980480 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0c8e950df17a0abec10888e8ad966cbe\System.Configuration.ni.dll
+ 2012-05-11 10:39 . 2012-05-11 10:39 148480 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\5f1677711612f8920a01bd480b5d163f\System.Configuration.Install.ni.dll
+ 2012-05-11 10:09 . 2012-05-11 10:09 690176 f:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\f7099031cfac8ec61b948bb09b07b1a1\System.ComponentModel.Composition.ni.dll
+ 2012-05-11 10:39 . 2012-05-11 10:39 194048 f:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\bcbd0e714127d69a895ef80afa5dfd78\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 624128 f:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\41d68b79da934255ca82b466b93d7938\System.AddIn.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 404992 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\2d00f7297e070e69c1cb44b25503b1c3\System.Activities.DurableInstancing.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 317952 f:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\0ae347a9076db27075e06a63f2123186\SMSvcHost.ni.exe
+ 2012-05-11 10:38 . 2012-05-11 10:38 142848 f:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\9115e9f656b00fc4e46da91537ef1358\SMDiagnostics.ni.dll
+ 2012-05-11 10:19 . 2012-05-11 10:19 595968 f:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\ee6e30c355ec2ffab1525b42253f7aef\PresentationFramework.Aero.ni.dll
+ 2012-05-11 10:19 . 2012-05-11 10:19 387072 f:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c0f724e8231a71eb4d062d4f5233ff7f\PresentationFramework.Royale.ni.dll
+ 2012-05-11 10:19 . 2012-05-11 10:19 309760 f:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\45d2307fb0898a18dec5a04ff9f8b85c\PresentationFramework.Classic.ni.dll
+ 2012-05-11 10:19 . 2012-05-11 10:19 755712 f:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\190e1740c9b998105a47ec31df0b6f11\PresentationFramework.Luna.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 219136 f:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\ea57a9f307db016dfb0d242822ced91b\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 418816 f:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\10d7bd563bd71306375c6887ddd9de46\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 194048 f:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll
+ 2012-05-11 10:33 . 2012-05-11 10:33 321536 f:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe
+ 2012-05-11 10:35 . 2012-05-11 10:35 626688 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\5f2020cf5440414ec12fc3c3314632e6\WindowsLiveLocal.WriterPlugin.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 322048 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\fa00c51ecd55a8fb2c3ae74c6bc09fdc\WindowsLive.Writer.SpellChecker.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 174080 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e6e167a1ff76df85eb1bede1bb193632\WindowsLive.Writer.BrowserControl.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 594944 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e1db4a79aad2c240f55fc0eb3d8d7e8d\WindowsLive.Writer.HtmlEditor.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 108544 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e15819685bc708ce9b3f3259ad2f91c7\WindowsLive.Writer.Passport.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 319488 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e0425c9c9cffe143fb35ce71d8b51dd5\WindowsLive.Writer.Interop.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 152064 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\baacfa565b2f46f4501cd89b067a8a47\WindowsLive.Writer.HtmlParser.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 334848 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\ab181ae110294c0c572059dea0a4332c\WindowsLive.Writer.Interop.Mshtml.ni.dll
+ 2012-05-11 10:34 . 2012-05-11 10:34 843776 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\97e0414c2757fe37de51bb6420da4492\WindowsLive.Writer.Controls.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 851968 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\96168943a2ad2dcb32d471e18bd90b6f\WindowsLive.Writer.BlogClient.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 428032 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8260615e812c0904b925149588e5dec2\WindowsLive.Writer.Localization.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 258048 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7730b4b3015cd6b752bc3e3b892aea8d\WindowsLive.Writer.Mshtml.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 119296 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\7522f7b861bac35116495384044ee383\WindowsLive.Writer.FileDestinations.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 117760 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\678f35b523dbb63a4f247c1ffdf359cd\WindowsLive.Writer.Instrumentation.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 313856 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\29e8f27943707613416f76a0357c8f41\WindowsLive.Writer.Interop.SHDocVw.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 118784 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\283276d87c326b4d5f3c6c7713eaed58\WindowsLive.Writer.Extensibility.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 145920 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\d8f3b594d25e68da89d509271e37689f\WindowsLive.Client.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 240128 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\abc560ee41afeada750e6aa7afc534bb\WindowsFormsIntegration.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 187904 f:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 447488 f:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 400896 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 129536 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\504140c434a3a9ea1f5bf58a6e28af2b\System.Web.Routing.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 202240 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 859648 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\47f6d0737e0ed0540854243fa0481149\System.Web.Extensions.Design.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 328704 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\d7ecdccf5ef761e19845370d94a82c29\System.Web.Entity.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 301056 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\dc8a4dc6d7c6b5aae7592f10bf91a8c6\System.Web.Entity.Design.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 547328 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ba570e80e06bb6fd24f9c33baf0e97cb\System.Web.DynamicData.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 141312 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\92abde1a4b72a1d74056d3561cb7c546\System.Web.Abstractions.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 627200 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 212992 f:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\dff877744c0f7f8752eb356f27edfa59\System.ServiceProcess.ni.dll
+ 2012-05-11 10:34 . 2012-05-11 10:34 679936 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll
+ 2012-05-11 10:34 . 2012-05-11 10:34 311296 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 771584 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 621056 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 998400 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 330752 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll
+ 2012-05-11 10:32 . 2012-05-11 10:32 381440 f:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll
+ 2012-05-11 10:34 . 2012-05-11 10:34 212992 f:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cd9c60a35d4958e94d2e3dd2f778e2e9\System.IdentityModel.Selectors.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 280064 f:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.Wrapper.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 627712 f:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 208384 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\21c7b80233c24b9726c04b23083e3087\System.Drawing.Design.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 455680 f:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ca484772955bc4db03b5dcb611c09423\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 881152 f:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ba5e68dddfd3279a8469d39eded48f3\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 354816 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a0109fce606a3110a5e7f9a4773f517e\System.Data.Services.Design.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 939008 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3a68d0441f509ffa6f8f0fb9cfcc5780\System.Data.Services.Client.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 756736 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04440b3dd5d822da4973a525ee04b05d\System.Data.Entity.Design.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 135680 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\7bbb5d9e3b161b4d4b968e590442d3ae\System.Data.DataSetExtensions.ni.dll
+ 2012-05-11 10:34 . 2012-05-11 10:34 971264 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 141312 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\bf7d6af03e1230ccad546a8659245ae9\System.Configuration.Install.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 634368 f:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\931a2bece4668863db4f852401c828cf\System.AddIn.ni.dll
+ 2012-05-11 10:33 . 2012-05-11 10:33 366080 f:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6762f1ee780fa9c0b4ef66b285c64844\SMSvcHost.ni.exe
+ 2012-05-11 10:33 . 2012-05-11 10:33 256000 f:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll
+ 2012-05-11 10:33 . 2012-05-11 10:33 320512 f:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\47ed5bc9f42ea0054ce9acfde5e640b8\ServiceModelReg.ni.exe
+ 2012-05-11 10:27 . 2012-05-11 10:27 258048 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a4706b850df9a3483f2fc439b6abe616\PresentationFramework.Royale.ni.dll
+ 2012-05-11 10:27 . 2012-05-11 10:27 539648 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll
+ 2012-05-11 10:27 . 2012-05-11 10:27 224768 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7416fe825e6e49a87fa8ff60c8971813\PresentationFramework.Classic.ni.dll
+ 2012-05-11 10:27 . 2012-05-11 10:27 368128 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 133632 f:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5a121969a115d11b6256eb960c145686\MSBuild.ni.exe
+ 2012-05-11 10:33 . 2012-05-11 10:33 386560 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\97c613d3899b320a6765793bdf490272\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 175104 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\dec22fb7d6b8929a41380e5359741a07\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 144384 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\1009b31c86a1b798fffa9e0127cec29c\Microsoft.Build.Utilities.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 839680 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\21d88631ef629715d3eecdd08e62e0b8\Microsoft.Build.Engine.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 222720 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a0f38c6478cca8297fb160291346c1c9\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-11 10:34 . 2012-05-11 10:34 220672 f:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll
+ 2012-05-11 10:33 . 2012-05-11 10:33 410112 f:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\9869c02d18825fdd32e64135a3e7246b\ComSvcConfig.ni.exe
+ 2012-05-11 10:34 . 2012-05-11 10:34 842240 f:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\cfc981788ef6ce161946ca948dad3522\AspNetMMCExt.ni.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 839680 f:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 839680 f:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 835584 f:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 835584 f:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 114688 f:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 114688 f:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 258048 f:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 258048 f:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 131072 f:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 131072 f:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 303104 f:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 303104 f:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 258048 f:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 258048 f:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 372736 f:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 372736 f:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 626688 f:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 626688 f:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 401408 f:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 401408 f:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 188416 f:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 188416 f:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 970752 f:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 970752 f:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 745472 f:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 745472 f:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 425984 f:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 425984 f:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-05-11 10:30 . 2012-05-11 10:30 163840 f:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2010-06-17 10:04 . 2010-06-17 10:04 163840 f:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 110592 f:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 110592 f:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-05-11 10:11 . 2012-05-11 10:11 532480 f:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 659456 f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 659456 f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 372736 f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 372736 f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 110592 f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 110592 f:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 749568 f:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 749568 f:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 655360 f:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 655360 f:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 348160 f:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 348160 f:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 507904 f:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 507904 f:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 261632 f:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 261632 f:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-05-11 10:11 . 2012-05-11 10:11 368640 f:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2010-06-17 10:03 . 2010-06-17 10:03 368640 f:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 486400 f:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 486400 f:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-05-11 10:14 . 2010-07-05 13:16 382840 f:\windows\$NtUninstallKB2695962$\spuninst\updspapi.dll
+ 2012-05-11 10:14 . 2010-07-05 13:15 231288 f:\windows\$NtUninstallKB2695962$\spuninst\spuninst.exe
+ 2012-05-11 10:14 . 2010-07-05 13:16 382840 f:\windows\$NtUninstallKB2686509$\spuninst\updspapi.dll
+ 2012-05-11 10:14 . 2010-07-05 13:15 231288 f:\windows\$NtUninstallKB2686509$\spuninst\spuninst.exe
+ 2012-05-11 10:01 . 2010-07-05 13:16 382840 f:\windows\$NtUninstallKB2676562$\spuninst\updspapi.dll
+ 2012-05-11 10:01 . 2010-07-05 13:15 231288 f:\windows\$NtUninstallKB2676562$\spuninst\spuninst.exe
+ 2012-05-11 10:00 . 2010-07-05 13:16 382840 f:\windows\$NtUninstallKB2661637$\spuninst\updspapi.dll
+ 2012-05-11 10:00 . 2010-07-05 13:15 231288 f:\windows\$NtUninstallKB2661637$\spuninst\spuninst.exe
+ 2012-05-11 10:31 . 2010-07-05 13:16 382840 f:\windows\$NtUninstallKB2659262$\spuninst\updspapi.dll
+ 2012-05-11 10:31 . 2010-07-05 13:15 231288 f:\windows\$NtUninstallKB2659262$\spuninst\spuninst.exe
+ 2012-05-11 10:03 . 2009-12-24 06:59 177664 f:\windows\$NtUninstallKB2653956$\wintrust.dll
+ 2012-05-11 10:03 . 2010-07-05 13:16 382840 f:\windows\$NtUninstallKB2653956$\spuninst\updspapi.dll
+ 2012-05-11 10:03 . 2010-07-05 13:15 231288 f:\windows\$NtUninstallKB2653956$\spuninst\spuninst.exe
+ 2012-05-11 10:03 . 2008-04-14 00:11 144384 f:\windows\$NtUninstallKB2653956$\imagehlp.dll
+ 2012-05-11 10:12 . 2010-07-05 13:16 382840 f:\windows\$NtUninstallKB2621440$\spuninst\updspapi.dll
+ 2012-05-11 10:12 . 2010-07-05 13:15 231288 f:\windows\$NtUninstallKB2621440$\spuninst\spuninst.exe
+ 2012-05-11 10:12 . 2011-06-24 14:10 139656 f:\windows\$NtUninstallKB2621440$\rdpwd.sys
+ 2012-05-11 10:30 . 2009-08-25 09:17 354816 f:\windows\$NtUninstallKB2585542$\winhttp.dll
+ 2012-05-11 10:30 . 2010-07-05 13:16 382840 f:\windows\$NtUninstallKB2585542$\spuninst\updspapi.dll
+ 2012-05-11 10:30 . 2010-07-05 13:15 231288 f:\windows\$NtUninstallKB2585542$\spuninst\spuninst.exe
+ 2012-05-11 10:30 . 2011-04-29 17:25 151552 f:\windows\$NtUninstallKB2585542$\schannel.dll
+ 2012-05-11 10:14 . 2010-07-05 13:16 382840 f:\windows\$hf_mig$\KB2695962\update\updspapi.dll
+ 2012-05-11 10:14 . 2010-07-05 13:15 755576 f:\windows\$hf_mig$\KB2695962\update\update.exe
+ 2012-05-11 10:14 . 2010-07-05 13:15 231288 f:\windows\$hf_mig$\KB2695962\spuninst.exe
+ 2012-05-11 10:14 . 2010-07-05 13:16 382840 f:\windows\$hf_mig$\KB2686509\update\updspapi.dll
+ 2012-05-11 10:14 . 2010-07-05 13:15 755576 f:\windows\$hf_mig$\KB2686509\update\update.exe
+ 2012-05-11 10:14 . 2010-07-05 13:15 231288 f:\windows\$hf_mig$\KB2686509\spuninst.exe
+ 2012-05-11 10:01 . 2010-07-05 13:16 382840 f:\windows\$hf_mig$\KB2676562\update\updspapi.dll
+ 2012-05-11 10:01 . 2010-07-05 13:15 755576 f:\windows\$hf_mig$\KB2676562\update\update.exe
+ 2012-05-11 10:01 . 2010-07-05 13:15 231288 f:\windows\$hf_mig$\KB2676562\spuninst.exe
+ 2012-05-11 10:32 . 2010-07-05 13:16 382840 f:\windows\$hf_mig$\KB2675157-IE8\update\updspapi.dll
+ 2012-05-11 10:32 . 2010-07-05 13:15 755576 f:\windows\$hf_mig$\KB2675157-IE8\update\update.exe
+ 2012-05-11 10:32 . 2010-07-05 13:15 231288 f:\windows\$hf_mig$\KB2675157-IE8\spuninst.exe
+ 2012-05-09 16:40 . 2012-03-01 10:58 919552 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 105984 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\url.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 206848 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\occache.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 611840 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mstime.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 602112 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\msfeeds.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 247808 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieproxy.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 184320 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iepeers.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 743424 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedvtool.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 387584 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iedkcs32.dll
+ 2012-05-09 16:40 . 2012-02-29 12:30 174080 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ie4uinit.exe
+ 2012-05-11 10:00 . 2010-07-05 13:16 382840 f:\windows\$hf_mig$\KB2661637\update\updspapi.dll
+ 2012-05-11 10:00 . 2010-07-05 13:15 755576 f:\windows\$hf_mig$\KB2661637\update\update.exe
+ 2012-05-11 10:00 . 2010-07-05 13:15 231288 f:\windows\$hf_mig$\KB2661637\spuninst.exe
+ 2012-05-11 10:03 . 2010-07-05 13:16 382840 f:\windows\$hf_mig$\KB2653956\update\updspapi.dll
+ 2012-05-11 10:03 . 2010-07-05 13:15 755576 f:\windows\$hf_mig$\KB2653956\update\update.exe
+ 2012-05-11 10:03 . 2010-07-05 13:15 231288 f:\windows\$hf_mig$\KB2653956\spuninst.exe
+ 2012-02-29 14:08 . 2012-02-29 14:08 178176 f:\windows\$hf_mig$\KB2653956\SP3QFE\wintrust.dll
+ 2012-02-29 14:08 . 2012-02-29 14:08 148480 f:\windows\$hf_mig$\KB2653956\SP3QFE\imagehlp.dll
+ 2012-05-11 10:12 . 2010-07-05 13:16 382840 f:\windows\$hf_mig$\KB2621440\update\updspapi.dll
+ 2012-05-11 10:12 . 2010-07-05 13:15 755576 f:\windows\$hf_mig$\KB2621440\update\update.exe
+ 2012-05-11 10:12 . 2010-07-05 13:15 231288 f:\windows\$hf_mig$\KB2621440\spuninst.exe
+ 2012-05-09 14:37 . 2012-01-09 16:19 139784 f:\windows\$hf_mig$\KB2621440\SP3QFE\rdpwd.sys
+ 2012-05-11 10:30 . 2010-07-05 13:16 382840 f:\windows\$hf_mig$\KB2585542\update\updspapi.dll
+ 2012-05-11 10:30 . 2010-07-05 13:15 755576 f:\windows\$hf_mig$\KB2585542\update\update.exe
+ 2012-05-11 10:30 . 2010-07-05 13:15 231288 f:\windows\$hf_mig$\KB2585542\spuninst.exe
+ 2011-11-16 14:20 . 2011-11-16 14:20 354816 f:\windows\$hf_mig$\KB2585542\SP3QFE\winhttp.dll
+ 2011-11-16 14:20 . 2011-11-16 14:20 152064 f:\windows\$hf_mig$\KB2585542\SP3QFE\schannel.dll
+ 2012-05-09 16:40 . 2012-02-09 15:43 1748992 f:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 3780424 f:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 3780424 f:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
- 2009-07-12 08:02 . 2009-07-12 08:02 3765048 f:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2009-07-12 07:02 . 2009-07-12 07:02 3765048 f:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2005-09-23 08:16 . 2005-09-23 08:16 1079808 f:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80u.dll
+ 2005-09-23 08:16 . 2005-09-23 08:16 1093632 f:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfc80.dll
+ 2006-03-18 11:09 . 2012-03-01 11:01 1212416 f:\windows\system32\urlmon.dll
- 2006-03-18 11:09 . 2011-11-04 19:20 1212416 f:\windows\system32\urlmon.dll
+ 2011-10-01 15:30 . 2011-10-01 15:30 1075560 f:\windows\system32\sftldr.dll
+ 2006-03-23 17:32 . 2012-03-01 11:01 5978624 f:\windows\system32\mshtml.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 4368720 f:\windows\system32\mfc100u.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 4368720 f:\windows\system32\mfc100u.dll
+ 2011-01-07 22:39 . 2010-03-18 16:15 4342088 f:\windows\system32\mfc100.dll
- 2010-03-18 16:15 . 2010-03-18 16:15 4342088 f:\windows\system32\mfc100.dll
+ 2012-05-11 12:41 . 2012-05-11 12:41 8797856 f:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
+ 2009-03-08 11:32 . 2012-03-01 11:01 2000384 f:\windows\system32\iertutil.dll
- 2009-03-08 11:32 . 2011-11-04 19:20 2000384 f:\windows\system32\iertutil.dll
+ 2009-08-14 13:21 . 2012-04-11 13:12 1862272 f:\windows\system32\dllcache\win32k.sys
+ 2006-03-18 11:09 . 2012-03-01 11:01 1212416 f:\windows\system32\dllcache\urlmon.dll
- 2006-03-18 11:09 . 2011-11-04 19:20 1212416 f:\windows\system32\dllcache\urlmon.dll
+ 2010-05-28 12:21 . 2012-04-11 13:10 2192640 f:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-05-28 12:21 . 2012-04-11 12:35 2026496 f:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-08 02:02 . 2012-04-11 12:35 2069120 f:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-05-28 12:21 . 2012-04-11 13:14 2148352 f:\windows\system32\dllcache\ntkrnlmp.exe
+ 2006-03-23 17:32 . 2012-03-01 11:01 5978624 f:\windows\system32\dllcache\mshtml.dll
+ 2010-05-29 13:33 . 2012-03-01 11:01 2000384 f:\windows\system32\dllcache\iertutil.dll
- 2010-05-29 13:33 . 2011-11-04 19:20 2000384 f:\windows\system32\dllcache\iertutil.dll
+ 2011-04-06 23:48 . 2010-03-18 21:16 1663320 f:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
- 2010-03-18 21:16 . 2010-03-18 21:16 1663320 f:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
+ 2012-01-19 20:08 . 2012-01-19 20:08 1369872 f:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2012-01-19 20:08 . 2012-01-19 20:08 6429992 f:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2012-01-19 20:08 . 2012-01-19 20:08 3790112 f:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2011-04-06 23:48 . 2010-03-18 21:16 2199880 f:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
- 2010-03-18 21:16 . 2010-03-18 21:16 2199880 f:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
+ 2011-04-06 23:48 . 2010-03-18 21:16 2207568 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
- 2010-03-18 21:16 . 2010-03-18 21:16 2207568 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 5029160 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
- 2010-03-18 21:16 . 2010-03-18 21:16 6067048 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll
+ 2011-04-06 23:48 . 2010-03-18 21:16 6067048 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 3512072 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
- 2010-03-18 21:16 . 2010-03-18 21:16 2970968 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll
+ 2011-05-17 16:27 . 2010-03-18 21:16 2970968 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll
- 2010-03-18 21:16 . 2010-03-18 21:16 1339736 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll
+ 2011-04-06 23:48 . 2010-03-18 21:16 1339736 f:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 5201168 f:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 1143568 f:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2011-12-15 20:08 . 2011-12-15 20:08 6727424 f:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
- 2011-03-25 13:15 . 2011-03-25 13:15 5025792 f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5025792 f:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 3186688 f:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 5913360 f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-12-25 10:50 . 2011-12-25 10:50 4550656 f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2011-07-07 12:18 . 2011-07-07 12:18 4550656 f:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 1369872 f:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 3512072 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 2207568 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 2207568 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 5029160 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 1711496 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 1711496 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-05-11 10:17 . 2012-05-11 10:18 6067048 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 6067048 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 1026936 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 1026936 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 4464480 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 4464480 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 1339736 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 1339736 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 1199968 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 1199968 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 1462648 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 1462648 f:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 6429992 f:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 2970968 f:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-01-11 11:02 . 2012-01-11 11:02 2970968 f:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-11 10:18 . 2012-05-11 10:18 3790112 f:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 5201168 f:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-11 10:17 . 2012-05-11 10:17 2989456 f:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-01-11 11:03 . 2012-01-11 11:03 2989456 f:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-01-22 17:09 . 2012-01-22 17:09 1700352 f:\windows\Installer\a7a1411.msp
+ 2012-01-19 20:37 . 2012-01-19 20:37 8999936 f:\windows\Installer\a6c959f.msp
+ 2012-05-11 10:02 . 2012-05-11 10:02 1067008 f:\windows\Installer\a6c9544.msi
+ 2011-01-08 03:10 . 2011-01-08 03:10 3991040 f:\windows\Installer\a67c419.msp
+ 2012-06-10 06:24 . 2012-06-10 06:24 6111232 f:\windows\Installer\2810430.msi
+ 2012-06-02 04:39 . 2012-06-02 04:39 1530368 f:\windows\Installer\1df2264.msi
+ 2012-06-02 04:38 . 2012-06-02 04:38 9474048 f:\windows\Installer\1df2228.msi
+ 2011-10-31 05:54 . 2011-10-31 05:54 2748416 f:\windows\Installer\13ef01e0.msp
+ 2010-03-18 21:16 . 2010-03-18 21:16 1303896 f:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\WindowsBase_x86.dll
+ 2010-03-18 21:16 . 2010-03-18 21:16 6346600 f:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationFramework_x86.dll
+ 2010-03-18 21:16 . 2010-03-18 21:16 3545952 f:\windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\PresentationCore_x86.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 1212416 f:\windows\ie8updates\KB2675157-IE8\urlmon.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 5978112 f:\windows\ie8updates\KB2675157-IE8\mshtml.dll
+ 2012-05-11 10:32 . 2011-11-04 19:20 2000384 f:\windows\ie8updates\KB2675157-IE8\iertutil.dll
+ 2010-05-28 12:21 . 2012-04-11 13:10 2192640 f:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-05-28 12:21 . 2012-04-11 12:35 2026496 f:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-08 02:02 . 2012-04-11 12:35 2069120 f:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-05-28 12:21 . 2012-04-11 13:14 2148352 f:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2012-05-11 10:19 . 2012-05-11 10:19 3856896 f:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\240b6c536f0cf03121983212a89b706e\WindowsBase.ni.dll
+ 2012-05-11 10:41 . 2012-05-11 10:41 1063424 f:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\2cf35797a56eba020ed629b395ad2daa\UIAutomationClientsideProviders.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 9090560 f:\windows\assembly\NativeImages_v4.0.30319_32\System\6f399163bb35597da7141ccdb7f39d16\System.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 5618176 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\5ee8bf77e7b3e25cdbff6e1c299574fe\System.Xml.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 1781760 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\9b6f1bcb2cf4e6ad429cd721b942f30f\System.Xaml.ni.dll
+ 2012-05-11 10:41 . 2012-05-11 10:41 4545024 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\a761587533a3d34ffe936781c011d121\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-05-11 10:41 . 2012-05-11 10:41 1859584 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\1126dc2c152098ec23d4554405217184\System.Web.Services.ni.dll
+ 2012-05-11 10:41 . 2012-05-11 10:41 2010624 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\7ebd25fd0282e19eba65f4da70ab5a0b\System.Speech.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 1128960 f:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\28b09f14e54a06c091073b1d3e316fb6\System.ServiceModel.Discovery.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 1387520 f:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\18d8e3f9e290217ac0c48571557c5fc3\System.ServiceModel.Activities.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 2637312 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9bfda0add366eea12ea0402e60d01e84\System.Runtime.Serialization.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 1020928 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\a40c42510e312339018486b1d7076e0a\System.Runtime.DurableInstancing.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 1060864 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\64b34425b4dcabfdcc1a560841387a5b\System.Printing.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 1218560 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\1409dc3832b37f850569c69a795f834b\System.Management.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 1072128 f:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a90d8ca6c54f70507704d788fd0d3ded\System.IdentityModel.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 1653248 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\45796b0658535e8d2ff6f6ec1ab6a244\System.Drawing.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 1172992 f:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\8d978e3524c0bd870ce63db289c4de6d\System.DirectoryServices.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 1878016 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\022dd1fbd35bec6a1d61f1120df31778\System.Deployment.ni.dll
+ 2012-05-11 10:09 . 2012-05-11 10:09 6798336 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\9f5111b0b58258c3a4bbcfb8bf27374c\System.Data.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 2545152 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\6cdfd96214b74cdf4984ae8ee076f421\System.Data.SqlXml.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 1338880 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\65444428f83ba9e46053e46d2341655f\System.Data.Services.Client.ni.dll
+ 2012-05-11 10:09 . 2012-05-11 10:09 2512384 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\867ce3db3528f36121841762a19da61d\System.Data.Linq.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 7052800 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\14ba6251d6ec84c9579ed3d3e10b30c1\System.Core.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 4121088 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\95b5ece57120cb7363e69e5fbd4616b7\System.Activities.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 3755008 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\e74de2bf9a7c6dbebc4012f66f6a08c5\System.Activities.Presentation.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 1544192 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\f0c4476258c5336a3d950e588fbeb853\System.Activities.Core.Presentation.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 2904576 f:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\8bdcf13c2fe2c635cbe0ccf1fa7fefb4\ReachFramework.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 1640448 f:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\17baae0d0c513d32f90d541fddb2ba29\PresentationUI.ni.dll
+ 2012-05-11 10:38 . 2012-05-11 10:38 1136128 f:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\fbdb3b2a2c78597ea3e322bb707ba054\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 1172480 f:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\434583d8e633570da52da83faea4a758\Microsoft.VisualBasic.Activities.Compiler.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 1836544 f:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\34db6470c4cba5c27634346ccbf664fd\Microsoft.VisualBasic.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 1082368 f:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\50ca1cf4491136871b732062c412bad0\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 2452480 f:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\78e5704cfbbec26947e2e1ff07f647bf\Microsoft.JScript.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 1616384 f:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\9c3ba92c4fce8efd41b59a0243415408\Microsoft.CSharp.ni.dll
+ 2012-05-11 10:34 . 2012-05-11 10:34 6392832 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\e9273609a96a6a6a1ed26de0fe344ef4\WindowsLive.Writer.PostEditor.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 1105920 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\d3e4f47c3519fb32fc7741d8d293db10\WindowsLive.Writer.ApplicationFramework.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 2018816 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6a9ed939c717f8567ee3da92c3d68023\WindowsLive.Writer.CoreServices.ni.dll
+ 2012-05-11 10:26 . 2012-05-11 10:26 3325440 f:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 1049600 f:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\41a81b97625c113b591ed082c95276e2\UIAutomationClientsideProviders.ni.dll
+ 2012-05-11 10:26 . 2012-05-11 10:26 7953408 f:\windows\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 5450752 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 1356288 f:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\822f2304c46ad32739ae2927f213627f\System.WorkflowServices.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 1908224 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5eccf6fef6bee8a2f93bc65ff33699bb\System.Workflow.Runtime.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 4514304 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1878ea370cdc649a685e811219be42ec\System.Workflow.ComponentModel.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 2992640 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\25ae5836e811c299670c47a27186d083\System.Workflow.Activities.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 1840640 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3e11aea7d742b5eddbd0b6bd1012f7df\System.Web.Services.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 2209280 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0916c7584cb912508bb6b67f529ac92b\System.Web.Mobile.ni.dll
+ 2012-05-11 10:37 . 2012-05-11 10:37 2405888 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\68f1cf1c23e7eadb96645b0a79b892c9\System.Web.Extensions.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 1917440 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 1706496 f:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll
+ 2012-05-11 10:32 . 2012-05-11 10:32 2345472 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 1035776 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\b4ba7d411af865e32e65855b45ceafb5\System.Printing.ni.dll
+ 2012-05-11 10:32 . 2012-05-11 10:32 1070080 f:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e09496ddb2bf6f3b69707924f2e6b5ff\System.IdentityModel.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 1587200 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7765146be2fa459c20856ff822f90d1e\System.Drawing.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 1116672 f:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b55887436d2cfbe1fb32dd18d554185b\System.DirectoryServices.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 1801216 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\012a3f10a4a04e27c6cf8a07726f1f6c\System.Deployment.ni.dll
+ 2012-05-11 10:27 . 2012-05-11 10:27 6616576 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
+ 2012-05-11 10:34 . 2012-05-11 10:34 2510336 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\982b508698278c6ffb3d143bbe1e8bb8\System.Data.SqlXml.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 1328128 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de7666b1cd0a1bc363726c9553dc39c\System.Data.Services.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 1115136 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\7afb1abdbb8ba32cf578ff8ea4e45d99\System.Data.OracleClient.ni.dll
+ 2012-05-11 10:27 . 2012-05-11 10:27 2516480 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\44a5fc9e7c71b1fe1e2c79b03ecc3bc7\System.Data.Linq.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 9924096 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\ca63096c1ecf977f509e2a565f4bcdac\System.Data.Entity.ni.dll
+ 2012-05-11 10:27 . 2012-05-11 10:27 2295296 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll
+ 2012-05-11 10:27 . 2012-05-11 10:27 2146304 f:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\63bfa6f83e026ba10e717180807f03cf\ReachFramework.ni.dll
+ 2012-05-11 10:27 . 2012-05-11 10:27 1657856 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\efa4002ddfba6bd52845b512810938c1\PresentationUI.ni.dll
+ 2012-05-11 10:26 . 2012-05-11 10:26 1451008 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\4ff6600c1fd3415ef0b058cf28814cb6\PresentationBuildTasks.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 1712128 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f650597531a91974514f58d36bdebaea\Microsoft.VisualBasic.ni.dll
+ 2012-05-11 10:33 . 2012-05-11 10:33 1093120 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-11 10:36 . 2012-05-11 10:36 2332160 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 1966080 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\b055aa83b51064c970ce548b8a991651\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 1620992 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\04c77ede2757e3b4a695a3b8cfb4f546\Microsoft.Build.Tasks.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 1888768 f:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll
- 2010-06-24 10:02 . 2010-06-24 10:02 1249280 f:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-11 10:11 . 2012-05-11 10:11 1249280 f:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 3186688 f:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 2048000 f:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 2048000 f:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 5025792 f:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 5025792 f:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 5062656 f:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 5062656 f:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-05-11 10:11 . 2012-05-11 10:11 5283840 f:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-11 10:22 . 2012-05-11 10:22 5246976 f:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 5246976 f:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-05-11 10:23 . 2012-05-11 10:23 2933248 f:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-01-11 11:07 . 2012-01-11 11:07 2933248 f:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-05-11 10:11 . 2012-05-11 10:11 4214784 f:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-08-10 10:07 . 2012-05-11 10:23 4550656 f:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-08-10 10:07 . 2012-01-11 11:07 4550656 f:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-11 10:01 . 2011-11-23 13:25 1859584 f:\windows\$NtUninstallKB2676562$\win32k.sys
+ 2012-05-11 10:01 . 2011-10-25 13:37 2148864 f:\windows\$NtUninstallKB2676562$\ntoskrnl.exe
+ 2012-05-11 10:01 . 2011-10-25 12:52 2027008 f:\windows\$NtUninstallKB2676562$\ntkrpamp.exe
+ 2012-05-11 10:01 . 2011-10-25 12:52 2027008 f:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
+ 2012-05-11 10:01 . 2011-10-25 13:37 2148864 f:\windows\$NtUninstallKB2676562$\ntkrnlmp.exe
+ 2012-04-11 13:23 . 2012-04-11 13:23 1871360 f:\windows\$hf_mig$\KB2676562\SP3QFE\win32k.sys
+ 2012-04-11 13:22 . 2012-04-11 13:22 2192640 f:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
+ 2012-04-11 12:42 . 2012-04-11 12:42 2026496 f:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrpamp.exe
+ 2012-04-11 12:42 . 2012-04-11 12:42 2069120 f:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
+ 2012-04-11 13:26 . 2012-04-11 13:26 2148352 f:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlmp.exe
+ 2012-05-09 16:40 . 2012-03-01 10:58 1214464 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\urlmon.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 5980672 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 2001408 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\iertutil.dll
+ 2010-07-05 11:58 . 2012-06-09 15:03 14211900 f:\windows\system32\Restore\rstrlog.dat
+ 2010-05-29 13:31 . 2012-04-27 03:08 55656824 f:\windows\system32\MRT.exe
+ 2009-03-08 11:39 . 2012-03-02 13:01 11082752 f:\windows\system32\ieframe.dll
+ 2010-05-29 13:33 . 2012-03-02 13:01 11082752 f:\windows\system32\dllcache\ieframe.dll
+ 2011-11-22 06:07 . 2011-11-22 06:07 17191936 f:\windows\Installer\a7a1407.msp
+ 2012-04-06 09:12 . 2012-04-06 09:12 15709696 f:\windows\Installer\a6c95c5.msp
+ 2012-01-04 09:25 . 2012-01-04 09:25 17751552 f:\windows\Installer\a6c95af.msp
+ 2012-01-12 09:01 . 2012-01-12 09:01 21030912 f:\windows\Installer\a6c9592.msp
+ 2012-04-06 10:13 . 2012-04-06 10:13 16527872 f:\windows\Installer\a6c956a.msp
+ 2011-12-15 20:40 . 2011-12-15 20:40 23374336 f:\windows\Installer\a6c955b.msp
+ 2011-05-19 05:55 . 2011-05-19 05:55 19624448 f:\windows\Installer\a67c3ef.msp
+ 2012-05-11 10:32 . 2011-11-04 19:20 11081728 f:\windows\ie8updates\KB2675157-IE8\ieframe.dll
+ 2012-05-11 10:09 . 2012-05-11 10:09 13137920 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\a76b58bd61fc970c0f11e6fac0ffbeef\System.Windows.Forms.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 17996800 f:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\5be1370b1331393f73af710d0d71b02d\System.ServiceModel.ni.dll
+ 2012-05-11 10:40 . 2012-05-11 10:40 13324288 f:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\65d0d6f4cdbc47ecd5cce9e959827fe8\System.Data.Entity.ni.dll
+ 2012-05-11 10:19 . 2012-05-11 10:19 17998848 f:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a77f2f8a357d4f9bb6a706892cc063b1\PresentationFramework.ni.dll
+ 2012-05-11 10:19 . 2012-05-11 10:19 11451904 f:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\f14c55f6423e1223ca778db19e5e77af\PresentationCore.ni.dll
+ 2012-05-11 10:08 . 2012-05-11 10:08 14412800 f:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 12430848 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\32b169d0703541a18c987bd2dbf9fbd9\System.Windows.Forms.ni.dll
+ 2012-05-11 10:35 . 2012-05-11 10:35 11817472 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\408a14028cdc4c24dfb8f241da428142\System.Web.ni.dll
+ 2012-05-11 10:32 . 2012-05-11 10:32 17403904 f:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll
+ 2012-05-11 10:28 . 2012-05-11 10:28 10683392 f:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7dc928136c57efafae0845b7e8a83f45\System.Design.ni.dll
+ 2012-05-11 10:27 . 2012-05-11 10:27 14329856 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\b44d2b225cf6b7861e85b2e915db1f93\PresentationFramework.ni.dll
+ 2012-05-11 10:26 . 2012-05-11 10:26 12218368 f:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f4f33d28527d761c7483d6960862684\PresentationCore.ni.dll
+ 2012-05-11 10:25 . 2012-05-11 10:25 11492352 f:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
+ 2012-05-09 16:40 . 2012-03-01 10:58 11085312 f:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\ieframe.dll
+ 2011-04-07 02:43 . 2011-04-07 02:43 123313664 f:\windows\Installer\a67c3fe.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "f:\progra~1\Yahoo!\Companion\Installs\cpn0\yt.dll" [2011-10-06 2015544]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-03-22 04:14 1869152 ----a-w- f:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "f:\program files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-03-22 1869152]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 -c--a-w- f:\documents and settings\Bubbles2000\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 -c--a-w- f:\documents and settings\Bubbles2000\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 -c--a-w- f:\documents and settings\Bubbles2000\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 -c--a-w- f:\documents and settings\Bubbles2000\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotAlarmClock"="f:\program files\HotAlarmClock\HotAlarmClock.exe" [2012-03-04 16575824]
"SpybotSD TeaTimer"="f:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MAXA-LockTray"="f:\program files\MAXA Security Tools\Lock\tray.exe" [2009-11-10 36864]
"UnlockerAssistant"="f:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-26 16132608]
"Adobe ARM"="f:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"IgfxTray"="f:\windows\system32\igfxtray.exe" [2007-04-17 142104]
"HotKeysCmds"="f:\windows\system32\hkcmd.exe" [2007-04-17 162584]
"Persistence"="f:\windows\system32\igfxpers.exe" [2007-04-17 138008]
"APSDaemon"="f:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"TkBellExe"="f:\program files\real\realplayer\update\realsched.exe" [2011-11-26 296056]
"Anti-phishing Domain Advisor"="f:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-07-29 217256]
"LogMeIn GUI"="f:\program files\LogMeIn\x86\LogMeInSystray.exe" [2011-09-16 63048]
"avast"="f:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
"vProt"="f:\program files\AVG Secure Search\vprot.exe" [2012-03-22 982880]
"QuickTime Task"="f:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]
"PSUNMain"="f:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616]
.
f:\documents and settings\Bubbles2000\Start Menu\Programs\Startup\
CNET TechTracker.lnk - f:\documents and settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe [2011-12-1 2624512]
Dropbox.lnk - f:\documents and settings\Bubbles2000\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
RCA Detective.lnk - f:\documents and settings\Bubbles2000\My Documents\RCA Detective\RCADetective.exe [2011-12-13 1069056]
.
f:\documents and settings\All Users\Start Menu\Programs\Startup\
STIMON.lnk - f:\program files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe [2011-9-18 933888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2011-09-27 02:15 87424 ----a-w- f:\windows\system32\LMIinit.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\WINDOWS\\system32\\lxcgcoms.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"f:\\Documents and Settings\\Bubbles2000\\My Documents\\Downloads\\magentic_install.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"f:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"f:\\Documents and Settings\\Bubbles2000\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"f:\\WINDOWS\\system32\\mmc.exe"=
"f:\\Program Files\\Messenger\\msmsgs.exe"=
"f:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"f:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"f:\\WINDOWS\\system32\\dpvsetup.exe"=
"f:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"4100:UDP"= 4100:UDP:uPNP Router Control Port
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 aswNdis;avast! Firewall NDIS Filter Service;f:\windows\system32\drivers\aswNdis.sys [6/9/2012 11:39 AM 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;f:\windows\system32\drivers\aswNdis2.sys [6/9/2012 11:40 AM 196440]
R1 aswKbd;aswKbd;f:\windows\system32\drivers\aswKbd.sys [6/9/2012 11:40 AM 24408]
R1 aswSP;aswSP;f:\windows\system32\drivers\aswSP.sys [2/7/2012 3:56 PM 337880]
R1 PSINKNC;PSINKNC;f:\windows\system32\drivers\PSINKNC.sys [11/23/2011 9:59 AM 130312]
R2 aswFsBlk;aswFsBlk;f:\windows\system32\drivers\aswFsBlk.sys [2/7/2012 3:56 PM 20696]
R2 AVWEBCAM;AV WebCam, WDM Video Capture;f:\windows\system32\drivers\avwebcam.sys [9/10/2011 2:38 AM 13696]
R2 BBUpdate;BBUpdate;f:\program files\Microsoft\BingBar\SeaPort.EXE [10/13/2011 5:21 PM 249648]
R2 cvhsvc;Client Virtualization Handler;f:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [1/4/2012 2:22 PM 822624]
R2 NanoServiceMain;Panda Cloud Antivirus Service;f:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [4/28/2011 12:58 PM 140608]
R2 PSINAflt;PSINAflt;f:\windows\system32\drivers\PSINAflt.sys [1/5/2012 1:10 PM 144008]
R2 PSINFile;PSINFile;f:\windows\system32\drivers\PSINFile.sys [4/28/2011 12:57 PM 97096]
R2 PSINProc;PSINProc;f:\windows\system32\drivers\PSINProc.sys [4/28/2011 12:57 PM 111688]
R2 PSINProt;PSINProt;f:\windows\system32\drivers\PSINProt.sys [11/30/2011 6:37 PM 112648]
R2 sftlist;Application Virtualization Client;f:\program files\Microsoft Application Virtualization Client\sftlist.exe [10/1/2011 8:30 AM 508776]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;f:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [3/21/2012 9:14 PM 918880]
R3 Sftfs;Sftfs;f:\windows\system32\drivers\Sftfsxp.sys [12/2/2009 10:23 PM 584680]
R3 Sftplay;Sftplay;f:\windows\system32\drivers\Sftplayxp.sys [12/2/2009 10:23 PM 209512]
R3 Sftredir;Sftredir;f:\windows\system32\drivers\Sftredirxp.sys [12/2/2009 10:23 PM 20584]
R3 Sftvol;Sftvol;f:\windows\system32\drivers\Sftvolxp.sys [12/2/2009 10:23 PM 18280]
R3 sftvsa;Application Virtualization Service Agent;f:\program files\Microsoft Application Virtualization Client\sftvsa.exe [10/1/2011 8:30 AM 219496]
S1 aswFW;avast! TDI Firewall driver;f:\windows\system32\drivers\aswFW.sys [6/9/2012 11:40 AM 112984]
S1 aswSnx;aswSnx;f:\windows\system32\drivers\aswSnx.sys [2/7/2012 3:56 PM 612184]
S2 BBSvc;Bing Bar Update Service;f:\program files\Microsoft\BingBar\BBSvc.EXE [10/21/2011 3:23 PM 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;f:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
S2 eventloganalyzer;ManageEngine EventLog Analyzer 7.0;c:\manageengine\EventLog\bin\wrapper.exe -s c:\manageengine\EventLog\server\default\conf\wrapper.conf --> c:\manageengine\EventLog\bin\wrapper.exe -s c:\manageengine\EventLog\server\default\conf\wrapper.conf [?]
S2 gupdate;Google Update Service (gupdate);f:\program files\Google\Update\GoogleUpdate.exe [6/19/2010 5:47 AM 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;f:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11/22/2011 8:42 AM 257696]
S3 epmntdrv;epmntdrv;f:\windows\system32\epmntdrv.sys [8/25/2010 6:09 AM 13192]
S3 EuGdiDrv;EuGdiDrv;f:\windows\system32\EuGdiDrv.sys [8/25/2010 6:09 AM 8456]
S3 gupdatem;Google Update Service (gupdatem);f:\program files\Google\Update\GoogleUpdate.exe [6/19/2010 5:47 AM 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;f:\windows\system32\drivers\mbamswissarmy.sys [6/14/2012 8:53 PM 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;f:\program files\Mozilla Maintenance Service\maintenanceservice.exe [5/22/2012 10:43 PM 129976]
S3 nosGetPlusHelper;getPlus® Helper 3004;f:\windows\System32\svchost.exe -k nosGetPlusHelper [8/4/2004 3:00 AM 14336]
S3 osppsvc;Office Software Protection Platform;f:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 9:37 PM 4640000]
S3 VDSDK;VDSDK;\??\f:\docume~1\BUBBLE~1\LOCALS~1\Temp\vdsdk.sys --> f:\docume~1\BUBBLE~1\LOCALS~1\Temp\vdsdk.sys [?]
S3 wimmount;wimmount;f:\windows\system32\drivers\wimmount.sys [6/15/2010 2:52 AM 19024]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;f:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
S4 avast! Firewall;avast! Firewall;f:\program files\AVAST Software\Avast\afwServ.exe [6/9/2012 11:39 AM 134920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-15 f:\windows\Tasks\Adobe Flash Player Updater.job
- f:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2011-11-22 13:05]
.
2012-06-09 f:\windows\Tasks\AppleSoftwareUpdate.job
- f:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57]
.
2012-06-15 f:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- f:\program files\Google\Update\GoogleUpdate.exe [2010-06-19 12:47]
.
2012-06-15 f:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- f:\program files\Google\Update\GoogleUpdate.exe [2010-06-19 12:47]
.
2012-06-15 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004Core1cc209613fe80f2.job
- f:\documents and settings\Bubbles2000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-27 12:47]
.
2012-06-15 f:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004UA.job
- f:\documents and settings\Bubbles2000\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-27 12:47]
.
2012-06-15 f:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
- f:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-09 00:14]
.
2012-06-15 f:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-500.job
- f:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-09 00:14]
.
2012-06-09 f:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
- f:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-09 00:14]
.
2012-06-10 f:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-500.job
- f:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-09 00:14]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://isearch.avg.com/?cid={5C655680-CB30-44EC-B6C7-0C3F7AD071D4}&mid=d14b832aa5ec47d08352d1544f992eb9-dd2df1969c2bebe94fc10b9d51c0a17ca29bae57&lang=en&ds=gm011&pr=sa&d=2012-03-21 21:15&v=10.2.0.3&sap=hp
mStart Page = hxxp://www.yahoo.com/?ilc=8
TCP: DhcpNameServer = 192.168.1.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - f:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
FF - ProfilePath - f:\documents and settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - igoogle.com
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B9c7a4ad5-45a5-4dfc-8f77-d9daab460007%7D&mid=d14b832aa5ec47d08352d1544f992eb9-dd2df1969c2bebe94fc10b9d51c0a17ca29bae57&ds=gm011&v=10.2.0.3&lang=en&pr=sa&d=2012-03-21%2021%3A15%3A00&sap=ku&q=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
FF - user.js: extensions.BabylonToolbar_i.id - 3c6fbdfe000000000000001d097dc74a
FF - user.js: extensions.BabylonToolbar_i.hardId - 3c6fbdfe000000000000001d097dc74a
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15473
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1710:42
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111305&tt=100512_3_
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-Odsspo - f:\program files\Nwmao\Rlkkhgs.exe
AddRemove-BabylonToolbar - f:\program files\BabylonToolbar\BabylonToolbar\1.5.3.17\uninstall.exe
AddRemove-Searchqu Toolbar - f:\program files\Searchqu Toolbar\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-15 02:02
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1177238915-1647877149-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(596)
f:\windows\system32\LMIinit.dll
.
- - - - - - - > 'explorer.exe'(1440)
f:\windows\system32\WININET.dll
f:\documents and settings\Bubbles2000\Application Data\Dropbox\bin\DropboxExt.14.dll
f:\windows\system32\ieframe.dll
f:\program files\Windows Media Player\wmpband.dll
f:\windows\system32\mshtml.dll
f:\windows\system32\msls31.dll
f:\windows\system32\webcheck.dll
f:\windows\system32\WPDShServiceObj.dll
f:\windows\system32\PortableDeviceTypes.dll
f:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-06-15 02:04:57
ComboFix-quarantined-files.txt 2012-06-15 09:04
ComboFix2.txt 2012-05-09 09:42
.
Pre-Run: 5,163,147,264 bytes free
Post-Run: 5,137,219,584 bytes free
.
- - End Of File - - B8371D1469FC150C5FB714243D329AE6


Thank You for all of the help so far...ed
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I see that you have AIS if the subscription has expired and you do not intend to continue with it, we will remove Avast and its firewall and then get a copy of the free AV to replace it. I will then take a second look at your network connections

First for AIS

Download the Avast removal tool to the affected systems desktop .. aswClear
Download Avast Free .. Direct link
Uninstall Avast via Add/remove
Once uninstalled run aswClear and reboot

Install the free Avast and try the net again


Please download MiniToolBox, save it to your desktop and run it.

Posted Image
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • 0

#7
edhalfdead

edhalfdead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
Essexboy, my roommate didn't have a subscription to AIS, she had the free version. This was the second time that it turned itself off on her, so she was dumping it and opting for Panda free edition instead. Hopefully you can work with that.
Here is the Mini Tool Box results that you requested:

MiniToolBox by Farbar Version: 09-06-2012
Ran by Bubbles2000 (administrator) on 15-06-2012 at 07:59:36
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : GARGOYLE2 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Broadcast IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : gateway.2wire.netEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : gateway.2wire.net Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection Physical Address. . . . . . . . . : 00-1D-09-7D-C7-4A Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.70 Subnet Mask . . . . . . . . . . . : 255.255.255.0 IP Address. . . . . . . . . . . . : fe80::21d:9ff:fe7d:c74a%4 Default Gateway . . . . . . . . . : 192.168.1.254 DHCP Server . . . . . . . . . . . : 192.168.1.254 DNS Servers . . . . . . . . . . . : 192.168.1.254 fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 Lease Obtained. . . . . . . . . . : Friday, June 15, 2012 7:51:33 AM Lease Expires . . . . . . . . . . : Saturday, June 16, 2012 7:51:33 AMTunnel adapter Teredo Tunneling Pseudo-Interface: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 80-00-FB-D1-B3-08-20-F7 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 2001:0:4137:9e76:8000:fbd1:b308:20f7 IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%5 Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : DisabledTunnel adapter Automatic Tunneling Pseudo-Interface: Connection-specific DNS Suffix . : gateway.2wire.net Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface Physical Address. . . . . . . . . : C0-A8-01-46 Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.70%2 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 fec0:0:0:ffff::2%1 fec0:0:0:ffff::3%1 NetBIOS over Tcpip. . . . . . . . : DisabledServer: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.227.130, 74.125.227.131, 74.125.227.132, 74.125.227.133
74.125.227.134, 74.125.227.135, 74.125.227.136, 74.125.227.137, 74.125.227.142
74.125.227.128, 74.125.227.129

Pinging google.com [74.125.227.132] with 32 bytes of data:Reply from 74.125.227.132: bytes=32 time=60ms TTL=51Reply from 74.125.227.132: bytes=32 time=58ms TTL=52Ping statistics for 74.125.227.132: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 58ms, Maximum = 60ms, Average = 59msServer: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:Reply from 209.191.122.70: bytes=32 time=96ms TTL=40Reply from 209.191.122.70: bytes=32 time=95ms TTL=40Ping statistics for 209.191.122.70: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 95ms, Maximum = 96ms, Average = 95msServer: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 09 7d c7 4a ...... Intel® 82562V-2 10/100 Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.70 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.70 192.168.1.70 20
192.168.1.70 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.70 192.168.1.70 20
224.0.0.0 240.0.0.0 192.168.1.70 192.168.1.70 20
255.255.255.255 255.255.255.255 192.168.1.70 192.168.1.70 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 F:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 F:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 F:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 F:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"

Catalog5 05 F:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"

Catalog9 01 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 F:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 F:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 F:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/15/2012 07:59:43 AM) (Source: Application Error) (User: )
Description: Faulting application mysqld-nt.exe, version 0.0.0.0, faulting module mysqld-nt.exe, version 0.0.0.0, fault address 0x0019e719.
Processing media-specific event for [mysqld-nt.exe!ws!]

Error: (06/15/2012 07:58:24 AM) (Source: Application Error) (User: )
Description: Faulting application mysqld-nt.exe, version 0.0.0.0, faulting module mysqld-nt.exe, version 0.0.0.0, fault address 0x0019e719.
Processing media-specific event for [mysqld-nt.exe!ws!]

Error: (06/15/2012 07:57:00 AM) (Source: Application Error) (User: )
Description: Faulting application mysqld-nt.exe, version 0.0.0.0, faulting module mysqld-nt.exe, version 0.0.0.0, fault address 0x0019e719.
Processing media-specific event for [mysqld-nt.exe!ws!]

Error: (06/15/2012 07:55:38 AM) (Source: Application Error) (User: )
Description: Faulting application mysqld-nt.exe, version 0.0.0.0, faulting module mysqld-nt.exe, version 0.0.0.0, fault address 0x0019e719.
Processing media-specific event for [mysqld-nt.exe!ws!]

Error: (06/15/2012 05:57:18 AM) (Source: Microsoft Office 14) (User: )
Description: Microsoft WordWord failed to start correctly last time. Starting Word in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

Do you want to start Word in safe mode?

Error: (06/15/2012 05:33:58 AM) (Source: Application Error) (User: )
Description: Faulting application mysqld-nt.exe, version 0.0.0.0, faulting module mysqld-nt.exe, version 0.0.0.0, fault address 0x0019e719.
Error in creating result PEAP-TLV in response to received PEAP-TLV (mysqld-nt.exe!ld!)

Error: (06/15/2012 05:33:50 AM) (Source: Application Error) (User: )
Description: Faulting application mysqld-nt.exe, version 0.0.0.0, faulting module mysqld-nt.exe, version 0.0.0.0, fault address 0x0019e719.
Error in creating result PEAP-TLV in response to received PEAP-TLV (mysqld-nt.exe!ld!)

Error: (06/15/2012 05:33:35 AM) (Source: Application Error) (User: )
Description: Faulting application mysqld-nt.exe, version 0.0.0.0, faulting module mysqld-nt.exe, version 0.0.0.0, fault address 0x0019e719.
Error in creating result PEAP-TLV in response to received PEAP-TLV (mysqld-nt.exe!ld!)

Error: (06/15/2012 05:33:05 AM) (Source: Application Error) (User: )
Description: Faulting application mysqld-nt.exe, version 0.0.0.0, faulting module mysqld-nt.exe, version 0.0.0.0, fault address 0x0019e719.
Error in creating result PEAP-TLV in response to received PEAP-TLV (mysqld-nt.exe!ld!)

Error: (06/15/2012 05:32:34 AM) (Source: Application Error) (User: )
Description: Faulting application mysqld-nt.exe, version 0.0.0.0, faulting module mysqld-nt.exe, version 0.0.0.0, fault address 0x0019e719.
Error in creating result PEAP-TLV in response to received PEAP-TLV (mysqld-nt.exe!ld!)


System errors:
=============
Error: (06/15/2012 07:54:57 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
tdx

Error: (06/15/2012 07:54:57 AM) (Source: Service Control Manager) (User: )
Description: The Panda Cloud Antivirus Service service hung on starting.

Error: (06/15/2012 07:53:17 AM) (Source: Service Control Manager) (User: )
Description: The Automatic Updates service failed to start due to the following error:
%%1290

Error: (06/15/2012 07:53:17 AM) (Source: Service Control Manager) (User: )
Description: The @%SystemRoot%\system32\iphlpsvc.dll,-200 service depends on the following nonexistent service: nsi

Error: (06/15/2012 07:50:13 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (06/15/2012 07:49:36 AM) (Source: DCOM) (User: Bubbles2000)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (06/15/2012 07:49:36 AM) (Source: DCOM) (User: Bubbles2000)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (06/15/2012 07:49:36 AM) (Source: DCOM) (User: Bubbles2000)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (06/15/2012 07:43:52 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Aavmker4
AFD
aswFW
aswRdr
aswSnx
aswSP
aswTdi
Fips
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
PSINKNC
RasAcd
Rdbss
Tcpip
Tcpip6
WS2IFSL

Error: (06/15/2012 07:43:52 AM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (06/15/2012 07:59:43 AM) (Source: Application Error)(User: )
Description: mysqld-nt.exe0.0.0.0mysqld-nt.exe0.0.0.00019e719

Error: (06/15/2012 07:58:24 AM) (Source: Application Error)(User: )
Description: mysqld-nt.exe0.0.0.0mysqld-nt.exe0.0.0.00019e719

Error: (06/15/2012 07:57:00 AM) (Source: Application Error)(User: )
Description: mysqld-nt.exe0.0.0.0mysqld-nt.exe0.0.0.00019e719

Error: (06/15/2012 07:55:38 AM) (Source: Application Error)(User: )
Description: mysqld-nt.exe0.0.0.0mysqld-nt.exe0.0.0.00019e719

Error: (06/15/2012 05:57:18 AM) (Source: Microsoft Office 14)(User: )
Description: Microsoft WordWord failed to start correctly last time. Starting Word in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

Do you want to start Word in safe mode?

Error: (06/15/2012 05:33:58 AM) (Source: Application Error)(User: )
Description: mysqld-nt.exe0.0.0.0mysqld-nt.exe0.0.0.00019e719

Error: (06/15/2012 05:33:50 AM) (Source: Application Error)(User: )
Description: mysqld-nt.exe0.0.0.0mysqld-nt.exe0.0.0.00019e719

Error: (06/15/2012 05:33:35 AM) (Source: Application Error)(User: )
Description: mysqld-nt.exe0.0.0.0mysqld-nt.exe0.0.0.00019e719

Error: (06/15/2012 05:33:05 AM) (Source: Application Error)(User: )
Description: mysqld-nt.exe0.0.0.0mysqld-nt.exe0.0.0.00019e719

Error: (06/15/2012 05:32:34 AM) (Source: Application Error)(User: )
Description: mysqld-nt.exe0.0.0.0mysqld-nt.exe0.0.0.00019e719


=========================== Installed Programs ============================

7-Zip 9.22beta
AC3Filter 1.63b (Version: 1.63b)
Adobe AIR (Version: 2.0.3.13070)
Adobe Download Manager (Version: 1.6.2.90)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Photoshop CS (Version: CS)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Anti-phishing Domain Advisor (Version: 1.1.0.1)
AnVir Task Manager Free (Version: 6.3.1)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
ASPCA TriMini Reminder by We-Care.com v5.0.2.1 (Version: 5.0.2.1)
AVG Security Toolbar (Version: 10.2.0.3)
BabylonObjectInstaller (Version: 1.0.0.0)
Bandisoft MPEG-1 Decoder
Bing Bar (Version: 7.0.850.0)
CD Audio Reader Filter (remove only)
Chrysanth Diary [Starter] (Version: 5.0)
CNET TechTracker (Version: 2.0.4)
CoreAAC
Coupon Printer for Windows (Version: 5.0.0.1)
Dropbox (Version: 1.4.7)
EASEUS Partition Master 6.1.1 Home Edition
Easy Clone Detective (Version: 1.4)
ffdshow v1.1.3572 [2010-09-13] (Version: 1.1.3572.0)
FireShot for Internet Explorer
Free Easy Burner V 5.1 (Version: 5.1.0.0)
Garbage Finder 2.5 (Version: 2.5)
GOM Player (Version: 2.1.40.5106)
GOM Video Converter (Version: 1.1.0.54)
Google Chrome (Version: 19.0.1084.52)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
GPL Ghostscript (Version: 9.05)
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Hot Alarm Clock 2.0.2.0 (Version: 2.0)
iCare Data Recovery 3.8.1
iLivid (Version: 1.92)
ImageBadger Image Converter (Version: 04.00.00.00)
Inpaint 4.3
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections 12.1.12.0 (Version: )
IrfanView (remove only) (Version: 4.30)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
Junk Mail filter update (Version: 14.0.8117.416)
Lexmark 2300 Series
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
ManageEngine EventLog Analyzer 7 (Version: 7)
MAXA Security Tools 2.2
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft IntelliPoint 6.2 (Version: 6.20.182.0)
Microsoft IntelliType Pro 6.2 (Version: 6.20.182.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Business 2010 - English (Version: 14.0.5114.5002)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 08.05.0818)
Mozilla Firefox (3.6.28) (Version: 3.6.28 (en-US))
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Firefox 9.0 (x86 en-US) (Version: 9.0)
Mozilla Maintenance Service (Version: 12.0)
MPEG2 Codec(libmpeg2/mad)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Duplicate Remover 6.0
OpenSource Flash Video Splitter 1.0.0.5 (Version: 1.0.0.5)
Panda Cloud Antivirus (Version: 1.05.02.0000)
Panda Cloud Antivirus (Version: 1.5.2)
QuickTime (Version: 7.72.80.56)
RCA Detective™ 2.0.0.98
RCA Digital Voice Manager 5.0.3.1
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 5.10.0.5408)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.93 (Version: 1.93)
Segoe UI (Version: 14.0.4327.805)
Software Informer 1.0 BETA
SpeedFan (remove only)
Spybot - Search & Destroy (Version: 1.6.2)
Start Menu 7 3.65 (Version: 3.65)
swMSM (Version: 12.0.0.1)
TweakNow PowerPack 2011 SP3 (Version: 3.4.0)
TweakNow WinSecret 2011 (Version: 3.5.1)
Universal Extractor 1.6.1 (Version: 1.6.1)
Unlocker 1.9.0 (Version: 1.9.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB982632) (Version: 1)
Update for Windows Internet Explorer 8 (KB982664) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
USB2.0 UVC WebCam (Version: 5.13.0.5)
VLC media player 1.0.5 (Version: 1.0.5)
WebFldrs XP (Version: 9.50.7523)
WebM Project Directshow Filters
WinCleaner OneClick Professional Clean Version 12 (Version: 12.0.9)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinUtilities 10.44 Free Edition
WinUtilities 9.95 Professional Edition
Wondershare PDF to Word (Build 3.6.0) (Version: 3.6.0)
XnView 1.98.5 (Version: 1.98.5)
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 2037.1 MB
Available physical RAM: 1061.32 MB
Total Pagefile: 3930.17 MB
Available Pagefile: 2857.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.95 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:6.36 GB) (Free:1.49 GB) NTFS
3 Drive d: (New Volume) (Fixed) (Total:1397.26 GB) (Free:1309.33 GB) NTFS
4 Drive e: (SEA_DISC) (Fixed) (Total:149.05 GB) (Free:62.19 GB) NTFS
5 Drive f: (New Drive) (Fixed) (Total:68.11 GB) (Free:4.57 GB) NTFS
7 Drive h: () (Removable) (Total:7.45 GB) (Free:5.67 GB) FAT32

========================= Users: ========================================

User accounts for \\GARGOYLE2

Administrator Bubbles2000 Guest
HelpAssistant SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found


**** End of log ****


Again, Thank you for your time and patience...ed
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK next we will need to check the AFD service

Could you do the following

1.Start Device Manager.
2.Click View, and then click Show hidden devices.
3.In the right pane of Device Manager, click Non-Plug and Play Drivers.
4.Double-click AFD Networking Support Environment.
5.Confirm that the driver is started > If not then start it


If it fails to start or errors please let me know
  • 0

#9
edhalfdead

edhalfdead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
AFD is working properly.
There is a yellow flag next to: @%SystemRoot%\system32\tcpipcfg.dll,-50004 This device is not present, is not working properly, or does not have all it's drivers installed (code 24)

"mysqld-nt.exe has encountered a problem and needs to close" has started popping up also
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets now search for that file on your system

Run OTL and paste the following into the scan box and press run scan

/md5start
tcpipcfg.*
/md5stop

  • 0

Advertisements


#11
edhalfdead

edhalfdead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
Sorry about the slow reply.
Here is the OTL report:

OTL logfile created on: 6/22/2012 9:15:28 AM - Run 6
OTL by OldTimer - Version 3.2.48.0 Folder = F:\Documents and Settings\Bubbles2000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.72% Memory free
3.84 Gb Paging File | 3.22 Gb Available in Paging File | 83.92% Paging File free
Paging file location(s): F:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 6.36 Gb Total Space | 1.49 Gb Free Space | 23.41% Space Free | Partition Type: NTFS
Drive D: | 1397.26 Gb Total Space | 1307.65 Gb Free Space | 93.59% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 62.19 Gb Free Space | 41.72% Space Free | Partition Type: NTFS
Drive F: | 68.11 Gb Total Space | 4.02 Gb Free Space | 5.90% Space Free | Partition Type: NTFS
Drive H: | 7.45 Gb Total Space | 5.67 Gb Free Space | 76.07% Space Free | Partition Type: FAT32

Computer Name: GARGOYLE2 | User Name: Bubbles2000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/22 04:53:40 | 000,536,576 | ---- | M] () -- F:\Program Files\Uhgxl\Cjhvxxk.exe
PRC - [2012/06/15 09:52:41 | 000,935,480 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012/06/15 09:52:38 | 001,104,440 | ---- | M] () -- F:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/06/12 16:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
PRC - [2012/05/24 11:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- F:\Documents and Settings\Bubbles2000\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/03/03 21:42:56 | 016,575,824 | ---- | M] (Comfort Software Group) -- F:\Program Files\HotAlarmClock\HotAlarmClock.exe
PRC - [2011/12/01 13:24:20 | 002,624,512 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2011/11/26 00:54:53 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- F:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/26 19:15:36 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- F:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/09/16 16:10:50 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- F:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2011/07/29 13:45:56 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/04/28 13:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2010/07/12 05:55:03 | 000,218,112 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Windows NT\Accessories\wordpad.exe
PRC - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2009/11/10 15:41:14 | 000,036,864 | ---- | M] (MAXA Research Int'l Inc.) -- F:\Program Files\MAXA Security Tools\Lock\tray.exe
PRC - [2009/09/24 18:41:40 | 000,933,888 | ---- | M] (Silicon Motion) -- F:\Program Files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe
PRC - [2008/07/21 12:59:10 | 001,069,056 | ---- | M] (Audiovox Electronics Corp.) -- F:\Documents and Settings\Bubbles2000\My Documents\RCA Detective\RCADetective.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/22 04:53:40 | 000,536,576 | ---- | M] () -- F:\Program Files\Uhgxl\Cjhvxxk.exe
MOD - [2012/06/22 04:53:40 | 000,020,480 | ---- | M] () -- F:\Program Files\Uhgxl\a.dll
MOD - [2012/06/15 09:52:42 | 000,132,664 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012/06/15 09:52:41 | 000,935,480 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
MOD - [2012/06/15 09:52:38 | 001,104,440 | ---- | M] () -- F:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/05/11 03:36:47 | 000,998,400 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/11 03:34:54 | 000,971,264 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/11 03:28:38 | 005,450,752 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/11 03:28:27 | 012,430,848 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\32b169d0703541a18c987bd2dbf9fbd9\System.Windows.Forms.ni.dll
MOD - [2012/05/11 03:28:11 | 001,587,200 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7765146be2fa459c20856ff822f90d1e\System.Drawing.ni.dll
MOD - [2012/05/11 03:26:05 | 007,953,408 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/11 03:25:47 | 011,492,352 | ---- | M] () -- F:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011/12/01 13:24:20 | 002,624,512 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- F:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- F:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/07/04 14:32:38 | 000,010,752 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/07/04 14:32:36 | 000,004,608 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- F:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 17:11:51 | 000,059,904 | ---- | M] () -- F:\WINDOWS\system32\devenum.dll
MOD - [2007/05/07 08:06:02 | 000,128,000 | ---- | M] () -- F:\Program Files\ImageBadger\extib.dll
MOD - [2007/02/14 12:55:11 | 000,165,424 | ---- | M] () -- F:\Program Files\Panda Security\Panda Cloud Antivirus\MiniCrypto.dll
MOD - [2007/02/14 12:55:10 | 000,099,888 | ---- | M] () -- F:\Program Files\Panda Security\Panda Cloud Antivirus\APIcr.dll
MOD - [2005/04/15 14:18:30 | 000,483,328 | ---- | M] () -- F:\WINDOWS\system32\lxcglmpm.dll
MOD - [2005/03/13 11:32:14 | 000,061,440 | ---- | M] () -- F:\Program Files\Lexmark 2300 Series\lxcgcnv4.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %ProgramFiles%\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/15 09:52:41 | 000,935,480 | ---- | M] () [Auto | Running] -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/05/11 06:05:15 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/20 18:19:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/05 15:10:32 | 000,458,008 | ---- | M] (Tanuki Software, Ltd.) [Auto | Stopped] -- C:\ManageEngine\EventLog\bin\wrapper.exe -- (eventloganalyzer)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- F:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/08/13 09:13:32 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- F:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2008/04/13 21:42:12 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 17:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2005/04/15 14:15:30 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- F:\WINDOWS\system32\lxcgcoms.exe -- (lxcg_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\DOCUME~1\BUBBLE~1\LOCALS~1\Temp\vdsdk.sys -- (VDSDK)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\tdx.sys -- (tdx)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\DOCUME~1\BUBBLE~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/06/21 02:34:09 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/01/05 13:10:09 | 000,144,008 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2011/11/30 18:37:24 | 000,112,648 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2011/11/23 09:59:40 | 000,130,312 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2011/10/01 08:30:42 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2011/10/01 08:30:40 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2011/10/01 08:30:38 | 000,209,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2011/10/01 08:30:36 | 000,584,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2011/04/28 12:57:38 | 000,111,688 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2011/04/28 12:57:38 | 000,097,096 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2011/03/18 09:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- F:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010/12/02 18:17:50 | 000,013,696 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\avwebcam.sys -- (AVWEBCAM)
DRV - [2010/07/15 08:44:20 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/07/15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2007/05/02 16:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [1996/04/03 12:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- F:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-03-21 21:15:00&v=10.2.0.3&sap=hp
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{909D53DD-ED5F-405B-879E-5F5CD26B7C05}: "URL" = http://www.google.co...Terms}&aq=f&oq=
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-03-21 21:15:00&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9B97950D-482C-1D79-568F-FC7B9D40C785}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....erms}&fr=mkg028
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.selectedEngineURL: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "igoogle.com"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: F:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: F:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: F:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: F:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: F:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: F:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: F:\Program Files\EpicPlay\npEpicHost.dll ( )
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/26 00:55:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: F:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.7\ [2012/06/15 09:52:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: F:\Program Files\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: F:\Program Files\plugins [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/01 21:38:48 | 000,000,000 | ---D | M]

[2012/05/16 23:46:41 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Extensions
[2012/06/21 10:08:01 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions
[2012/06/17 19:09:26 | 000,000,000 | ---D | M] (FireShot) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012/05/01 21:04:29 | 000,000,000 | ---D | M] (FireShot) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}(2)
[2011/07/18 00:26:50 | 000,000,000 | ---D | M] (Flashblock) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012/05/25 06:22:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/11/20 04:00:12 | 000,000,000 | ---D | M] (NoScript) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
[2012/06/09 07:49:49 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2011/11/11 02:15:52 | 000,000,000 | ---D | M] (gTranslate) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2012/04/24 13:24:25 | 000,000,000 | ---D | M] (DownloadHelper) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/05/02 18:07:59 | 000,000,000 | ---D | M] (DownThemAll!) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/07/07 20:45:06 | 000,000,000 | ---D | M] (Web2PDF converter) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}
[2012/05/02 18:48:16 | 000,000,000 | ---D | M] (FoxLingo) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2012/04/24 13:50:51 | 000,000,000 | ---D | M] (Ant Video Downloader) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected](2).com
[2012/05/02 18:48:08 | 000,000,000 | ---D | M] (DeeperWeb for Google) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/05/02 18:48:17 | 000,000,000 | ---D | M] (Show Me More) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/06/21 10:08:01 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2010/10/17 01:46:49 | 000,002,027 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\searchplugins\google-translate-any--en.xml
[2012/05/16 23:46:12 | 000,002,519 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\searchplugins\Search_Results.xml
[2012/05/22 22:43:07 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions
[2012/06/06 14:07:39 | 000,061,219 | ---- | M] () (No name found) -- F:\DOCUMENTS AND SETTINGS\BUBBLES2000\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\X88K25G8.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012/06/20 17:09:22 | 000,377,145 | ---- | M] () (No name found) -- F:\DOCUMENTS AND SETTINGS\BUBBLES2000\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\X88K25G8.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2012/04/20 18:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- F:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/15 09:52:35 | 000,003,768 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/20 18:18:25 | 000,002,252 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/20 18:18:25 | 000,002,040 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hnhgoncokajlafhnhjmccgcmgggiehjm\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.2_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.2_0\.bak
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\plccnhhjonaiagjelpfkclblmlppjcik\

O1 HOSTS File: ([2012/06/14 20:57:57 | 000,000,098 | ---- | M]) - F:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O2 - BHO: (no name) - {9D717F81-9148-4f12-8568-69135F087DB0} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] F:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] F:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MAXA-LockTray] F:\Program Files\MAXA Security Tools\Lock\tray.exe (MAXA Research Int'l Inc.)
O4 - HKLM..\Run: [PSUNMain] F:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [TkBellExe] F:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] F:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [vProt] F:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wapjgg] F:\Program Files\Uhgxl\Cjhvxxk.exe ()
O4 - HKCU..\Run: [HotAlarmClock] F:\Program Files\HotAlarmClock\HotAlarmClock.exe (Comfort Software Group)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\STIMON.lnk = F:\Program Files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe (Silicon Motion)
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\CNET TechTracker.lnk = F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe ()
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\Dropbox.lnk = F:\Documents and Settings\Bubbles2000\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\RCA Detective.lnk = F:\Documents and Settings\Bubbles2000\My Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - F:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (f:\windows\system32\userinit.exe) - F:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - F:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/20 02:20:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/27 00:03:47 | 000,027,568 | ---- | M] () - E:\autopay_DPA.pdf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/22 09:14:44 | 000,596,480 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
[2012/06/22 04:53:45 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Ruydaai
[2012/06/22 04:53:40 | 000,000,000 | ---D | C] -- F:\Program Files\Uhgxl
[2012/06/22 00:07:57 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\the naughtiest
[2012/06/21 02:13:41 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\TEMP
[2012/06/17 13:25:45 | 000,000,000 | -HSD | C] -- F:\RECYCLER
[2012/06/15 09:52:45 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\cache
[2012/06/14 21:20:19 | 004,557,245 | R--- | C] (Swearware) -- F:\Documents and Settings\Bubbles2000\Desktop\ComboFix.exe
[2012/06/14 20:53:29 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- F:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/12 16:25:25 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\more sayings
[2012/06/11 12:38:32 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Ed's test 5
[2012/06/11 09:54:33 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Eds test 6
[2012/06/09 23:25:22 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\Panda Security
[2012/06/09 23:23:50 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Panda Cloud Antivirus
[2012/06/09 23:23:26 | 000,000,000 | ---D | C] -- F:\Program Files\Panda Security
[2012/06/09 23:23:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Panda Security
[2012/06/09 11:39:28 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/06/09 07:57:45 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Dropbox
[2012/06/09 07:57:17 | 000,000,000 | ---D | C] -- F:\Program Files\Dropbox
[2012/06/09 06:15:38 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\art2
[2012/06/08 22:36:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\couples
[2012/06/07 04:17:10 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\WindowsPowerShell
[2012/06/07 04:17:07 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\GroupPolicy
[2012/06/07 04:16:43 | 000,000,000 | ---D | C] -- F:\WINDOWS\$968930Uinstall_KB968930$
[2012/06/07 04:10:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\IObit
[2012/06/07 04:10:08 | 000,000,000 | ---D | C] -- F:\Program Files\IObit
[2012/06/04 09:37:27 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\#4 test 4 Ed(2)
[2012/06/04 06:58:15 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\wallpaper
[2012/06/04 02:10:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\My doggies
[2012/06/03 21:48:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Dropbox(2)
[2012/06/03 19:25:06 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\GomPlayer
[2012/06/02 03:51:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\butts
[2012/06/01 22:32:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\ximages
[2012/06/01 22:11:58 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\All eds tests and results
[2012/06/01 22:02:08 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\new women
[2012/06/01 21:38:29 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2012/06/01 21:38:03 | 000,000,000 | ---D | C] -- F:\Program Files\QuickTime
[2012/06/01 21:37:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Apple Computer
[2012/05/31 05:14:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\bb
[2012/05/27 22:15:32 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\divorce stuff
[2012/05/02 17:56:22 | 011,824,088 | ---- | C] (Mozilla Foundation) -- F:\Program Files\xul.dll
[2012/05/02 17:56:22 | 000,646,104 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nss3.dll
[2012/05/02 17:56:22 | 000,505,816 | ---- | C] (sqlite.org) -- F:\Program Files\sqlite3.dll
[2012/05/02 17:56:22 | 000,371,672 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssckbi.dll
[2012/05/02 17:56:22 | 000,246,744 | ---- | C] (Mozilla Foundation) -- F:\Program Files\updater.exe
[2012/05/02 17:56:22 | 000,166,872 | ---- | C] (Mozilla Foundation) -- F:\Program Files\softokn3.dll
[2012/05/02 17:56:22 | 000,142,296 | ---- | C] (Mozilla Foundation) -- F:\Program Files\ssl3.dll
[2012/05/02 17:56:22 | 000,105,432 | ---- | C] (Mozilla Foundation) -- F:\Program Files\smime3.dll
[2012/05/02 17:56:22 | 000,105,432 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssdbm3.dll
[2012/05/02 17:56:22 | 000,089,048 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssutil3.dll
[2012/05/02 17:56:22 | 000,021,976 | ---- | C] (Mozilla Foundation) -- F:\Program Files\plc4.dll
[2012/05/02 17:56:22 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\xpcom.dll
[2012/05/02 17:56:22 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\plds4.dll
[2012/05/02 17:56:22 | 000,016,856 | ---- | C] (Mozilla Corporation) -- F:\Program Files\plugin-container.exe
[2012/05/02 17:56:21 | 000,912,344 | ---- | C] (Mozilla Corporation) -- F:\Program Files\firefox.exe
[2012/05/02 17:56:21 | 000,719,832 | ---- | C] (Mozilla Foundation) -- F:\Program Files\mozcrt19.dll
[2012/05/02 17:56:21 | 000,719,832 | ---- | C] (Mozilla Foundation) -- F:\Program Files\mozcpp19.dll
[2012/05/02 17:56:21 | 000,269,272 | ---- | C] (Mozilla Foundation) -- F:\Program Files\freebl3.dll
[2012/05/02 17:56:21 | 000,203,736 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nspr4.dll
[2012/05/02 17:56:21 | 000,107,480 | ---- | C] (Mozilla Foundation) -- F:\Program Files\crashreporter.exe
[2012/05/02 17:56:21 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\AccessibleMarshal.dll

========== Files - Modified Within 30 Days ==========

[2012/06/22 09:18:00 | 000,001,002 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004UA.job
[2012/06/22 09:05:00 | 000,000,830 | ---- | M] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/22 08:32:00 | 000,000,896 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/22 08:32:00 | 000,000,892 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/21 19:18:00 | 000,000,950 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004Core1cc209613fe80f2.job
[2012/06/21 02:43:57 | 000,001,102 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Appnimi All-In-One Password Unlocker.lnk
[2012/06/21 02:34:09 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- F:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/21 02:19:55 | 000,000,294 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-500.job
[2012/06/21 02:19:55 | 000,000,290 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
[2012/06/21 02:19:15 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2012/06/21 02:16:30 | 000,000,032 | ---- | M] () -- F:\WINDOWS\System32\glmf3com.dat.dll
[2012/06/19 15:04:20 | 000,061,997 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\impossibilities.jpg
[2012/06/18 12:01:48 | 000,241,152 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/18 09:25:13 | 000,000,091 | ---- | M] () -- F:\WINDOWS\DVM.INI
[2012/06/17 04:13:00 | 000,000,302 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-500.job
[2012/06/16 07:02:00 | 000,000,298 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
[2012/06/16 04:03:27 | 000,078,776 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\irene gillespie schaub frave.jpg
[2012/06/15 20:22:01 | 000,000,284 | ---- | M] () -- F:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/06/15 08:11:05 | 000,002,577 | ---- | M] () -- F:\WINDOWS\System32\CONFIG.NT
[2012/06/14 20:57:57 | 000,000,098 | ---- | M] () -- F:\WINDOWS\System32\drivers\etc\Hosts
[2012/06/13 19:38:30 | 004,557,245 | R--- | M] (Swearware) -- F:\Documents and Settings\Bubbles2000\Desktop\ComboFix.exe
[2012/06/12 16:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
[2012/06/09 23:24:05 | 000,000,264 | ---- | M] () -- F:\WINDOWS\System32\PSUNCpl.dat
[2012/06/09 20:50:57 | 000,000,046 | ---- | M] () -- F:\WINDOWS\System32\_WKERNEL.FRE
[2012/06/09 12:39:25 | 000,040,893 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\dual nibble.jpeg
[2012/06/09 08:04:33 | 000,002,206 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2012/06/08 20:14:59 | 000,002,613 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\logo4.jpg
[2012/06/07 04:54:27 | 000,484,030 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2012/06/07 04:54:27 | 000,080,082 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2012/06/06 21:58:26 | 000,082,195 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\the king.jpg
[2012/06/06 18:05:14 | 000,487,091 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\work=(913)+461-3895.pdf
[2012/06/06 18:03:40 | 000,747,778 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\heather shay work maybe3233022306.pdf
[2012/06/04 21:50:23 | 000,004,452 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\wklnhst.dat
[2012/06/04 21:41:07 | 000,067,309 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\FireShot Screen Capture #319 - 'AVON - Order Confirmed' - shop_avon_com_shop_confirmed_aspx_order_id=23900597&ccauthreportcode&paypal=5HW871020D7354602.jpg
[2012/06/04 18:51:13 | 000,015,872 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\tim's letter 5-2012.wps
[2012/06/01 21:38:30 | 000,001,613 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/06/01 12:38:35 | 000,001,055 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/01 12:38:18 | 000,001,051 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Dropbox.lnk
[2012/05/31 06:22:09 | 000,599,040 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\dllcache\crypt32.dll
[2012/05/27 22:50:21 | 000,000,964 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.7z
[2012/05/27 22:46:48 | 000,008,827 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.7z
[2012/05/27 22:46:12 | 000,001,679 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.rtf
[2012/05/27 22:24:18 | 000,038,978 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.rtf
[2012/05/27 17:35:55 | 000,173,861 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\[bleep].jpg
[2012/05/26 02:25:38 | 000,000,733 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk

========== Files Created - No Company Name ==========

[2012/06/22 06:18:15 | 000,006,921 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\mebetter.jpg
[2012/06/22 06:17:31 | 000,004,435 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\fixedme 137.jpg
[2012/06/22 06:16:49 | 000,045,106 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\- 'Michele Owens (Michele)2s s.pdf.jpg
[2012/06/22 06:09:58 | 000,072,877 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Snapshot000006.jpg
[2012/06/22 06:08:04 | 000,045,756 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\p_00173.jpg
[2012/06/21 11:36:15 | 000,014,294 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\angel.jpg
[2012/06/21 10:52:02 | 000,002,613 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\logo4.jpg
[2012/06/21 02:43:57 | 000,001,102 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Appnimi All-In-One Password Unlocker.lnk
[2012/06/21 02:16:30 | 000,000,032 | ---- | C] () -- F:\WINDOWS\System32\glmf3com.dat.dll
[2012/06/19 15:04:19 | 000,061,997 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\impossibilities.jpg
[2012/06/16 04:03:26 | 000,078,776 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\irene gillespie schaub frave.jpg
[2012/06/12 13:53:23 | 000,073,795 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Snapshot000010.jpg
[2012/06/09 23:24:05 | 000,000,264 | ---- | C] () -- F:\WINDOWS\System32\PSUNCpl.dat
[2012/06/09 12:39:24 | 000,040,893 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\dual nibble.jpeg
[2012/06/06 21:58:26 | 000,082,195 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\the king.jpg
[2012/06/06 18:05:14 | 000,487,091 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\work=(913)+461-3895.pdf
[2012/06/06 18:03:40 | 000,747,778 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\heather shay work maybe3233022306.pdf
[2012/06/04 21:41:07 | 000,067,309 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\FireShot Screen Capture #319 - 'AVON - Order Confirmed' - shop_avon_com_shop_confirmed_aspx_order_id=23900597&ccauthreportcode&paypal=5HW871020D7354602.jpg
[2012/06/04 18:16:10 | 000,015,872 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\tim's letter 5-2012.wps
[2012/06/03 18:36:25 | 000,000,787 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\mags.rtf
[2012/06/01 22:30:41 | 000,007,973 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\inmyway.jpg
[2012/06/01 22:11:15 | 022,571,982 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\His choices.7z
[2012/06/01 21:38:30 | 000,001,613 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/05/28 03:13:00 | 000,008,827 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.7z
[2012/05/28 03:12:15 | 000,000,964 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.7z
[2012/05/27 22:51:13 | 000,001,679 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.rtf
[2012/05/27 22:50:02 | 000,038,978 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.rtf
[2012/05/27 17:35:53 | 000,173,861 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\[bleep].jpg
[2012/05/26 02:25:38 | 000,000,733 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox (2).lnk
[2012/05/16 23:45:55 | 000,484,352 | ---- | C] () -- F:\WINDOWS\System32\lame_enc.dll
[2012/05/12 04:31:37 | 000,000,719 | ---- | C] () -- F:\WINDOWS\wininit.ini
[2012/05/09 09:40:01 | 000,003,072 | ---- | C] () -- F:\WINDOWS\System32\iacenc.dll
[2012/05/09 02:11:24 | 000,256,000 | ---- | C] () -- F:\WINDOWS\PEV.exe
[2012/05/09 02:11:24 | 000,208,896 | ---- | C] () -- F:\WINDOWS\MBR.exe
[2012/05/09 02:11:24 | 000,098,816 | ---- | C] () -- F:\WINDOWS\sed.exe
[2012/05/09 02:11:24 | 000,080,412 | ---- | C] () -- F:\WINDOWS\grep.exe
[2012/05/09 02:11:24 | 000,068,096 | ---- | C] () -- F:\WINDOWS\zip.exe
[2012/05/04 18:56:20 | 000,001,235 | ---- | C] () -- F:\Program Files\updates.xml
[2012/05/04 18:56:18 | 000,000,057 | ---- | C] () -- F:\Program Files\active-update.xml
[2012/05/04 18:55:46 | 000,016,246 | ---- | C] () -- F:\Program Files\removed-files
[2012/05/04 18:55:34 | 000,000,000 | ---- | C] () -- F:\Program Files\.autoreg
[2012/05/02 17:56:28 | 000,000,707 | ---- | C] () -- F:\Program Files\updater.ini
[2012/05/02 17:56:28 | 000,000,232 | ---- | C] () -- F:\Program Files\browserconfig.properties
[2012/05/02 17:56:28 | 000,000,006 | ---- | C] () -- F:\Program Files\update.locale
[2012/05/02 17:56:22 | 000,000,478 | ---- | C] () -- F:\Program Files\softokn3.chk
[2012/05/02 17:56:22 | 000,000,478 | ---- | C] () -- F:\Program Files\nssdbm3.chk
[2012/05/02 17:56:22 | 000,000,142 | ---- | C] () -- F:\Program Files\platform.ini
[2012/05/02 17:56:21 | 001,014,744 | ---- | C] () -- F:\Program Files\js3250.dll
[2012/05/02 17:56:21 | 000,031,393 | ---- | C] () -- F:\Program Files\LICENSE
[2012/05/02 17:56:21 | 000,005,183 | ---- | C] () -- F:\Program Files\blocklist.xml
[2012/05/02 17:56:21 | 000,003,803 | ---- | C] () -- F:\Program Files\crashreporter.ini
[2012/05/02 17:56:21 | 000,000,583 | ---- | C] () -- F:\Program Files\crashreporter-override.ini
[2012/05/02 17:56:21 | 000,000,478 | ---- | C] () -- F:\Program Files\freebl3.chk
[2012/05/02 17:56:21 | 000,000,115 | ---- | C] () -- F:\Program Files\dependentlibs.list
[2012/04/26 06:33:56 | 000,044,599 | ---- | C] () -- F:\Program Files\sniffpass.zip
[2012/03/02 22:59:54 | 000,108,032 | ---- | C] () -- F:\WINDOWS\System32\ff_vfw.dll
[2012/02/20 21:46:15 | 000,000,043 | ---- | C] () -- F:\WINDOWS\gswin32.ini
[2011/11/26 23:18:56 | 002,062,304 | ---- | C] () -- F:\Program Files\installspeedfan443.exe
[2011/10/31 18:16:38 | 015,854,592 | ---- | C] () -- F:\Program Files\Setup.msi
[2011/10/28 17:22:15 | 000,204,800 | ---- | C] () -- F:\WINDOWS\System32\igfxCoIn_v4820.dll
[2011/07/08 01:48:35 | 000,000,007 | ---- | C] () -- F:\WINDOWS\treeskp.sys
[2011/07/08 01:48:35 | 000,000,007 | ---- | C] () -- F:\WINDOWS\sbacknt.bin
[2010/11/29 16:53:55 | 000,000,037 | ---- | C] () -- F:\WINDOWS\Viewer.ini
[2010/09/02 00:33:54 | 000,015,360 | ---- | C] () -- F:\WINDOWS\System32\bdmjpeg.dll
[2010/09/02 00:32:52 | 000,058,368 | ---- | C] () -- F:\WINDOWS\System32\bdmpegv.dll
[2010/08/25 06:28:07 | 000,000,031 | ---- | C] () -- F:\WINDOWS\System32\wocsodsini.dll
[2010/08/25 06:27:47 | 000,000,530 | ---- | C] () -- F:\WINDOWS\System32\tx14_ic.ini
[2010/08/25 06:09:41 | 001,774,720 | ---- | C] () -- F:\WINDOWS\System32\BootMan.exe
[2010/08/25 06:09:41 | 000,086,408 | ---- | C] () -- F:\WINDOWS\System32\setupempdrv03.exe
[2010/08/25 06:09:41 | 000,014,848 | ---- | C] () -- F:\WINDOWS\System32\EuEpmGdi.dll
[2010/08/25 06:09:41 | 000,013,192 | ---- | C] () -- F:\WINDOWS\System32\epmntdrv.sys
[2010/08/25 06:09:41 | 000,008,456 | ---- | C] () -- F:\WINDOWS\System32\EuGdiDrv.sys
[2010/07/23 22:17:42 | 000,000,132 | -H-- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\lakerda1967.sys
[2010/07/23 22:13:46 | 000,010,584 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\docXConverter (3).ini
[2010/06/28 06:32:59 | 000,000,025 | ---- | C] () -- F:\WINDOWS\cdplayer.ini

========== Custom Scans ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:82F50D1C

< End of report >


Hope this helps. Again thank you...ed
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK no sign of a backup there

But, you appear to have gained another infection

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O2 - BHO: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
    O2 - BHO: (no name) - {9D717F81-9148-4f12-8568-69135F087DB0} - No CLSID value found.
    O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
    O2 - BHO: (no name) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - No CLSID value found.
    O4 - HKLM..\Run: [Wapjgg] F:\Program Files\Uhgxl\Cjhvxxk.exe ()
    [2012/06/22 04:53:45 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Ruydaai
    [2012/06/22 04:53:40 | 000,000,000 | ---D | C] -- F:\Program Files\Uhgxl

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download Complete Internet Repair to your desktop

Unzip all the files to their own folder on the desktop
Within the folder double click CIntRep
The programme will then run
Select the items I have highlighted
Press go
Let me know if it is able to conduct the repair, there is a log at the bottom

Posted Image
  • 0

#13
edhalfdead

edhalfdead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
Hi Essexboy,
Here are the reports from OTL & CIntRep that you requested: All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Wapjgg deleted successfully.
F:\Program Files\Uhgxl\Cjhvxxk.exe moved successfully.
F:\Documents and Settings\All Users\Application Data\Ruydaai\Eytsppu\Bubbles2000\20120626 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Ruydaai\Eytsppu\Bubbles2000\20120622 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Ruydaai\Eytsppu\Bubbles2000 folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Ruydaai\Eytsppu folder moved successfully.
F:\Documents and Settings\All Users\Application Data\Ruydaai folder moved successfully.
F:\Program Files\Uhgxl folder moved successfully.
File rity] not found.
File sethosts] not found.
File ptytemp] not found.
File EATERESTOREPOINT] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.48.0 log created on 06262012_011303

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


*******************************************************************************************************************************************

reset SYSTEM\CurrentControlSet\Services\Dhcp\Parameters\Options\15\RegLocation
old REG_MULTI_SZ =
SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\?\DhcpDomain
SYSTEM\CurrentControlSet\Services\TcpIp\Parameters\DhcpDomain

added SYSTEM\CurrentControlSet\Services\Netbt\Parameters\Interfaces\Tcpip_{3C973687-775D-4B07-ADEF-0963E094472D}\NetbiosOptions
added SYSTEM\CurrentControlSet\Services\Netbt\Parameters\Interfaces\Tcpip_{9C419D6A-2686-4AE9-8B71-B32AFDA6597E}\NetbiosOptions
deleted SYSTEM\CurrentControlSet\Services\Netbt\Parameters\EnableLmhosts
added SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B81E9D98-83C2-4A74-B04B-BEABF54C01A6}\AddressType
added SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B81E9D98-83C2-4A74-B04B-BEABF54C01A6}\DisableDynamicUpdate
reset SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B81E9D98-83C2-4A74-B04B-BEABF54C01A6}\RawIpAllowedProtocols
old REG_MULTI_SZ =
0

reset SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B81E9D98-83C2-4A74-B04B-BEABF54C01A6}\TcpAllowedPorts
old REG_MULTI_SZ =
0

reset SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B81E9D98-83C2-4A74-B04B-BEABF54C01A6}\UdpAllowedPorts
old REG_MULTI_SZ =
0

added SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}\DisableDynamicUpdate
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}\IpAutoconfigurationAddress
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}\IpAutoconfigurationMask
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}\IpAutoconfigurationSeed
reset SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}\RawIpAllowedProtocols
old REG_MULTI_SZ =
0

reset SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}\TcpAllowedPorts
old REG_MULTI_SZ =
0

reset SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}\UdpAllowedPorts
old REG_MULTI_SZ =
0

deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DontAddDefaultGatewayDefault
added SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\SearchList
deleted SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\UseDomainNameDevolution
reset Linkage\UpperBind for PCI\VEN_8086&DEV_10C0&SUBSYS_02381028&REV_02\3&2411E6FE&0&C8. bad value was:
REG_MULTI_SZ =
PSched

reset Linkage\UpperBind for ROOT\MS_NDISWANIP\0000. bad value was:
REG_MULTI_SZ =
PSched

<completed>

**********************************************************************************************************************************************



./
(o o)
--------------------------------------oOOo-(_)-oOOo--------------------------------------
[26/06/2012 18:19:41] Resetting all TCP/IP Interfaces, Please wait.....
-----------------------------------------------------------------------------------------
[26/06/2012 18:19:45] TCP/IP Stack reset successful.
[26/06/2012 18:19:45] TCP/IP Reset log located @ [F:\Documents and Settings\Bubbles2000\Desktop\cir\Complete Internet Repair\Logging\CIRReset.log]
[26/06/2012 18:19:46] TCP/IP interfaces reset successful.
[26/06/2012 18:19:47] TCP/IP v6 interfaces reset successful.
[26/06/2012 18:19:47] You may need to restart your computer for the settings to take effect.
[26/06/2012 18:19:47] Finished resetting the Internet Protocol (TCP/IP).

-----------------------------------------------------------------------------------------
[26/06/2012 18:19:47] Attempting to reset Winsock catalog, Please wait.....
-----------------------------------------------------------------------------------------
[26/06/2012 18:19:50] Successfully reset the Winsock Catalog.
[26/06/2012 18:19:50] Finished repairing Winsock

-----------------------------------------------------------------------------------------
[26/06/2012 18:19:50] Configuring the Windows Event Log Service, Please wait.....
-----------------------------------------------------------------------------------------
[26/06/2012 18:19:50] Windows Event Log Service Configured.
[26/06/2012 18:19:50] Starting the Windows Event Log Service.....
[26/06/2012 18:19:50] Windows Event Log Service Started Successfully.

-----------------------------------------------------------------------------------------
[26/06/2012 18:19:50] Flushing DNS Resolver Cache, Please wait.....
-----------------------------------------------------------------------------------------
[26/06/2012 18:19:51] Successfully flushed DNS Resolver Cache.
[26/06/2012 18:19:51] Refreshing all DHCP leases and re-registering DNS names, Please wait.....
[26/06/2012 18:19:55] Registration of the DNS resource records has been initiated.
[26/06/2012 18:19:55] Note: Any errors will be reported in the 'Event Viewer' in about 15 minutes.
[26/06/2012 18:19:55] Note: Click on 'File' and then 'Event Viewer...' to open the Event Viewer.

-----------------------------------------------------------------------------------------
[26/06/2012 18:19:55] You will need to reboot your computer before the settings will take effect.
-----------------------------------------------------------------------------------------
[26/06/2012 18:20:10] Your computer is restarting now.....

-----------------------------------------------------------------------------------------
***********************************************************************************************************************************************


OTL logfile created on: 6/26/2012 10:34:11 PM - Run 7
OTL by OldTimer - Version 3.2.48.0 Folder = F:\Documents and Settings\Bubbles2000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.68% Memory free
3.84 Gb Paging File | 3.38 Gb Available in Paging File | 87.97% Paging File free
Paging file location(s): F:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 6.36 Gb Total Space | 1.49 Gb Free Space | 23.41% Space Free | Partition Type: NTFS
Drive D: | 1397.26 Gb Total Space | 1307.65 Gb Free Space | 93.59% Space Free | Partition Type: NTFS
Drive E: | 149.05 Gb Total Space | 62.51 Gb Free Space | 41.94% Space Free | Partition Type: NTFS
Drive F: | 68.11 Gb Total Space | 2.61 Gb Free Space | 3.84% Space Free | Partition Type: NTFS

Computer Name: GARGOYLE2 | User Name: Bubbles2000 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/15 09:52:41 | 000,935,480 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012/06/15 09:52:38 | 001,104,440 | ---- | M] () -- F:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/06/12 16:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
PRC - [2012/05/24 11:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- F:\Documents and Settings\Bubbles2000\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/03/03 21:42:56 | 016,575,824 | ---- | M] (Comfort Software Group) -- F:\Program Files\HotAlarmClock\HotAlarmClock.exe
PRC - [2011/12/01 13:24:20 | 002,624,512 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
PRC - [2011/11/26 00:54:53 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- F:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- F:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/26 19:15:36 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- F:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/09/16 16:10:50 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- F:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2011/07/29 13:45:56 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/04/28 13:01:20 | 000,439,616 | ---- | M] (Panda Security, S.L.) -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PRC - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2009/11/10 15:41:14 | 000,036,864 | ---- | M] (MAXA Research Int'l Inc.) -- F:\Program Files\MAXA Security Tools\Lock\tray.exe
PRC - [2009/09/24 18:41:40 | 000,933,888 | ---- | M] (Silicon Motion) -- F:\Program Files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe
PRC - [2008/07/21 12:59:10 | 001,069,056 | ---- | M] (Audiovox Electronics Corp.) -- F:\Documents and Settings\Bubbles2000\My Documents\RCA Detective\RCADetective.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/15 09:52:42 | 000,132,664 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012/06/15 09:52:41 | 000,935,480 | ---- | M] () -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
MOD - [2012/06/15 09:52:38 | 001,104,440 | ---- | M] () -- F:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011/12/01 13:24:20 | 002,624,512 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe
MOD - [2010/07/04 14:32:38 | 000,010,752 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2010/07/04 14:32:36 | 000,004,608 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2010/07/04 12:51:26 | 000,017,408 | ---- | M] () -- F:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- F:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 17:11:51 | 000,059,904 | ---- | M] () -- F:\WINDOWS\system32\devenum.dll
MOD - [2007/02/14 12:55:11 | 000,165,424 | ---- | M] () -- F:\Program Files\Panda Security\Panda Cloud Antivirus\MiniCrypto.dll
MOD - [2007/02/14 12:55:10 | 000,099,888 | ---- | M] () -- F:\Program Files\Panda Security\Panda Cloud Antivirus\APIcr.dll
MOD - [2005/04/15 14:18:30 | 000,483,328 | ---- | M] () -- F:\WINDOWS\system32\lxcglmpm.dll
MOD - [2005/03/13 11:32:14 | 000,061,440 | ---- | M] () -- F:\Program Files\Lexmark 2300 Series\lxcgcnv4.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %ProgramFiles%\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\iphlpsvc.dll -- (iphlpsvc)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/23 16:05:26 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- F:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/15 09:52:41 | 000,935,480 | ---- | M] () [Auto | Running] -- F:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/04/20 18:19:00 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- F:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/05 15:10:32 | 000,458,008 | ---- | M] (Tanuki Software, Ltd.) [Auto | Stopped] -- C:\ManageEngine\EventLog\bin\wrapper.exe -- (eventloganalyzer)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- F:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- F:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- F:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/04/28 12:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- F:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/08/13 09:13:32 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- F:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus®
SRV - [2008/04/13 21:42:12 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 17:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- F:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2005/04/15 14:15:30 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- F:\WINDOWS\system32\lxcgcoms.exe -- (lxcg_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\DOCUME~1\BUBBLE~1\LOCALS~1\Temp\vdsdk.sys -- (VDSDK)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\tdx.sys -- (tdx)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\DOCUME~1\BUBBLE~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/06/21 02:34:09 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/01/05 13:10:09 | 000,144,008 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2011/11/30 18:37:24 | 000,112,648 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2011/11/23 09:59:40 | 000,130,312 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2011/10/01 08:30:42 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol)
DRV - [2011/10/01 08:30:40 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir)
DRV - [2011/10/01 08:30:38 | 000,209,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay)
DRV - [2011/10/01 08:30:36 | 000,584,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs)
DRV - [2011/04/28 12:57:38 | 000,111,688 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2011/04/28 12:57:38 | 000,097,096 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- F:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2011/03/18 09:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- F:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010/12/02 18:17:50 | 000,013,696 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\avwebcam.sys -- (AVWEBCAM)
DRV - [2010/07/15 08:44:20 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/07/15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- F:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/04/28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- F:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- F:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2007/05/02 16:21:22 | 004,403,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- F:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [1996/04/03 12:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- F:\WINDOWS\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...sa&d=2012-03-21 21:15:00&v=10.2.0.3&sap=hp
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{909D53DD-ED5F-405B-879E-5F5CD26B7C05}: "URL" = http://www.google.co...Terms}&aq=f&oq=
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-03-21 21:15:00&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9B97950D-482C-1D79-568F-FC7B9D40C785}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....erms}&fr=mkg028
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....h?fr=mkg030&p="
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.selectedEngineURL: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "igoogle.com"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: F:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: F:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: F:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: F:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: F:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: F:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: F:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: f:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: F:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npEpicPlayDisplayHost: F:\Program Files\EpicPlay\npEpicHost.dll ( )
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/26 00:55:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: F:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.7\ [2012/06/15 09:52:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: F:\Program Files\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: F:\Program Files\plugins [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/01 21:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/01 21:38:48 | 000,000,000 | ---D | M]

[2012/05/16 23:46:41 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Extensions
[2012/06/21 10:08:01 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions
[2012/06/17 19:09:26 | 000,000,000 | ---D | M] (FireShot) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012/05/01 21:04:29 | 000,000,000 | ---D | M] (FireShot) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}(2)
[2011/07/18 00:26:50 | 000,000,000 | ---D | M] (Flashblock) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012/05/25 06:22:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/11/20 04:00:12 | 000,000,000 | ---D | M] (NoScript) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
[2012/06/09 07:49:49 | 000,000,000 | ---D | M] (No name found) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2011/11/11 02:15:52 | 000,000,000 | ---D | M] (gTranslate) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}
[2012/04/24 13:24:25 | 000,000,000 | ---D | M] (DownloadHelper) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/05/02 18:07:59 | 000,000,000 | ---D | M] (DownThemAll!) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011/07/07 20:45:06 | 000,000,000 | ---D | M] (Web2PDF converter) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}
[2012/05/02 18:48:16 | 000,000,000 | ---D | M] (FoxLingo) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2012/04/24 13:50:51 | 000,000,000 | ---D | M] (Ant Video Downloader) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected](2).com
[2012/05/02 18:48:08 | 000,000,000 | ---D | M] (DeeperWeb for Google) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/05/02 18:48:17 | 000,000,000 | ---D | M] (Show Me More) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2012/06/21 10:08:01 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\extensions\[email protected]
[2010/10/17 01:46:49 | 000,002,027 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\searchplugins\google-translate-any--en.xml
[2012/05/16 23:46:12 | 000,002,519 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\Mozilla\Firefox\Profiles\x88k25g8.default\searchplugins\Search_Results.xml
[2012/05/22 22:43:07 | 000,000,000 | ---D | M] (No name found) -- F:\Program Files\Mozilla Firefox\extensions
[2012/06/06 14:07:39 | 000,061,219 | ---- | M] () (No name found) -- F:\DOCUMENTS AND SETTINGS\BUBBLES2000\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\X88K25G8.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
[2012/06/20 17:09:22 | 000,377,145 | ---- | M] () (No name found) -- F:\DOCUMENTS AND SETTINGS\BUBBLES2000\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\X88K25G8.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
[2012/04/20 18:19:34 | 000,097,208 | ---- | M] (Mozilla Foundation) -- F:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/15 09:52:35 | 000,003,768 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/20 18:18:25 | 000,002,252 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/20 18:18:25 | 000,002,040 | ---- | M] () -- F:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hnhgoncokajlafhnhjmccgcmgggiehjm\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.2_0\
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.2_0\.bak
CHR - Extension: No name found = F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\plccnhhjonaiagjelpfkclblmlppjcik\

O1 HOSTS File: ([2012/06/14 20:57:57 | 000,000,098 | ---- | M]) - F:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - F:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - F:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] F:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LogMeIn GUI] F:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MAXA-LockTray] F:\Program Files\MAXA Security Tools\Lock\tray.exe (MAXA Research Int'l Inc.)
O4 - HKLM..\Run: [PSUNMain] F:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [TkBellExe] F:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] F:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [vProt] F:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [HotAlarmClock] F:\Program Files\HotAlarmClock\HotAlarmClock.exe (Comfort Software Group)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\STIMON.lnk = F:\Program Files\USB2.0 UVC WebCam\USB2.0 UVC WebCam\STIMON.exe (Silicon Motion)
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\CNET TechTracker.lnk = F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exe ()
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\Dropbox.lnk = F:\Documents and Settings\Bubbles2000\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\RCA Detective.lnk = F:\Documents and Settings\Bubbles2000\My Documents\RCA Detective\RCADetective.exe (Audiovox Electronics Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E91EA0E0-F8AD-4018-AE7C-BD0430F21082}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - F:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (f:\windows\system32\userinit.exe) - F:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - F:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/20 02:20:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/01/27 00:03:47 | 000,027,568 | ---- | M] () - E:\autopay_DPA.pdf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/26 18:16:46 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\cir
[2012/06/26 18:14:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Complete Internet Repair
[2012/06/26 11:41:52 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Copy of Ed's test 5
[2012/06/26 01:28:38 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Copy of Eds test 6 mine
[2012/06/26 01:12:08 | 000,596,480 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
[2012/06/23 02:36:02 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Pictures
[2012/06/22 00:07:57 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\the naughtiest
[2012/06/21 02:13:41 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\TEMP
[2012/06/17 13:25:45 | 000,000,000 | -HSD | C] -- F:\RECYCLER
[2012/06/15 09:52:45 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\cache
[2012/06/14 21:20:19 | 004,557,245 | R--- | C] (Swearware) -- F:\Documents and Settings\Bubbles2000\Desktop\ComboFix.exe
[2012/06/14 20:53:29 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- F:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/12 16:25:25 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\more sayings
[2012/06/11 12:38:32 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Ed's test 5
[2012/06/11 09:54:33 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\Eds test 6
[2012/06/09 23:25:22 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\Panda Security
[2012/06/09 23:23:50 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\Panda Cloud Antivirus
[2012/06/09 23:23:26 | 000,000,000 | ---D | C] -- F:\Program Files\Panda Security
[2012/06/09 23:23:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Panda Security
[2012/06/09 11:39:28 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/06/09 07:57:45 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Dropbox
[2012/06/09 07:57:17 | 000,000,000 | ---D | C] -- F:\Program Files\Dropbox
[2012/06/09 06:15:38 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\art2
[2012/06/08 22:36:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\couples
[2012/06/07 04:17:10 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\WindowsPowerShell
[2012/06/07 04:17:07 | 000,000,000 | ---D | C] -- F:\WINDOWS\System32\GroupPolicy
[2012/06/07 04:16:43 | 000,000,000 | ---D | C] -- F:\WINDOWS\$968930Uinstall_KB968930$
[2012/06/07 04:10:26 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Application Data\IObit
[2012/06/07 04:10:08 | 000,000,000 | ---D | C] -- F:\Program Files\IObit
[2012/06/04 09:37:27 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\#4 test 4 Ed(2)
[2012/06/04 06:58:15 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\wallpaper
[2012/06/04 02:10:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\My doggies
[2012/06/03 21:48:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Dropbox(2)
[2012/06/03 19:25:06 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\GomPlayer
[2012/06/02 03:51:14 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\butts
[2012/06/01 22:32:04 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\ximages
[2012/06/01 22:11:58 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\All eds tests and results
[2012/06/01 22:02:08 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\My Documents\new women
[2012/06/01 21:38:29 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2012/06/01 21:38:03 | 000,000,000 | ---D | C] -- F:\Program Files\QuickTime
[2012/06/01 21:37:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Apple Computer
[2012/05/31 05:14:54 | 000,000,000 | ---D | C] -- F:\Documents and Settings\Bubbles2000\Desktop\bb
[2012/05/02 17:56:22 | 011,824,088 | ---- | C] (Mozilla Foundation) -- F:\Program Files\xul.dll
[2012/05/02 17:56:22 | 000,646,104 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nss3.dll
[2012/05/02 17:56:22 | 000,505,816 | ---- | C] (sqlite.org) -- F:\Program Files\sqlite3.dll
[2012/05/02 17:56:22 | 000,371,672 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssckbi.dll
[2012/05/02 17:56:22 | 000,246,744 | ---- | C] (Mozilla Foundation) -- F:\Program Files\updater.exe
[2012/05/02 17:56:22 | 000,166,872 | ---- | C] (Mozilla Foundation) -- F:\Program Files\softokn3.dll
[2012/05/02 17:56:22 | 000,142,296 | ---- | C] (Mozilla Foundation) -- F:\Program Files\ssl3.dll
[2012/05/02 17:56:22 | 000,105,432 | ---- | C] (Mozilla Foundation) -- F:\Program Files\smime3.dll
[2012/05/02 17:56:22 | 000,105,432 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssdbm3.dll
[2012/05/02 17:56:22 | 000,089,048 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nssutil3.dll
[2012/05/02 17:56:22 | 000,021,976 | ---- | C] (Mozilla Foundation) -- F:\Program Files\plc4.dll
[2012/05/02 17:56:22 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\xpcom.dll
[2012/05/02 17:56:22 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\plds4.dll
[2012/05/02 17:56:22 | 000,016,856 | ---- | C] (Mozilla Corporation) -- F:\Program Files\plugin-container.exe
[2012/05/02 17:56:21 | 000,912,344 | ---- | C] (Mozilla Corporation) -- F:\Program Files\firefox.exe
[2012/05/02 17:56:21 | 000,719,832 | ---- | C] (Mozilla Foundation) -- F:\Program Files\mozcrt19.dll
[2012/05/02 17:56:21 | 000,719,832 | ---- | C] (Mozilla Foundation) -- F:\Program Files\mozcpp19.dll
[2012/05/02 17:56:21 | 000,269,272 | ---- | C] (Mozilla Foundation) -- F:\Program Files\freebl3.dll
[2012/05/02 17:56:21 | 000,203,736 | ---- | C] (Mozilla Foundation) -- F:\Program Files\nspr4.dll
[2012/05/02 17:56:21 | 000,107,480 | ---- | C] (Mozilla Foundation) -- F:\Program Files\crashreporter.exe
[2012/05/02 17:56:21 | 000,019,416 | ---- | C] (Mozilla Foundation) -- F:\Program Files\AccessibleMarshal.dll

========== Files - Modified Within 30 Days ==========

[2012/06/26 22:32:00 | 000,000,896 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/26 22:18:00 | 000,001,002 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004UA.job
[2012/06/26 22:05:00 | 000,000,830 | ---- | M] () -- F:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/26 19:18:00 | 000,000,950 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1177238915-1647877149-725345543-1004Core1cc209613fe80f2.job
[2012/06/26 18:22:28 | 000,000,892 | ---- | M] () -- F:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/26 18:22:27 | 000,000,294 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-500.job
[2012/06/26 18:22:27 | 000,000,290 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
[2012/06/26 18:21:52 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2012/06/24 12:27:17 | 000,242,688 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/24 08:39:07 | 000,010,708 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\me1.JPG
[2012/06/24 07:02:47 | 000,004,606 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Application Data\wklnhst.dat
[2012/06/24 04:13:00 | 000,000,302 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-500.job
[2012/06/23 07:02:00 | 000,000,298 | ---- | M] () -- F:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1177238915-1647877149-725345543-1004.job
[2012/06/23 01:46:55 | 000,000,754 | ---- | M] () -- F:\WINDOWS\WORDPAD.INI
[2012/06/22 20:22:01 | 000,000,284 | ---- | M] () -- F:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/06/21 02:43:57 | 000,001,102 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Appnimi All-In-One Password Unlocker.lnk
[2012/06/21 02:34:09 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- F:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/06/21 02:16:30 | 000,000,032 | ---- | M] () -- F:\WINDOWS\System32\glmf3com.dat.dll
[2012/06/19 15:04:20 | 000,061,997 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\impossibilities.jpg
[2012/06/18 09:25:13 | 000,000,091 | ---- | M] () -- F:\WINDOWS\DVM.INI
[2012/06/16 04:03:27 | 000,078,776 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\irene gillespie schaub frave.jpg
[2012/06/15 08:11:05 | 000,002,577 | ---- | M] () -- F:\WINDOWS\System32\CONFIG.NT
[2012/06/14 20:57:57 | 000,000,098 | ---- | M] () -- F:\WINDOWS\System32\drivers\etc\Hosts
[2012/06/13 19:38:30 | 004,557,245 | R--- | M] (Swearware) -- F:\Documents and Settings\Bubbles2000\Desktop\ComboFix.exe
[2012/06/12 16:23:08 | 000,596,480 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\Bubbles2000\Desktop\OTL.exe
[2012/06/09 23:24:05 | 000,000,264 | ---- | M] () -- F:\WINDOWS\System32\PSUNCpl.dat
[2012/06/09 20:50:57 | 000,000,046 | ---- | M] () -- F:\WINDOWS\System32\_WKERNEL.FRE
[2012/06/09 12:39:25 | 000,040,893 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\dual nibble.jpeg
[2012/06/09 08:04:33 | 000,002,206 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2012/06/08 20:14:59 | 000,002,613 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\logo4.jpg
[2012/06/07 04:54:27 | 000,484,030 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2012/06/07 04:54:27 | 000,080,082 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2012/06/06 21:58:26 | 000,082,195 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\the king.jpg
[2012/06/06 18:05:14 | 000,487,091 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\work=(913)+461-3895.pdf
[2012/06/06 18:03:40 | 000,747,778 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\heather shay work maybe3233022306.pdf
[2012/06/04 21:41:07 | 000,067,309 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\FireShot Screen Capture #319 - 'AVON - Order Confirmed' - shop_avon_com_shop_confirmed_aspx_order_id=23900597&ccauthreportcode&paypal=5HW871020D7354602.jpg
[2012/06/04 18:51:13 | 000,015,872 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\tim's letter 5-2012.wps
[2012/06/01 21:38:30 | 000,001,613 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/06/01 12:38:35 | 000,001,055 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/01 12:38:18 | 000,001,051 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\Desktop\Dropbox.lnk
[2012/05/27 22:50:21 | 000,000,964 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.7z
[2012/05/27 22:46:48 | 000,008,827 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.7z
[2012/05/27 22:46:12 | 000,001,679 | ---- | M] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.rtf

========== Files Created - No Company Name ==========

[2012/06/24 08:41:34 | 000,067,685 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Snapshot000015.jpg
[2012/06/24 08:39:07 | 000,010,708 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\me1.JPG
[2012/06/22 06:09:58 | 000,072,877 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Snapshot000006.jpg
[2012/06/21 11:36:15 | 000,014,294 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\angel.jpg
[2012/06/21 10:52:02 | 000,002,613 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\logo4.jpg
[2012/06/21 02:43:57 | 000,001,102 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Appnimi All-In-One Password Unlocker.lnk
[2012/06/21 02:16:30 | 000,000,032 | ---- | C] () -- F:\WINDOWS\System32\glmf3com.dat.dll
[2012/06/19 15:04:19 | 000,061,997 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\impossibilities.jpg
[2012/06/16 04:03:26 | 000,078,776 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\irene gillespie schaub frave.jpg
[2012/06/12 13:53:23 | 000,073,795 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\Snapshot000010.jpg
[2012/06/09 23:24:05 | 000,000,264 | ---- | C] () -- F:\WINDOWS\System32\PSUNCpl.dat
[2012/06/09 12:39:24 | 000,040,893 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\dual nibble.jpeg
[2012/06/06 21:58:26 | 000,082,195 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Desktop\the king.jpg
[2012/06/06 18:05:14 | 000,487,091 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\work=(913)+461-3895.pdf
[2012/06/06 18:03:40 | 000,747,778 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\heather shay work maybe3233022306.pdf
[2012/06/04 21:41:07 | 000,067,309 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\FireShot Screen Capture #319 - 'AVON - Order Confirmed' - shop_avon_com_shop_confirmed_aspx_order_id=23900597&ccauthreportcode&paypal=5HW871020D7354602.jpg
[2012/06/04 18:16:10 | 000,015,872 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\tim's letter 5-2012.wps
[2012/06/03 18:36:25 | 000,000,787 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\mags.rtf
[2012/06/01 22:30:41 | 000,007,973 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\inmyway.jpg
[2012/06/01 22:11:15 | 022,571,982 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\His choices.7z
[2012/06/01 21:38:30 | 000,001,613 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/05/28 03:13:00 | 000,008,827 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.7z
[2012/05/28 03:12:15 | 000,000,964 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.7z
[2012/05/27 22:51:13 | 000,001,679 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\fixing the house estimate.rtf
[2012/05/27 22:50:02 | 000,038,978 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\My Documents\Peter_edited_.rtf
[2012/05/16 23:45:55 | 000,484,352 | ---- | C] () -- F:\WINDOWS\System32\lame_enc.dll
[2012/05/12 04:31:37 | 000,000,719 | ---- | C] () -- F:\WINDOWS\wininit.ini
[2012/05/09 09:40:01 | 000,003,072 | ---- | C] () -- F:\WINDOWS\System32\iacenc.dll
[2012/05/09 02:11:24 | 000,256,000 | ---- | C] () -- F:\WINDOWS\PEV.exe
[2012/05/09 02:11:24 | 000,208,896 | ---- | C] () -- F:\WINDOWS\MBR.exe
[2012/05/09 02:11:24 | 000,098,816 | ---- | C] () -- F:\WINDOWS\sed.exe
[2012/05/09 02:11:24 | 000,080,412 | ---- | C] () -- F:\WINDOWS\grep.exe
[2012/05/09 02:11:24 | 000,068,096 | ---- | C] () -- F:\WINDOWS\zip.exe
[2012/05/04 18:56:20 | 000,001,235 | ---- | C] () -- F:\Program Files\updates.xml
[2012/05/04 18:56:18 | 000,000,057 | ---- | C] () -- F:\Program Files\active-update.xml
[2012/05/04 18:55:46 | 000,016,246 | ---- | C] () -- F:\Program Files\removed-files
[2012/05/04 18:55:34 | 000,000,000 | ---- | C] () -- F:\Program Files\.autoreg
[2012/05/02 17:56:28 | 000,000,707 | ---- | C] () -- F:\Program Files\updater.ini
[2012/05/02 17:56:28 | 000,000,232 | ---- | C] () -- F:\Program Files\browserconfig.properties
[2012/05/02 17:56:28 | 000,000,006 | ---- | C] () -- F:\Program Files\update.locale
[2012/05/02 17:56:22 | 000,000,478 | ---- | C] () -- F:\Program Files\softokn3.chk
[2012/05/02 17:56:22 | 000,000,478 | ---- | C] () -- F:\Program Files\nssdbm3.chk
[2012/05/02 17:56:22 | 000,000,142 | ---- | C] () -- F:\Program Files\platform.ini
[2012/05/02 17:56:21 | 001,014,744 | ---- | C] () -- F:\Program Files\js3250.dll
[2012/05/02 17:56:21 | 000,031,393 | ---- | C] () -- F:\Program Files\LICENSE
[2012/05/02 17:56:21 | 000,005,183 | ---- | C] () -- F:\Program Files\blocklist.xml
[2012/05/02 17:56:21 | 000,003,803 | ---- | C] () -- F:\Program Files\crashreporter.ini
[2012/05/02 17:56:21 | 000,000,583 | ---- | C] () -- F:\Program Files\crashreporter-override.ini
[2012/05/02 17:56:21 | 000,000,478 | ---- | C] () -- F:\Program Files\freebl3.chk
[2012/05/02 17:56:21 | 000,000,115 | ---- | C] () -- F:\Program Files\dependentlibs.list
[2012/04/26 06:33:56 | 000,044,599 | ---- | C] () -- F:\Program Files\sniffpass.zip
[2012/03/02 22:59:54 | 000,108,032 | ---- | C] () -- F:\WINDOWS\System32\ff_vfw.dll
[2012/02/20 21:46:15 | 000,000,043 | ---- | C] () -- F:\WINDOWS\gswin32.ini
[2011/11/26 23:18:56 | 002,062,304 | ---- | C] () -- F:\Program Files\installspeedfan443.exe
[2011/10/31 18:16:38 | 015,854,592 | ---- | C] () -- F:\Program Files\Setup.msi
[2011/10/28 17:22:15 | 000,204,800 | ---- | C] () -- F:\WINDOWS\System32\igfxCoIn_v4820.dll
[2011/07/08 01:48:35 | 000,000,007 | ---- | C] () -- F:\WINDOWS\treeskp.sys
[2011/07/08 01:48:35 | 000,000,007 | ---- | C] () -- F:\WINDOWS\sbacknt.bin
[2010/11/29 16:53:55 | 000,000,037 | ---- | C] () -- F:\WINDOWS\Viewer.ini
[2010/09/02 00:33:54 | 000,015,360 | ---- | C] () -- F:\WINDOWS\System32\bdmjpeg.dll
[2010/09/02 00:32:52 | 000,058,368 | ---- | C] () -- F:\WINDOWS\System32\bdmpegv.dll
[2010/08/25 06:28:07 | 000,000,031 | ---- | C] () -- F:\WINDOWS\System32\wocsodsini.dll
[2010/08/25 06:27:47 | 000,000,530 | ---- | C] () -- F:\WINDOWS\System32\tx14_ic.ini
[2010/08/25 06:09:41 | 001,774,720 | ---- | C] () -- F:\WINDOWS\System32\BootMan.exe
[2010/08/25 06:09:41 | 000,086,408 | ---- | C] () -- F:\WINDOWS\System32\setupempdrv03.exe
[2010/08/25 06:09:41 | 000,014,848 | ---- | C] () -- F:\WINDOWS\System32\EuEpmGdi.dll
[2010/08/25 06:09:41 | 000,013,192 | ---- | C] () -- F:\WINDOWS\System32\epmntdrv.sys
[2010/08/25 06:09:41 | 000,008,456 | ---- | C] () -- F:\WINDOWS\System32\EuGdiDrv.sys
[2010/07/23 22:17:42 | 000,000,132 | -H-- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\lakerda1967.sys
[2010/07/23 22:13:46 | 000,010,584 | ---- | C] () -- F:\Documents and Settings\Bubbles2000\Application Data\docXConverter (3).ini
[2010/06/28 06:32:59 | 000,000,025 | ---- | C] () -- F:\WINDOWS\cdplayer.ini

========== LOP Check ==========

[2012/02/07 15:55:16 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Alwil Software
[2012/06/26 18:24:58 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2012/06/17 13:20:47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/06/21 02:26:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/05/16 23:46:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/03/21 21:14:26 | 000,000,000 | -H-D | M] -- F:\Documents and Settings\All Users\Application Data\Common Files
[2012/02/04 11:25:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Deskshare
[2011/06/05 02:07:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\eJ01803LaHpI01803
[2012/03/12 05:40:39 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\FaceOffMax
[2010/09/15 08:44:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\FileCure
[2012/06/12 17:42:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\firebird
[2010/06/02 07:03:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\IM
[2010/10/14 15:40:45 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Laconic Software
[2012/02/07 12:44:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/09/05 21:30:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Masters ITC
[2012/01/15 18:06:32 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Mirolit
[2012/06/09 23:23:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\Panda Security
[2012/01/26 12:06:59 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\PC1Data
[2011/08/30 00:01:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\RPSP
[2010/09/03 12:31:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ScreenVCR
[2010/07/23 20:43:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/06/08 23:21:32 | 000,000,000 | -HSD | M] -- F:\Documents and Settings\All Users\Application Data\System Restore
[2012/06/21 02:19:57 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\TEMP
[2010/08/12 23:55:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2010/08/20 20:33:33 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\WinZip
[2011/08/06 13:59:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\All Users\Application Data\ZentimoService
[2011/12/29 12:47:48 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\.purple
[2010/06/02 20:42:44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Arkadium
[2012/03/21 21:15:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\AVG Secure Search
[2012/06/14 20:57:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\BabylonToolbar
[2011/05/10 13:53:24 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\BANDISOFT
[2011/08/29 03:15:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Business Logic
[2010/06/01 04:51:58 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\CBS Interactive
[2012/05/07 13:39:52 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Chrysanth
[2012/06/26 18:24:19 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Dropbox
[2012/02/07 12:48:15 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\DzSoft
[2012/03/12 05:40:40 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\FaceOffMax
[2012/03/27 07:20:31 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\FireShot
[2012/05/16 23:46:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\FreeBurner
[2011/10/10 16:23:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Garbage Finder
[2010/07/23 20:57:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Genie-Soft
[2010/09/14 13:42:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\iLike
[2010/08/11 09:11:23 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\ImageBadger
[2012/06/09 07:49:30 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\IObit
[2011/02/14 22:16:28 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\IrfanView
[2011/09/05 04:23:13 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Listary
[2012/03/02 23:35:11 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\mresreg
[2011/10/05 16:14:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\OpenCandy
[2012/06/09 23:25:22 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Panda Security
[2012/04/21 11:56:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\PC Cleaners
[2012/04/19 17:53:50 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\PCPro
[2011/06/05 02:08:16 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Sammsoft
[2012/06/26 00:52:37 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\SoftGrid Client
[2010/12/09 14:44:36 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Software Informer
[2011/12/03 01:17:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Start Menu 7
[2010/05/27 22:18:51 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Template
[2010/08/04 17:00:02 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\TP
[2011/11/20 04:18:44 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Trillian
[2011/10/10 13:58:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\TweakNow PowerPack 2011
[2011/10/15 02:45:06 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\TweakNow WinSecret 2011
[2012/02/14 04:49:14 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\USBSafelyRemove
[2012/02/02 04:56:04 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\USBSRService
[2012/05/01 22:34:49 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\uTorrent
[2011/09/18 00:21:47 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\visualsearchpony.com
[2012/04/02 14:11:26 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\XnView
[2011/09/07 17:20:53 | 000,000,000 | ---D | M] -- F:\Documents and Settings\Bubbles2000\Application Data\Zentimo

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> F:\Documents and Settings\All Users\Application Data\TEMP:82F50D1C

< End of report >

I really appreciate your help with this mess...ed
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you go start > run
Type in CMD
In the black box that opens type in the following :

Ping 74.125.227.130

Could you then post the result of that please
  • 0

#15
edhalfdead

edhalfdead

    Member

  • Topic Starter
  • Member
  • PipPip
  • 89 posts
Here is the data that you requested:

**********************************************************************************************
Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.

F:\Documents and Settings\Bubbles2000>Ping 74.125.227.130

Pinging 74.125.227.130 with 32 bytes of data:

Reply from 74.125.227.130: bytes=32 time=59ms TTL=52
Reply from 74.125.227.130: bytes=32 time=63ms TTL=51
Reply from 74.125.227.130: bytes=32 time=62ms TTL=51
Reply from 74.125.227.130: bytes=32 time=59ms TTL=51

Ping statistics for 74.125.227.130:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 59ms, Maximum = 63ms, Average = 60ms

F:\Documents and Settings\Bubbles2000>

F:\Documents and Settings\Bubbles2000>


*******************************************************************************************************************

Again I Thank You for your help...ed
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP