OTL logfile created on: 7/19/2012 10:41:25 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Watson_5\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.82 Mb Total Physical Memory | 233.10 Mb Available Physical Memory | 22.99% Memory free
2.38 Gb Paging File | 1.75 Gb Available in Paging File | 73.57% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.96 Gb Total Space | 110.95 Gb Free Space | 76.01% Space Free | Partition Type: NTFS
Drive G: | 927.61 Gb Total Space | 818.88 Gb Free Space | 88.28% Space Free | Partition Type: NTFS
Computer Name: WATSON_5 | User Name: Watson_5 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/19 10:27:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Watson_5\My Documents\Downloads\OTL.exe
PRC - [2012/07/19 08:38:46 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/09 10:45:50 | 000,238,080 | ---- | M] () -- C:\WINDOWS\svcs.exe
PRC - [2012/07/09 10:42:36 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\ptqlhchbya.exe
PRC - [2012/07/03 13:52:38 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Sj86Vv1t.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/19 08:38:44 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/07/09 10:45:50 | 000,238,080 | ---- | M] () -- C:\WINDOWS\svcs.exe
MOD - [2012/07/09 10:42:36 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\ptqlhchbya.exe
MOD - [2012/07/03 13:52:44 | 000,050,688 | ---- | M] () -- C:\WINDOWS\system32\mdhcp32.dll
MOD - [2012/07/03 13:52:38 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Sj86Vv1t.exe
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/11/04 13:35:37 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008/10/04 20:24:02 | 003,695,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008/06/20 09:02:47 | 000,245,248 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/06/20 09:02:47 | 000,245,248 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2004/08/17 20:00:00 | 000,073,748 | -H-- | M] () -- C:\WINDOWS\system32\Iasex.dll
MOD - [2003/05/12 15:02:32 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBKPP5C.DLL
MOD - [2003/05/12 15:02:26 | 000,049,152 | ---- | M] () -- C:\Program Files\Dell AIO Printer A920\ConvDIB.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/07/13 08:51:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/12 09:36:24 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/09 10:45:50 | 000,238,080 | ---- | M] () [Auto | Running] -- C:\WINDOWS\svcs.exe -- (NetworkLog)
SRV - [2012/07/09 10:42:36 | 000,045,056 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\System32\ptqlhchbya.exe -- (AMService)
SRV - [2009/02/02 13:35:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/02/02 11:27:00 | 000,074,360 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2004/08/17 20:00:00 | 000,073,748 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\system32\Iasex.dll -- (Ias)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Watson_5\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2009/04/25 18:53:05 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2006/03/20 17:06:04 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...rchTerms}&crm=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADSA_enUS341
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa-ptn/search/redirect/?type=default&user_id=c49f3226-7c82-40b8-b46e-6d07aade6eb5&query={searchTerms}
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...rchTerms}&crm=1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.1.*;127.0.0.*
========== FireFox ==========
FF - prefs.js..network.proxy.no_proxies_on: "192.168.1.*,127.0.0.*,*.local"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/19 08:38:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9642CCE0-CA01-11E1-8270-B8AC6F996F26}: C:\Documents and Settings\Watson_5\Local Settings\Application Data\{9642CCE0-CA01-11E1-8270-B8AC6F996F26}\ [2012/07/12 08:26:01 | 000,000,000 | ---D | M]
[2009/05/15 15:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Watson_5\Application Data\Mozilla\Extensions
[2009/05/15 15:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Watson_5\Application Data\Mozilla\Extensions\[email protected]
[2012/07/12 12:07:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Watson_5\Application Data\Mozilla\Firefox\Profiles\hjpr72e7.default\extensions
[2012/07/11 08:48:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/12 08:26:01 | 000,000,000 | ---D | M] (Mozilla Safe Browsing) -- C:\DOCUMENTS AND SETTINGS\WATSON_5\LOCAL SETTINGS\APPLICATION DATA\{9642CCE0-CA01-11E1-8270-B8AC6F996F26}
[2012/07/19 08:38:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/01 08:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/01 08:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/06/28 14:20:02 | 000,004,115 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Reg Error: Value error.) - {6F2FD30F-DF5A-4D73-9513-CEF5E630B3C0} - C:\WINDOWS\system32\fastsrch.dll File not found
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~1\Funmoods\1.5.23.22\bh\escort.dll File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~1\Funmoods\1.5.23.22\escorTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Teuqt] C:\Documents and Settings\Watson_5\Application Data\Huinp\odequ.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: 49170 = C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\msanpaaqv.bat ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www.freerealm...msInstaller.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3483EB13-F44D-40CB-95CF-1AD2E56C1D4B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\sds {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files\Sharp\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\mdhcp32: DllName - (mdhcp32.dll) - C:\WINDOWS\System32\mdhcp32.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Watson_5\Desktop\Sample Work\WALLPAPER.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Watson_5\Desktop\Sample Work\WALLPAPER.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/29 21:08:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/17 12:33:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/07/13 15:12:14 | 000,399,360 | ---- | C] (C-Media Electronics Inc.) -- C:\Documents and Settings\Watson_5\Application Data\tmdapi.dll
[2012/07/12 10:01:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2012/07/12 08:26:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{9642CCE0-CA01-11E1-8270-B8AC6F996F26}
[2012/07/11 09:18:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ogacd
[2012/07/11 09:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Zagiim
[2012/07/11 09:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Huinp
[2012/07/11 09:17:38 | 000,045,056 | ---- | C] (http://www.anysoft.info/) -- C:\Program Files\Common Files\iexplorer.exe
[2012/07/11 09:03:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Funmoods
[2012/07/11 09:03:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\%APPDATA%
[2012/07/11 08:55:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\Mozilla
[2012/07/11 08:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/07/11 08:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/07/11 08:46:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2012/07/11 08:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bucksbee Loyalty Plugin - 100815
[2012/07/11 08:43:37 | 000,000,000 | ---D | C] -- C:\Program Files\Playbryte
[2012/07/11 08:43:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\Playbryte
[2012/07/09 13:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Obedy
[2012/07/09 13:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Fypo
[2012/07/09 13:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Exerat
[2012/07/09 13:06:22 | 000,414,208 | ---- | C] (Analog Devices, Inc.) -- C:\Documents and Settings\Watson_5\Application Data\bitbcl.dll
[2012/07/09 13:05:30 | 000,126,464 | ---- | C] (DT Soft Ltd) -- C:\Documents and Settings\Watson_5\Application Data\sanspi.dll
[2012/07/09 13:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\xsecva
[2012/07/09 10:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ifocy
[2012/07/09 10:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Hugi
[2012/07/09 10:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Efuvf
[2012/07/04 02:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2012/06/28 17:01:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Google
[2012/06/28 16:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/06/28 16:11:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/06/28 14:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/06/28 14:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/06/28 14:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ms_dir_
[2012/06/28 14:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ugokek
[2012/06/28 14:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ogesuw
[2012/06/28 14:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Boaw
[2012/06/28 14:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Microsoft Corporation
[2012/06/28 14:18:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\TeamViewer
[2012/06/28 14:18:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Local Settings
[2012/06/28 10:18:43 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/06/28 10:07:59 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2012/06/28 09:59:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/06/28 09:55:06 | 000,000,000 | ---D | C] -- C:\OE
[2012/06/28 09:48:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\Outlook Express Fix Toolbox
[2012/06/28 09:15:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/06/28 09:15:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/06/28 09:15:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/06/28 09:15:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/06/28 09:14:16 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/06/28 09:09:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Watson_5\Start Menu\Programs\Administrative Tools
[2012/06/28 09:08:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/28 09:08:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/06/28 09:04:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\U3
[2012/06/26 15:22:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Watson_5\Recent
[2012/06/21 10:59:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Start Menu\Programs\Data Recovery
[2010/11/03 03:33:35 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Documents and Settings\Watson_5\Application Data\MinecraftSP.exe
========== Files - Modified Within 30 Days ==========
[2012/07/19 11:00:08 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2012/07/19 11:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2012/07/19 10:53:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/19 10:52:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/19 10:44:49 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/07/19 10:36:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/19 10:00:06 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2012/07/19 10:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2012/07/19 09:36:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2012/07/19 09:00:48 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2012/07/19 08:00:25 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2012/07/19 08:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2012/07/19 07:56:28 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\crt.dat
[2012/07/19 07:56:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/18 16:00:11 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2012/07/18 16:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2012/07/18 15:00:11 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2012/07/18 15:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2012/07/18 14:00:10 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2012/07/18 14:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2012/07/18 13:00:07 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2012/07/18 13:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2012/07/18 12:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2012/07/18 12:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2012/07/18 10:40:19 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/07/17 17:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2012/07/17 17:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2012/07/17 11:23:05 | 000,000,062 | ---- | M] () -- C:\WINDOWS\ccolwiz.ini
[2012/07/17 10:18:51 | 000,295,130 | ---- | M] () -- C:\WINDOWS\System32\shimg.dll
[2012/07/16 09:25:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/13 15:12:16 | 000,399,360 | ---- | M] (C-Media Electronics Inc.) -- C:\Documents and Settings\Watson_5\Application Data\tmdapi.dll
[2012/07/12 07:00:16 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2012/07/12 07:00:08 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2012/07/12 06:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2012/07/12 06:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2012/07/12 05:00:17 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2012/07/12 05:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2012/07/12 04:54:30 | 000,173,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/12 04:09:45 | 000,000,206 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012/07/12 04:00:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2012/07/12 04:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2012/07/12 03:00:14 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/07/12 03:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2012/07/12 02:00:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/07/12 02:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2012/07/12 01:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/07/12 01:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2012/07/12 00:54:12 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/07/12 00:23:58 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2012/07/11 23:00:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2012/07/11 23:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2012/07/11 22:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2012/07/11 22:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2012/07/11 21:00:08 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2012/07/11 21:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2012/07/11 20:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2012/07/11 20:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2012/07/11 19:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2012/07/11 19:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2012/07/11 18:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2012/07/11 18:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2012/07/11 08:48:48 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/07/11 08:48:48 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/07/11 08:43:02 | 000,031,465 | ---- | M] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\funmoods.crx
[2012/07/10 02:27:54 | 000,045,056 | ---- | M] (http://www.anysoft.info/) -- C:\Program Files\Common Files\iexplorer.exe
[2012/07/10 01:50:09 | 000,000,061 | ---- | M] () -- C:\Program Files\Common Files\cc.bat
[2012/07/09 13:05:30 | 000,126,464 | ---- | M] (DT Soft Ltd) -- C:\Documents and Settings\Watson_5\Application Data\sanspi.dll
[2012/07/09 10:45:50 | 000,238,080 | ---- | M] () -- C:\WINDOWS\svcs.exe
[2012/07/09 10:42:36 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\ptqlhchbya.exe
[2012/07/09 09:24:11 | 000,314,880 | ---- | M] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\lepdcjbkf.exe
[2012/07/03 13:52:46 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\Watson_5\sname
[2012/07/03 13:52:44 | 000,050,688 | ---- | M] () -- C:\WINDOWS\System32\mdhcp32.dll
[2012/07/03 13:52:38 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Sj86Vv1t.exe
[2012/06/29 08:37:45 | 000,471,040 | ---- | M] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\wwojnri.exe
[2012/06/28 14:20:02 | 000,004,115 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/06/28 10:05:55 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.sys
[2012/06/21 10:59:08 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/06/21 10:13:24 | 000,000,242 | ---- | M] () -- C:\WINDOWS\dellstat.ini
========== Files Created - No Company Name ==========
[2012/07/12 04:09:45 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/07/11 09:17:38 | 000,000,095 | ---- | C] () -- C:\Program Files\Common Files\cc.js
[2012/07/11 09:17:38 | 000,000,061 | ---- | C] () -- C:\Program Files\Common Files\cc.bat
[2012/07/11 08:48:48 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/07/11 08:48:48 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/07/11 08:48:47 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/07/11 08:43:21 | 000,031,465 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\funmoods.crx
[2012/07/11 08:18:40 | 000,232,960 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\00000008.@
[2012/07/11 08:18:28 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\L\00000004.@
[2012/07/11 08:18:27 | 000,095,744 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\80000032.@
[2012/07/11 08:18:24 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\80000000.@
[2012/07/11 08:18:23 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\000000cb.@
[2012/07/11 08:18:22 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\00000004.@
[2012/07/09 10:45:43 | 000,238,080 | ---- | C] () -- C:\WINDOWS\svcs.exe
[2012/07/09 10:42:49 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ptqlhchbya.exe
[2012/07/09 09:24:11 | 000,314,880 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\lepdcjbkf.exe
[2012/07/03 13:54:17 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\crt.dat
[2012/07/03 13:52:47 | 000,295,130 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
[2012/07/03 13:52:44 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\Watson_5\sname
[2012/07/03 13:52:44 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\mdhcp32.dll
[2012/06/29 08:37:45 | 000,471,040 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\wwojnri.exe
[2012/06/28 14:18:49 | 000,085,504 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Sj86Vv1t.exe
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2012/06/28 14:18:40 | 000,232,960 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\00000008.@
[2012/06/28 14:18:26 | 000,095,744 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\80000032.@
[2012/06/28 14:18:26 | 000,000,804 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\L\00000004.@
[2012/06/28 14:18:20 | 000,012,288 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\80000000.@
[2012/06/28 14:18:19 | 000,002,048 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\00000004.@
[2012/06/28 14:18:19 | 000,001,632 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\000000cb.@
[2012/06/28 09:38:17 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/06/28 09:38:16 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/06/28 09:38:15 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/06/28 09:38:14 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2012/06/28 09:38:13 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk
[2012/06/28 09:38:12 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk
[2012/06/28 09:38:11 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat Distiller 8.lnk
[2012/06/28 09:38:05 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/06/28 09:38:03 | 000,000,294 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to G_Drive on 'Server' (G).lnk
[2012/06/28 09:38:02 | 000,001,924 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Sharpdesk.lnk
[2012/06/28 09:38:01 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/28 09:38:00 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\E-mail.lnk
[2012/06/28 09:37:59 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/06/28 09:37:58 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk Land Desktop 2005.lnk
[2012/06/28 09:37:57 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Acrobat 8 Professional.lnk
[2012/06/28 09:15:40 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/06/28 09:15:40 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/06/28 09:15:40 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/06/28 09:15:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/06/28 09:15:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/06/21 10:59:08 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/04/25 13:20:29 | 000,000,242 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2012/04/25 13:20:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2012/04/25 13:20:00 | 000,000,255 | ---- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2012/03/30 09:41:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009/05/15 16:03:46 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/09 11:12:47 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\PnkBstrK.sys
[2009/02/04 11:30:17 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Watson_5\filter.nfl
[2009/02/02 12:08:16 | 000,281,486 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\fontlst2.opf
[2009/02/02 11:26:39 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\fusioncache.dat
[2004/08/04 03:00:00 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\@
[2004/08/04 03:00:00 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\@
========== LOP Check ==========
[2009/02/02 12:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2012/05/31 14:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F4D55EDB002995AA000C442ED151FC84
[2011/06/30 12:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009/02/02 12:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sharp
[2009/02/02 12:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sharpdesk
[2012/07/17 13:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2012/04/21 11:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/06/30 12:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\.minecraft
[2012/06/12 08:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\7 9
[2009/02/02 12:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Autodesk
[2012/04/24 23:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\BitTorrent
[2012/06/28 14:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Boaw
[2012/07/09 10:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Efuvf
[2012/07/09 13:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Exerat
[2012/07/09 13:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Fypo
[2012/07/09 10:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Hugi
[2012/07/11 09:18:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Huinp
[2012/07/09 10:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ifocy
[2010/01/21 10:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\LimeWire
[2012/06/28 14:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ms_dir_
[2012/07/09 13:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Obedy
[2012/07/11 09:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ogacd
[2012/06/28 14:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ogesuw
[2009/02/02 12:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Sharpdesk
[2012/06/28 14:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\TeamViewer
[2012/07/17 14:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ugokek
[2009/03/04 04:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\uTorrent
[2012/07/09 13:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\xsecva
[2012/07/16 09:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Zagiim
[2012/07/12 00:54:12 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012/07/19 09:36:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2012/07/19 10:00:06 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2012/07/19 11:00:08 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2012/07/18 12:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2012/07/18 13:00:07 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2012/07/18 14:00:10 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2012/07/18 15:00:11 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2012/07/18 16:00:11 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2012/07/17 17:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2012/07/11 18:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2012/07/12 01:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012/07/11 19:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2012/07/11 20:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2012/07/11 21:00:08 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2012/07/11 22:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2012/07/11 23:00:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2012/07/12 00:23:58 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2012/07/12 01:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2012/07/12 02:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2012/07/12 03:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2012/07/12 04:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2012/07/12 02:00:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012/07/12 05:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2012/07/12 06:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2012/07/12 07:00:08 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2012/07/19 08:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2012/07/19 09:00:48 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2012/07/19 10:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2012/07/19 11:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2012/07/18 12:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2012/07/18 13:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2012/07/18 14:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2012/07/12 03:00:14 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2012/07/18 15:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2012/07/18 16:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2012/07/17 17:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2012/07/11 18:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2012/07/11 19:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2012/07/11 20:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2012/07/11 21:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2012/07/11 22:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2012/07/11 23:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2012/07/12 04:00:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2012/07/12 05:00:17 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2012/07/12 06:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2012/07/12 07:00:16 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2012/07/19 08:00:25 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
========== Purity Check ==========
< End of report >