Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help with possible infection

Started by hopelesscase , Jun 26 2012 04:57 PM

  • Please log in to reply

#1
hopelesscase
Posted 26 June 2012 - 04:57 PM

hopelesscase

    New Member

  • Member
  • Pip
  • 1 posts
I have noticed a recent drop in performance and a problem with delay / lag whilst using the computer and browsing. I also have noticed that I get a white blank screen after initial startup but before the desktop appears. This is different to my normal experience.

I have run Avast (my resident scanner), Malwarebytes, Panda Online, Spybot and Housecall.
MB quarantined PUP.OfferBundler.ST and PUP.Hacktool.Patcher
Housecall = nothing
Spybot found Babylon.Toolbar AdwareC, DoubleClick cookies, MediaPlex cookies, SweetIM PUPSC - fixed all

I have noticed two desktop.ini files on my desktop that were not there previously. They are greyed out so I assume they are normally hidden files?

OTL logfile created on: 26/06/2012 23:49:23 - Run 4
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Lyndon\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 49.42% Memory free
5.99 Gb Paging File | 4.20 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.04 Gb Total Space | 44.31 Gb Free Space | 30.76% Space Free | Partition Type: NTFS
Drive D: | 137.50 Gb Total Space | 130.13 Gb Free Space | 94.64% Space Free | Partition Type: NTFS
Drive J: | 3.73 Gb Total Space | 3.47 Gb Free Space | 93.11% Space Free | Partition Type: FAT32

Computer Name: LYNDON-LAPTOP | User Name: Lyndon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Lyndon\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Backblaze\bzbui.exe ()
PRC - C:\Program Files\Backblaze\bzfilelist.exe ()
PRC - C:\Program Files\Backblaze\bzserv.exe ()
PRC - C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Users\Lyndon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
PRC - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - C:\Program Files\Micro Niche Finder\bggoogle.exe ( James J. Jones, LLC.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\ACER\Mobility Center\MobilityService.exe ()
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
PRC - C:\Program Files\Micro Niche Finder\srvany.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Program Files\Backblaze\bzbui.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Users\Lyndon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Program Files\Evernote\Evernote\libtidy.dll ()
MOD - C:\Program Files\Evernote\Evernote\libxml2.dll ()
MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Notepad++\NppShell_04.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3010.0__4df5dcab8860d239\Framework.Utility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3010.0__3036420f80dd6947\Framework.Library.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3010.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Windows\System32\SysHook.dll ()
MOD - C:\Program Files\Extension Changer\extcontext.dll ()


========== Win32 Services (SafeList) ==========

SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (ACDaemon) -- File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (bzserv) -- C:\Program Files\Backblaze\bzserv.exe ()
SRV - (BingDesktopUpdate) -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (nlsX86cc) -- C:\Windows\System32\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (vfsFPService) -- C:\Windows\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)
SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (ABBYY.Licensing.FineReader.Professional.9.0) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY (BIT Software))
SRV - (MobilityService) -- C:\ACER\Mobility Center\MobilityService.exe ()
SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Capture Device Service) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
SRV - (SSScsiSV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (SonicStage Back-End Service) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
SRV - (Micro Niche Finder Background Download Service) -- C:\Program Files\Micro Niche Finder\srvany.exe ()


========== Driver Services (SafeList) ==========

DRV - (RimUsb) -- System32\Drivers\RimUsb.sys File not found
DRV - (pccsmcfd) -- system32\DRIVERS\pccsmcfd.sys File not found
DRV - (DritekPortIO) -- File not found
DRV - (archlp) -- system32\drivers\archlp.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (NETwLv32) Intel® -- C:\Windows\System32\drivers\NETwLv32.sys (Intel Corporation)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (L1E) -- C:\Windows\System32\drivers\L1E62x86.sys (Atheros Communications, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ITECIRfilter) -- C:\Windows\System32\drivers\ITECIRfilter.sys (ITE Tech. Inc. )
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. )
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (netw5v32) Intel® -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (vfs101x) -- C:\Windows\System32\drivers\vfs101x.sys (Validity Sensors, Inc.)
DRV - (NETw4v32) Intel® -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (s616unic) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM) -- C:\Windows\System32\drivers\s616unic.sys (MCCI Corporation)
DRV - (s616obex) -- C:\Windows\System32\drivers\s616obex.sys (MCCI Corporation)
DRV - (s616nd5) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS) -- C:\Windows\System32\drivers\s616nd5.sys (MCCI Corporation)
DRV - (s616mgmt) Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s616mgmt.sys (MCCI Corporation)
DRV - (s616mdm) -- C:\Windows\System32\drivers\s616mdm.sys (MCCI Corporation)
DRV - (s616mdfl) -- C:\Windows\System32\drivers\s616mdfl.sys (MCCI Corporation)
DRV - (s616bus) Sony Ericsson Device 616 driver (WDM) -- C:\Windows\System32\drivers\s616bus.sys (MCCI Corporation)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 97 D5 EA 42 50 2B CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost; 127.0.0.1; <local>;*.local

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files\Common Files\doubleTwist\NPPodcast.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Lyndon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Lyndon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Lyndon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Lyndon\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/03/18 14:38:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/05/12 00:06:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/15 23:26:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/19 13:25:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/05/19 13:25:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/05/19 13:25:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/15 23:26:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/19 13:25:00 | 000,000,000 | ---D | M]

[2010/09/12 23:18:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Extensions
[2010/04/20 06:38:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/09/12 23:18:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Extensions\{ea278cf8-93cd-484f-b951-57360482d33a}
[2010/05/01 14:42:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/06/20 15:10:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions
[2010/04/28 00:48:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/04/11 07:10:03 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2011/12/30 12:33:58 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2011/05/15 13:26:29 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011/01/26 02:06:38 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2012/06/08 19:22:20 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012/05/23 18:30:43 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2012/05/23 18:30:45 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/06/26 23:48:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/12/09 23:16:47 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\[email protected]
[2012/05/18 20:36:26 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\[email protected]
[2012/05/22 22:43:29 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\[email protected]
[2011/02/08 08:35:24 | 000,000,000 | ---D | M] (socialmonkee) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\[email protected]
[2012/06/20 15:10:52 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Lyndon\AppData\Roaming\Mozilla\Firefox\Profiles\eqlnjebl.default\extensions\[email protected]
[2012/03/19 00:26:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/06/23 22:13:49 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/15 23:26:22 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/03/03 14:44:44 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/10/13 19:28:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/08 20:28:18 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Lyndon\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Lyndon\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Lyndon\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Lyndon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Lyndon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Entanglement = C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: JavaScript Popup Blocker = C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol\1.0.5_0\
CHR - Extension: Classic Popup Blocker = C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijicndbkjoplmhnclmoahmcaffaeapp\2.1_0\
CHR - Extension: ICE Quick Stream = C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapljocpedaolbooelchgnkkaplpadgp\5.1_1\
CHR - Extension: Poppit = C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\Lyndon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\

O1 HOSTS File: ([2011/08/14 18:02:42 | 000,436,583 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.micronichefinder.com
O1 - Hosts: 127.0.0.1 www.keywordelite.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 92.241.168.10 link-assistant.com
O1 - Hosts: 92.241.168.10 www.link-assistant.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 15028 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Backblaze] C:\Program Files\Backblaze\bzbui.exe ()
O4 - HKCU..\Run: [Gmail Notifier.exe] C:\Program Files\Gmail Notifier\Gmail Notifier.exe (www.gmailnotifier.com)
O4 - HKCU..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Lyndon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Lyndon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Lyndon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Lyndon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Reg Error: Key error.)
O16 - DPF: {72376E32-8AF2-473F-BE32-E5D0F39C865D} http://www.cyberlink...dateAdvisor.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8923478-D9A5-49E8-8816-17305635816C}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8923478-D9A5-49E8-8816-17305635816C}: NameServer = 208.122.23.22,208.122.23.23
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/09/16 07:49:06 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/10/10 11:17:29 | 000,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{d0fc480e-c121-11df-8c67-00a0d1aa47e4}\Shell - "" = AutoRun
O33 - MountPoints2\{d0fc480e-c121-11df-8c67-00a0d1aa47e4}\Shell\AutoRun\command - "" = F:\.\Bin\ASSETUP.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\ubcd\website\index.html
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/26 22:55:37 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Lyndon\Desktop\OTL.exe
[2012/06/25 13:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SendBlaster 2
[2012/06/25 13:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\SendBlaster
[2012/06/24 18:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Market Samurai
[2012/06/22 04:24:40 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4
[2012/06/16 11:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/06/16 11:47:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/06/16 11:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/06/15 21:24:54 | 000,000,000 | ---D | C] -- C:\Users\Lyndon\AppData\Local\Macromedia
[2012/06/12 20:33:26 | 000,000,000 | -H-D | C] -- C:\.bzvol
[2012/06/12 20:33:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backblaze
[2012/06/12 20:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Backblaze
[2012/06/12 20:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\Backblaze
[2012/06/05 18:56:34 | 000,000,000 | ---D | C] -- C:\Users\Lyndon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
[2012/06/05 18:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
[2012/06/05 18:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\MagicISO
[2012/06/05 18:49:14 | 000,000,000 | ---D | C] -- C:\Users\Lyndon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2012/06/05 18:49:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2012/06/05 18:49:13 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Decrypter

========== Files - Modified Within 30 Days ==========

[2012/06/26 23:56:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/26 23:29:11 | 000,414,162 | ---- | M] () -- C:\Users\Lyndon\AppData\Local\census.cache
[2012/06/26 23:29:02 | 000,149,743 | ---- | M] () -- C:\Users\Lyndon\AppData\Local\ars.cache
[2012/06/26 23:26:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/26 23:23:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-161650413-18026799-2602292562-1000UA.job
[2012/06/26 23:04:04 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-161650413-18026799-2602292562-1000Core.job
[2012/06/26 22:56:22 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/26 22:55:51 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Lyndon\Desktop\OTL.exe
[2012/06/26 22:48:18 | 000,019,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/26 22:48:18 | 000,019,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/26 22:47:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/26 07:59:03 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012/06/26 07:58:59 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/06/26 07:57:45 | 431,976,083 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/06/26 07:57:44 | 2414,682,112 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/25 20:27:41 | 004,195,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/25 19:40:19 | 001,088,729 | ---- | M] () -- C:\Users\Lyndon\Desktop\pikachu_seps.ai
[2012/06/25 19:39:01 | 001,117,480 | ---- | M] () -- C:\Users\Lyndon\Desktop\Untitled-3.ai
[2012/06/25 19:37:33 | 000,664,780 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/25 19:37:33 | 000,125,484 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/25 16:35:11 | 001,079,319 | ---- | M] () -- C:\Users\Lyndon\Desktop\Untitled-1.ai
[2012/06/22 18:56:18 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/06/17 23:15:52 | 000,006,431 | ---- | M] () -- C:\Users\Lyndon\AppData\Roaming\PrimoPDFSet.xml
[2012/06/17 23:03:50 | 000,102,400 | ---- | M] () -- C:\Windows\RegBootClean.exe
[2012/06/12 21:59:10 | 000,001,059 | ---- | M] () -- C:\Users\Lyndon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

========== Files Created - No Company Name ==========

[2012/06/26 07:57:45 | 431,976,083 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/06/25 19:40:16 | 001,088,729 | ---- | C] () -- C:\Users\Lyndon\Desktop\pikachu_seps.ai
[2012/06/25 18:48:15 | 001,117,480 | ---- | C] () -- C:\Users\Lyndon\Desktop\Untitled-3.ai
[2012/06/25 11:48:31 | 001,079,319 | ---- | C] () -- C:\Users\Lyndon\Desktop\Untitled-1.ai
[2012/06/24 18:19:59 | 000,000,877 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
[2012/06/17 23:03:50 | 000,102,400 | ---- | C] () -- C:\Windows\RegBootClean.exe
[2012/05/10 21:26:45 | 000,000,132 | ---- | C] () -- C:\Users\Lyndon\AppData\Roaming\Adobe AIFF Format CS6 Prefs
[2012/05/10 21:23:28 | 000,000,132 | ---- | C] () -- C:\Users\Lyndon\AppData\Roaming\Adobe BMP Format CS6 Prefs
[2012/04/01 15:37:10 | 004,195,824 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/03/28 21:41:51 | 000,000,228 | ---- | C] () -- C:\Users\Lyndon\.swfinfo
[2012/02/24 20:39:24 | 000,000,600 | ---- | C] () -- C:\Users\Lyndon\AppData\Roaming\winscp.rnd
[2012/02/24 20:38:23 | 000,000,600 | ---- | C] () -- C:\Users\Lyndon\AppData\Local\PUTTY.RND
[2012/01/27 21:06:03 | 000,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2011/12/27 19:09:05 | 000,401,408 | ---- | C] () -- C:\Windows\wget.exe
[2011/12/27 19:09:04 | 000,410,942 | ---- | C] () -- C:\Windows\adb.exe
[2011/12/27 19:09:04 | 000,356,009 | ---- | C] () -- C:\Windows\fastboot.exe
[2011/12/27 19:09:04 | 000,063,488 | ---- | C] () -- C:\Windows\md5sum.exe
[2011/08/25 21:31:50 | 000,414,162 | ---- | C] () -- C:\Users\Lyndon\AppData\Local\census.cache
[2011/08/25 21:31:29 | 000,149,743 | ---- | C] () -- C:\Users\Lyndon\AppData\Local\ars.cache
[2011/07/31 11:26:30 | 002,662,488 | ---- | C] () -- C:\Users\Lyndon\.websiteauditor.properties
[2011/07/31 11:26:05 | 000,452,098 | ---- | C] () -- C:\Users\Lyndon\.linkassistant.properties
[2011/07/31 11:21:49 | 000,408,668 | ---- | C] () -- C:\Users\Lyndon\.ranktracker.properties
[2011/07/31 11:21:19 | 000,459,558 | ---- | C] () -- C:\Users\Lyndon\.spyglass.properties
[2011/06/23 22:20:33 | 000,028,672 | ---- | C] () -- C:\Windows\System32\lgpi32.dll
[2011/06/23 22:17:25 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/06/06 21:26:10 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/06/06 21:26:10 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2010/11/04 08:07:35 | 000,000,000 | -H-- | C] () -- C:\Windows\€nlsPreferences.dat
[2010/09/04 20:02:55 | 000,072,080 | ---- | C] () -- C:\Users\Lyndon\g2mdlhlpx.exe
[2010/05/01 20:21:10 | 000,460,820 | ---- | C] () -- C:\Users\Lyndon\.spyglass.properties.bak
[2010/04/26 08:29:44 | 000,000,036 | ---- | C] () -- C:\Users\Lyndon\AppData\Local\housecall.guid.cache
[2010/03/13 17:39:22 | 000,000,000 | ---- | C] () -- C:\Users\Lyndon\AppData\Local\prvlcl.dat
[2010/01/13 23:38:23 | 000,024,081 | ---- | C] () -- C:\Users\Lyndon\AppData\Roaming\UserTile.png
[2009/12/13 15:26:53 | 000,038,400 | ---- | C] () -- C:\Users\Lyndon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/09 23:21:21 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/11/28 17:53:00 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/10/14 09:42:08 | 000,000,069 | ---- | C] () -- C:\Users\Lyndon\jagex_runescape_preferences2.dat
[2009/10/10 13:59:39 | 000,000,039 | ---- | C] () -- C:\Users\Lyndon\jagex_runescape_preferences.dat
[2009/08/09 10:47:18 | 000,006,431 | ---- | C] () -- C:\Users\Lyndon\AppData\Roaming\PrimoPDFSet.xml
[2009/07/21 22:32:21 | 000,000,158 | ---- | C] () -- C:\Users\Lyndon\AppData\Roaming\wklnhst.dat
[2009/07/15 00:29:46 | 000,002,299 | ---- | C] () -- C:\Users\Lyndon\AppData\Roaming\acervcmtmp.ini

========== LOP Check ==========

[2010/01/17 13:27:48 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\abgx360
[2010/07/20 20:44:37 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\acccore
[2009/11/28 17:32:21 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Acer
[2009/11/28 17:32:21 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Acer GameZone Console
[2011/03/22 23:01:23 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Archon Media
[2011/11/12 19:22:42 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Article Marketing Robot
[2011/01/24 23:26:48 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Auslogics
[2009/12/18 18:52:23 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\avidemux
[2011/11/06 12:18:56 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\calibre
[2010/05/03 11:17:43 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Canneverbe Limited
[2012/06/18 20:17:45 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Canon
[2009/11/28 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Chaotic Box
[2010/09/19 10:52:24 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/11/28 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/20 21:58:33 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\DomainSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2010/07/29 22:57:01 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Downloaded Installations
[2009/11/28 17:32:27 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Dr. DivX 2.0 OSS
[2012/06/26 22:47:57 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Dropbox
[2011/10/02 17:21:03 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\EAC
[2011/02/18 23:59:12 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\EasyLeadFinder
[2010/07/29 23:24:05 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Enfocus Prefs Folder
[2009/07/26 21:44:52 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\eSobi
[2010/11/28 15:39:09 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\EurekaLog
[2011/12/05 20:30:07 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\f-secure
[2012/04/15 10:16:36 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\FileZilla
[2011/10/15 20:16:41 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\foobar2000
[2012/06/26 07:59:27 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Gmail Notifier
[2010/09/12 14:56:07 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\GoodSync
[2011/03/27 21:17:44 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\GSplit
[2011/12/08 00:04:35 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\HandBrake
[2009/11/28 17:32:27 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Helios
[2009/11/28 17:32:27 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\HTSK
[2011/07/07 22:17:54 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\ImgBurn
[2011/06/19 10:15:05 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\JonathanLeger.com
[2011/03/03 19:36:25 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\KeePass
[2010/03/29 20:24:55 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\KompoZer
[2010/07/01 00:39:37 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\KSS Keyword Suggestion Scraper
[2009/11/28 17:32:27 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Leadertech
[2009/11/28 17:32:41 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2011/06/23 22:04:52 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\MP3SkypeRecorder
[2010/07/29 22:59:51 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Nitro PDF
[2011/12/15 23:36:24 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Nokia
[2011/12/15 23:36:24 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Nokia Ovi Suite
[2012/05/04 21:53:04 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Notepad++
[2011/09/04 19:53:27 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\OpenCandy
[2009/11/28 17:32:54 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\OpenOffice.org
[2010/01/14 00:56:03 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\PC Suite
[2010/04/26 08:27:48 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\QuickScan
[2011/07/31 17:24:17 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Rankerizer
[2012/01/24 00:25:28 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Seas0nPass
[2012/06/25 20:23:54 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\SendBlaster2
[2011/02/27 15:54:56 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Sick Marketing
[2009/12/09 23:01:34 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\SoftDMA
[2012/06/12 23:28:24 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Spotify
[2012/05/06 14:24:18 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2009/11/28 17:33:05 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Steinberg
[2011/02/10 19:11:07 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\SystemRequirementsLab
[2011/08/11 09:21:16 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\TeamViewer
[2009/11/28 17:33:05 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Template
[2010/04/20 06:38:07 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Thunderbird
[2010/04/06 19:00:48 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Trillian
[2011/01/22 20:22:27 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\TuneUp Software
[2010/10/03 10:24:38 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\ubot
[2009/12/20 21:40:22 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Ulead Systems
[2012/06/26 08:00:36 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\uTorrent
[2009/07/15 00:28:47 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Validity
[2009/11/28 17:33:06 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Waves Audio
[2011/12/15 23:31:12 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\Web Content Studio
[2012/06/17 22:14:02 | 000,000,000 | ---D | M] -- C:\Users\Lyndon\AppData\Roaming\XBMC
[2011/07/05 22:00:15 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/06/22 18:56:18 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2011/05/02 11:41:36 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 8 bytes -> C:\Windows:
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:C8B8CEBD

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP