Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

maxed out cpu usage from process tab of task manager


  • Please log in to reply

#1
D40Z

D40Z

    New Member

  • Member
  • Pip
  • 2 posts
Please help me figure out why my process tab from my task manager has a CPU usage of a 100% on a fresh startup. I have made efforts of closing programs in my msconfig and shut down all programs and it still starts up with 100% usage. I notice last week that my PC started acting funny by continously floating in and out of my program windows. I would be in my programs or internet browsing and my windows program bars would float in and out. I have spent time staring at my task manager and noticed a process called "ptqlhchbya.exe" thats seems to free up a good 50% of my usage when I close the process tree but it starts right back up and comitts it to 100%. I also noticed that just running firefox.exe for my browser starts an additional 2 iexplorer.exe that make the 3 together use up a 250,000k to 300,000k of Memory usage. I dont know if all this is virus related. can you please help me.



OTL logfile created on: 7/19/2012 10:41:25 AM - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Watson_5\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.82 Mb Total Physical Memory | 233.10 Mb Available Physical Memory | 22.99% Memory free
2.38 Gb Paging File | 1.75 Gb Available in Paging File | 73.57% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 145.96 Gb Total Space | 110.95 Gb Free Space | 76.01% Space Free | Partition Type: NTFS
Drive G: | 927.61 Gb Total Space | 818.88 Gb Free Space | 88.28% Space Free | Partition Type: NTFS

Computer Name: WATSON_5 | User Name: Watson_5 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/19 10:27:59 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Watson_5\My Documents\Downloads\OTL.exe
PRC - [2012/07/19 08:38:46 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/09 10:45:50 | 000,238,080 | ---- | M] () -- C:\WINDOWS\svcs.exe
PRC - [2012/07/09 10:42:36 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\ptqlhchbya.exe
PRC - [2012/07/03 13:52:38 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Sj86Vv1t.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/19 08:38:44 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/07/09 10:45:50 | 000,238,080 | ---- | M] () -- C:\WINDOWS\svcs.exe
MOD - [2012/07/09 10:42:36 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\ptqlhchbya.exe
MOD - [2012/07/03 13:52:44 | 000,050,688 | ---- | M] () -- C:\WINDOWS\system32\mdhcp32.dll
MOD - [2012/07/03 13:52:38 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Sj86Vv1t.exe
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/11/04 13:35:37 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008/10/04 20:24:02 | 003,695,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008/06/20 09:02:47 | 000,245,248 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/06/20 09:02:47 | 000,245,248 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2004/08/17 20:00:00 | 000,073,748 | -H-- | M] () -- C:\WINDOWS\system32\Iasex.dll
MOD - [2003/05/12 15:02:32 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBKPP5C.DLL
MOD - [2003/05/12 15:02:26 | 000,049,152 | ---- | M] () -- C:\Program Files\Dell AIO Printer A920\ConvDIB.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/07/13 08:51:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/12 09:36:24 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/09 10:45:50 | 000,238,080 | ---- | M] () [Auto | Running] -- C:\WINDOWS\svcs.exe -- (NetworkLog)
SRV - [2012/07/09 10:42:36 | 000,045,056 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\System32\ptqlhchbya.exe -- (AMService)
SRV - [2009/02/02 13:35:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/02/02 11:27:00 | 000,074,360 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2004/08/17 20:00:00 | 000,073,748 | -H-- | M] () [Auto | Running] -- C:\WINDOWS\system32\Iasex.dll -- (Ias)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Watson_5\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2009/04/25 18:53:05 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2006/03/20 17:06:04 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...rchTerms}&crm=1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADSA_enUS341
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = Playbryte-fa-ptn/search/redirect/?type=default&user_id=c49f3226-7c82-40b8-b46e-6d07aade6eb5&query={searchTerms}
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...rchTerms}&crm=1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.1.*;127.0.0.*

========== FireFox ==========

FF - prefs.js..network.proxy.no_proxies_on: "192.168.1.*,127.0.0.*,*.local"
FF - prefs.js..network.proxy.type: 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/19 08:38:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9642CCE0-CA01-11E1-8270-B8AC6F996F26}: C:\Documents and Settings\Watson_5\Local Settings\Application Data\{9642CCE0-CA01-11E1-8270-B8AC6F996F26}\ [2012/07/12 08:26:01 | 000,000,000 | ---D | M]

[2009/05/15 15:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Watson_5\Application Data\Mozilla\Extensions
[2009/05/15 15:41:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Watson_5\Application Data\Mozilla\Extensions\[email protected]
[2012/07/12 12:07:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Watson_5\Application Data\Mozilla\Firefox\Profiles\hjpr72e7.default\extensions
[2012/07/11 08:48:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/12 08:26:01 | 000,000,000 | ---D | M] (Mozilla Safe Browsing) -- C:\DOCUMENTS AND SETTINGS\WATSON_5\LOCAL SETTINGS\APPLICATION DATA\{9642CCE0-CA01-11E1-8270-B8AC6F996F26}
[2012/07/19 08:38:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/06/01 08:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/01 08:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/06/28 14:20:02 | 000,004,115 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Reg Error: Value error.) - {6F2FD30F-DF5A-4D73-9513-CEF5E630B3C0} - C:\WINDOWS\system32\fastsrch.dll File not found
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~1\Funmoods\1.5.23.22\bh\escort.dll File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~1\Funmoods\1.5.23.22\escorTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Teuqt] C:\Documents and Settings\Watson_5\Application Data\Huinp\odequ.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: 49170 = C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\msanpaaqv.bat ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - mswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - mswsock.dll File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www.freerealm...msInstaller.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3483EB13-F44D-40CB-95CF-1AD2E56C1D4B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\sds {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files\Sharp\Sharpdesk\ExplorerExtensions.dll (SHARP CORPORATION)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\mdhcp32: DllName - (mdhcp32.dll) - C:\WINDOWS\System32\mdhcp32.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Watson_5\Desktop\Sample Work\WALLPAPER.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Watson_5\Desktop\Sample Work\WALLPAPER.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/29 21:08:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/17 12:33:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/07/13 15:12:14 | 000,399,360 | ---- | C] (C-Media Electronics Inc.) -- C:\Documents and Settings\Watson_5\Application Data\tmdapi.dll
[2012/07/12 10:01:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2012/07/12 08:26:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{9642CCE0-CA01-11E1-8270-B8AC6F996F26}
[2012/07/11 09:18:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ogacd
[2012/07/11 09:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Zagiim
[2012/07/11 09:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Huinp
[2012/07/11 09:17:38 | 000,045,056 | ---- | C] (http://www.anysoft.info/) -- C:\Program Files\Common Files\iexplorer.exe
[2012/07/11 09:03:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Funmoods
[2012/07/11 09:03:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\%APPDATA%
[2012/07/11 08:55:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\Mozilla
[2012/07/11 08:48:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/07/11 08:48:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/07/11 08:46:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2012/07/11 08:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bucksbee Loyalty Plugin - 100815
[2012/07/11 08:43:37 | 000,000,000 | ---D | C] -- C:\Program Files\Playbryte
[2012/07/11 08:43:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\Playbryte
[2012/07/09 13:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Obedy
[2012/07/09 13:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Fypo
[2012/07/09 13:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Exerat
[2012/07/09 13:06:22 | 000,414,208 | ---- | C] (Analog Devices, Inc.) -- C:\Documents and Settings\Watson_5\Application Data\bitbcl.dll
[2012/07/09 13:05:30 | 000,126,464 | ---- | C] (DT Soft Ltd) -- C:\Documents and Settings\Watson_5\Application Data\sanspi.dll
[2012/07/09 13:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\xsecva
[2012/07/09 10:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ifocy
[2012/07/09 10:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Hugi
[2012/07/09 10:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Efuvf
[2012/07/04 02:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2012/06/28 17:01:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Google
[2012/06/28 16:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/06/28 16:11:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/06/28 14:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/06/28 14:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/06/28 14:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ms_dir_
[2012/06/28 14:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ugokek
[2012/06/28 14:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Ogesuw
[2012/06/28 14:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Boaw
[2012/06/28 14:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\Microsoft Corporation
[2012/06/28 14:18:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\TeamViewer
[2012/06/28 14:18:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Local Settings
[2012/06/28 10:18:43 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/06/28 10:07:59 | 000,000,000 | ---D | C] -- C:\spoolerlogs
[2012/06/28 09:59:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/06/28 09:55:06 | 000,000,000 | ---D | C] -- C:\OE
[2012/06/28 09:48:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\Outlook Express Fix Toolbox
[2012/06/28 09:15:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/06/28 09:15:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/06/28 09:15:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/06/28 09:15:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/06/28 09:14:16 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/06/28 09:09:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Watson_5\Start Menu\Programs\Administrative Tools
[2012/06/28 09:08:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/06/28 09:08:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012/06/28 09:04:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Application Data\U3
[2012/06/26 15:22:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Watson_5\Recent
[2012/06/21 10:59:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Watson_5\Start Menu\Programs\Data Recovery
[2010/11/03 03:33:35 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Documents and Settings\Watson_5\Application Data\MinecraftSP.exe

========== Files - Modified Within 30 Days ==========

[2012/07/19 11:00:08 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2012/07/19 11:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2012/07/19 10:53:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/19 10:52:06 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/19 10:44:49 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/07/19 10:36:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/19 10:00:06 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2012/07/19 10:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2012/07/19 09:36:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2012/07/19 09:00:48 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2012/07/19 08:00:25 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2012/07/19 08:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2012/07/19 07:56:28 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\crt.dat
[2012/07/19 07:56:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/18 16:00:11 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2012/07/18 16:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2012/07/18 15:00:11 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2012/07/18 15:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2012/07/18 14:00:10 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2012/07/18 14:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2012/07/18 13:00:07 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2012/07/18 13:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2012/07/18 12:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2012/07/18 12:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2012/07/18 10:40:19 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/07/17 17:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2012/07/17 17:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2012/07/17 11:23:05 | 000,000,062 | ---- | M] () -- C:\WINDOWS\ccolwiz.ini
[2012/07/17 10:18:51 | 000,295,130 | ---- | M] () -- C:\WINDOWS\System32\shimg.dll
[2012/07/16 09:25:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/13 15:12:16 | 000,399,360 | ---- | M] (C-Media Electronics Inc.) -- C:\Documents and Settings\Watson_5\Application Data\tmdapi.dll
[2012/07/12 07:00:16 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2012/07/12 07:00:08 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2012/07/12 06:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2012/07/12 06:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2012/07/12 05:00:17 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2012/07/12 05:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2012/07/12 04:54:30 | 000,173,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/12 04:09:45 | 000,000,206 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012/07/12 04:00:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2012/07/12 04:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2012/07/12 03:00:14 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/07/12 03:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2012/07/12 02:00:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/07/12 02:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2012/07/12 01:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/07/12 01:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2012/07/12 00:54:12 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/07/12 00:23:58 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2012/07/11 23:00:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2012/07/11 23:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2012/07/11 22:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2012/07/11 22:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2012/07/11 21:00:08 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2012/07/11 21:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2012/07/11 20:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2012/07/11 20:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2012/07/11 19:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2012/07/11 19:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2012/07/11 18:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2012/07/11 18:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2012/07/11 08:48:48 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/07/11 08:48:48 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/07/11 08:43:02 | 000,031,465 | ---- | M] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\funmoods.crx
[2012/07/10 02:27:54 | 000,045,056 | ---- | M] (http://www.anysoft.info/) -- C:\Program Files\Common Files\iexplorer.exe
[2012/07/10 01:50:09 | 000,000,061 | ---- | M] () -- C:\Program Files\Common Files\cc.bat
[2012/07/09 13:05:30 | 000,126,464 | ---- | M] (DT Soft Ltd) -- C:\Documents and Settings\Watson_5\Application Data\sanspi.dll
[2012/07/09 10:45:50 | 000,238,080 | ---- | M] () -- C:\WINDOWS\svcs.exe
[2012/07/09 10:42:36 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\ptqlhchbya.exe
[2012/07/09 09:24:11 | 000,314,880 | ---- | M] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\lepdcjbkf.exe
[2012/07/03 13:52:46 | 000,050,688 | ---- | M] () -- C:\Documents and Settings\Watson_5\sname
[2012/07/03 13:52:44 | 000,050,688 | ---- | M] () -- C:\WINDOWS\System32\mdhcp32.dll
[2012/07/03 13:52:38 | 000,085,504 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Sj86Vv1t.exe
[2012/06/29 08:37:45 | 000,471,040 | ---- | M] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\wwojnri.exe
[2012/06/28 14:20:02 | 000,004,115 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/06/28 10:05:55 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.sys
[2012/06/21 10:59:08 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/06/21 10:13:24 | 000,000,242 | ---- | M] () -- C:\WINDOWS\dellstat.ini

========== Files Created - No Company Name ==========

[2012/07/12 04:09:45 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/07/11 09:17:38 | 000,000,095 | ---- | C] () -- C:\Program Files\Common Files\cc.js
[2012/07/11 09:17:38 | 000,000,061 | ---- | C] () -- C:\Program Files\Common Files\cc.bat
[2012/07/11 08:48:48 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/07/11 08:48:48 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/07/11 08:48:47 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/07/11 08:43:21 | 000,031,465 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\funmoods.crx
[2012/07/11 08:18:40 | 000,232,960 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\00000008.@
[2012/07/11 08:18:28 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\L\00000004.@
[2012/07/11 08:18:27 | 000,095,744 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\80000032.@
[2012/07/11 08:18:24 | 000,012,288 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\80000000.@
[2012/07/11 08:18:23 | 000,001,632 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\000000cb.@
[2012/07/11 08:18:22 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\00000004.@
[2012/07/09 10:45:43 | 000,238,080 | ---- | C] () -- C:\WINDOWS\svcs.exe
[2012/07/09 10:42:49 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ptqlhchbya.exe
[2012/07/09 09:24:11 | 000,314,880 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\lepdcjbkf.exe
[2012/07/03 13:54:17 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\crt.dat
[2012/07/03 13:52:47 | 000,295,130 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
[2012/07/03 13:52:44 | 000,050,688 | ---- | C] () -- C:\Documents and Settings\Watson_5\sname
[2012/07/03 13:52:44 | 000,050,688 | ---- | C] () -- C:\WINDOWS\System32\mdhcp32.dll
[2012/06/29 08:37:45 | 000,471,040 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\wwojnri.exe
[2012/06/28 14:18:49 | 000,085,504 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Sj86Vv1t.exe
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2012/06/28 14:18:49 | 000,000,418 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2012/06/28 14:18:49 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2012/06/28 14:18:40 | 000,232,960 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\00000008.@
[2012/06/28 14:18:26 | 000,095,744 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\80000032.@
[2012/06/28 14:18:26 | 000,000,804 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\L\00000004.@
[2012/06/28 14:18:20 | 000,012,288 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\80000000.@
[2012/06/28 14:18:19 | 000,002,048 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\00000004.@
[2012/06/28 14:18:19 | 000,001,632 | ---- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\U\000000cb.@
[2012/06/28 09:38:17 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2012/06/28 09:38:16 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2012/06/28 09:38:15 | 000,001,986 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
[2012/06/28 09:38:14 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk
[2012/06/28 09:38:13 | 000,001,880 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe LiveCycle Designer 8.0.lnk
[2012/06/28 09:38:12 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 8 Professional.lnk
[2012/06/28 09:38:11 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat Distiller 8.lnk
[2012/06/28 09:38:05 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/06/28 09:38:03 | 000,000,294 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to G_Drive on 'Server' (G).lnk
[2012/06/28 09:38:02 | 000,001,924 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Sharpdesk.lnk
[2012/06/28 09:38:01 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/28 09:38:00 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\E-mail.lnk
[2012/06/28 09:37:59 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/06/28 09:37:58 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk Land Desktop 2005.lnk
[2012/06/28 09:37:57 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Acrobat 8 Professional.lnk
[2012/06/28 09:15:40 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/06/28 09:15:40 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/06/28 09:15:40 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/06/28 09:15:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/06/28 09:15:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/06/21 10:59:08 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\Microsoft\Internet Explorer\Quick Launch\Data_Recovery.lnk
[2012/04/25 13:20:29 | 000,000,242 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2012/04/25 13:20:15 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2012/04/25 13:20:00 | 000,000,255 | ---- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2012/03/30 09:41:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009/05/15 16:03:46 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/09 11:12:47 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\PnkBstrK.sys
[2009/02/04 11:30:17 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\Watson_5\filter.nfl
[2009/02/02 12:08:16 | 000,281,486 | ---- | C] () -- C:\Documents and Settings\Watson_5\Application Data\fontlst2.opf
[2009/02/02 11:26:39 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\fusioncache.dat
[2004/08/04 03:00:00 | 000,002,048 | -HS- | C] () -- C:\WINDOWS\Installer\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\@
[2004/08/04 03:00:00 | 000,002,048 | -HS- | C] () -- C:\Documents and Settings\Watson_5\Local Settings\Application Data\{1d531a9b-a7ec-6a7a-3fe4-86caecb3a669}\@

========== LOP Check ==========

[2009/02/02 12:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2012/05/31 14:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F4D55EDB002995AA000C442ED151FC84
[2011/06/30 12:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009/02/02 12:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sharp
[2009/02/02 12:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sharpdesk
[2012/07/17 13:20:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2012/04/21 11:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/06/30 12:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\.minecraft
[2012/06/12 08:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\7 9
[2009/02/02 12:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Autodesk
[2012/04/24 23:57:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\BitTorrent
[2012/06/28 14:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Boaw
[2012/07/09 10:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Efuvf
[2012/07/09 13:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Exerat
[2012/07/09 13:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Fypo
[2012/07/09 10:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Hugi
[2012/07/11 09:18:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Huinp
[2012/07/09 10:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ifocy
[2010/01/21 10:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\LimeWire
[2012/06/28 14:18:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ms_dir_
[2012/07/09 13:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Obedy
[2012/07/11 09:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ogacd
[2012/06/28 14:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ogesuw
[2009/02/02 12:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Sharpdesk
[2012/06/28 14:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\TeamViewer
[2012/07/17 14:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Ugokek
[2009/03/04 04:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\uTorrent
[2012/07/09 13:13:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\xsecva
[2012/07/16 09:33:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Watson_5\Application Data\Zagiim
[2012/07/12 00:54:12 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2012/07/19 09:36:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2012/07/19 10:00:06 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2012/07/19 11:00:08 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2012/07/18 12:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2012/07/18 13:00:07 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2012/07/18 14:00:10 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2012/07/18 15:00:11 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2012/07/18 16:00:11 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2012/07/17 17:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2012/07/11 18:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2012/07/12 01:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2012/07/11 19:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2012/07/11 20:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2012/07/11 21:00:08 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2012/07/11 22:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2012/07/11 23:00:23 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2012/07/12 00:23:58 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2012/07/12 01:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2012/07/12 02:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2012/07/12 03:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2012/07/12 04:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2012/07/12 02:00:47 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2012/07/12 05:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2012/07/12 06:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2012/07/12 07:00:08 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2012/07/19 08:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2012/07/19 09:00:48 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2012/07/19 10:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2012/07/19 11:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2012/07/18 12:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2012/07/18 13:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2012/07/18 14:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2012/07/12 03:00:14 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2012/07/18 15:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2012/07/18 16:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2012/07/17 17:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2012/07/11 18:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2012/07/11 19:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2012/07/11 20:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2012/07/11 21:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2012/07/11 22:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2012/07/11 23:00:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2012/07/12 04:00:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2012/07/12 05:00:17 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2012/07/12 06:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2012/07/12 07:00:16 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2012/07/19 08:00:25 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
D40Z

D40Z

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Ive managed to get the CPU Usage down to 54%-72% which allows me to function at least. I sat and continually clicked on processes that i wanted to shut off from the task manager... but Im sure that once I reboot its gunna shoot right back up to 100% mem usage.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP