Here is my system info.
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 32 bit
Processor: Intel® Core2 Duo CPU T7500 @ 2.20GHz, x64 Family 6 Model 15 Stepping 11
Processor Count: 2
RAM: 2045 Mb
Graphics Card: Standard VGA Graphics Adapter, 2 Mb
Hard Drives: C: Total - 76216 MB, Free - 25806 MB;
Motherboard: Dell Inc.,
Antivirus: avast! Antivirus, Updated and Enabled
I've been struggling with this PC I just purchased. I cannot view (Showall) hidden files / folders. When I click the radio button, then apply, then OK it reverts back to Hide when I go back and check it. Also get Explorer error when trying to access Credential Manager. Csrss is showing in Task Mgr (one time) without any User Name attached and cannot click on it to view properties and cannot open file location. Can't remember which one, but 1 anti-virus removed ssprs.dll and 1sprst7.dll. I've run plenty of different scans including AVG 2013 (which crashed and burned on my system so I uninstalled it), Combofix (found and disinfected catchme.dll and userinit.exe), RRT from Sergiwa (trial version found "malware" but must upgrade to full to remove), SuperAnti-Spyware, TDSS Killer and Malwarebytes. Nothing has fixed the problem...cannot see hidden files.
Ran OTL and will attach file. I also have Hijack this and dds on my system if needed. Thanks Again in Advance. Jayli
OTL logfile created on: 9/30/2012 1:27:12 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lisette Miller\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: | Country: | Language: | Date Format:
2.00 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 63.95% Memory free
4.00 Gb Paging File | 2.84 Gb Available in Paging File | 70.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.43 Gb Total Space | 25.20 Gb Free Space | 33.86% Space Free | Partition Type: NTFS
Computer Name: LISETTEMILLER | User Name: Lisette Miller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/09/30 13:24:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lisette Miller\Desktop\OTL.exe
PRC - [2012/09/30 11:22:53 | 000,896,912 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2012/09/26 07:02:44 | 004,780,928 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/09/25 11:35:34 | 001,807,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
PRC - [2012/09/24 19:12:27 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/05 21:26:39 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/08/21 05:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 05:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/12 08:40:34 | 000,417,792 | ---- | M] (SA International) -- C:\Program Files\SignWarehouse\Vinyl Express LXi\Program\SAiDownloaderVistaUI.exe
PRC - [2011/10/12 08:38:38 | 000,077,824 | ---- | M] (SA International) -- C:\Windows\System32\SAiDownloaderVista.exe
PRC - [2011/10/12 08:28:36 | 000,065,536 | ---- | M] (SA International) -- C:\Windows\System32\SAiAdmin.exe
PRC - [2011/05/27 01:03:02 | 000,374,304 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/10/17 03:39:40 | 001,037,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
PRC - [2007/12/19 15:58:32 | 000,086,016 | R--- | M] (SA International) -- C:\Windows\System32\SAiLicSvr.exe
========== Modules (No Company Name) ==========
MOD - [2012/09/30 13:15:28 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/09/30 13:15:14 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/09/25 11:35:34 | 009,813,424 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_278.dll
MOD - [2012/09/24 19:11:24 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/09/24 19:11:24 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012/09/05 21:26:41 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2009/08/16 20:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (MSDTC)
SRV - [2012/09/29 11:21:37 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/09/24 19:12:27 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/05 21:26:40 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/30 20:01:05 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/08/21 05:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/10/12 08:40:34 | 000,417,792 | ---- | M] (SA International) [Auto | Running] -- C:\Program Files\SignWarehouse\Vinyl Express LXi\Program\SAiDownloaderVistaUI.exe -- (SAiDownloader)
SRV - [2011/10/12 08:38:38 | 000,077,824 | ---- | M] (SA International) [Auto | Running] -- C:\Windows\System32\SAiDownloaderVista.exe -- (SAiDownloaderVista)
SRV - [2011/10/12 08:28:36 | 000,065,536 | ---- | M] (SA International) [Auto | Running] -- C:\Windows\System32\SAiAdmin.exe -- (SAiAdmin)
SRV - [2011/05/27 01:03:02 | 000,374,304 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2010/02/19 16:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/20 14:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/10/17 03:41:10 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/10/14 09:30:26 | 000,476,528 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/19 15:58:32 | 000,086,016 | R--- | M] (SA International) [Auto | Running] -- C:\Windows\System32\SAiLicSvr.exe -- (SAiLicSvr)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\catchme.sys -- (catchme)
DRV - [2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/21 05:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 05:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 05:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 05:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/08/21 05:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/08/21 05:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/01/04 10:28:36 | 000,016,128 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtkdrv.sys -- (TrojanKillerDriver)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/05/27 07:05:08 | 000,041,896 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SNTNLUSB.SYS -- (SNTNLUSB)
DRV - [2011/03/18 09:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011/03/18 09:46:10 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/04/12 04:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/10/20 14:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/10/17 03:41:16 | 000,450,248 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2009/10/14 09:30:02 | 000,025,208 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2009/10/14 09:29:48 | 000,035,448 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\AK\icsak.sys -- (icsak)
DRV - [2009/10/12 21:15:28 | 000,305,168 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
DRV - [2009/10/12 21:15:26 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E5 39 55 8E C3 9E CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012/08/30 19:38:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/08/30 19:40:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012/09/05 17:05:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/30 04:16:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/22 01:28:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/09/30 11:23:15 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions
[2012/09/30 11:23:15 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2012/09/22 01:28:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/05 21:27:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/05 21:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/05 21:26:22 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/09/28 16:22:14 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35048641-5242-4676-B360-E7CF5876E6E2}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = batfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/30 11:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
[2012/09/30 11:56:40 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2012/09/30 11:23:15 | 000,000,000 | ---D | C] -- C:\Mozilla
[2012/09/30 11:23:15 | 000,000,000 | ---D | C] -- \Mozilla
[2012/09/30 11:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/09/30 11:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentControl_v2
[2012/09/30 11:22:53 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012/09/30 11:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/09/30 10:31:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/09/30 10:31:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/09/30 04:24:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/09/30 04:24:47 | 000,000,000 | -HSD | C] -- \Config.Msi
[2012/09/30 04:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/09/30 04:17:32 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/09/30 04:17:31 | 000,355,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/09/30 04:17:25 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/09/30 04:17:23 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/09/30 04:17:20 | 000,729,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/09/30 04:17:14 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/09/30 04:16:38 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/09/30 04:16:37 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/09/30 04:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/09/30 04:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/30 02:02:14 | 000,000,000 | ---D | C] -- C:\RRTVAULT
[2012/09/30 02:02:14 | 000,000,000 | ---D | C] -- \RRTVAULT
[2012/09/29 18:10:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012/09/29 18:09:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/09/29 17:53:02 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012/09/29 11:43:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2012/09/29 11:01:43 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/09/25 21:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/09/25 11:07:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\MFAData
[2012/09/24 19:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/09/24 19:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/09/24 19:10:13 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/09/24 19:07:23 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/09/24 19:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/09/24 19:07:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/09/24 19:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/09/24 19:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/09/24 16:41:47 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/09/24 16:35:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/09/24 16:35:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/09/24 16:35:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/09/24 16:35:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/24 16:35:05 | 000,000,000 | ---D | C] -- \Qoobox
[2012/09/24 16:34:43 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/24 13:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/24 13:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/24 13:11:28 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/24 13:11:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/23 19:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vinyl Express LXi
[2012/09/23 19:52:12 | 000,086,016 | R--- | C] (SA International) -- C:\Windows\System32\SAiLicSvr.exe
[2012/09/23 19:51:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SafeNet Sentinel
[2012/09/23 19:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SignWarehouse
[2012/09/23 19:48:43 | 000,077,824 | ---- | C] (SA International) -- C:\Windows\System32\SAiDownloaderVista.exe
[2012/09/23 19:48:43 | 000,065,536 | ---- | C] (SA International) -- C:\Windows\System32\SAiAdmin.exe
[2012/09/23 19:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SAi
[2012/09/23 19:47:06 | 000,000,000 | ---D | C] -- C:\Program Files\SignWarehouse
[2012/09/23 19:47:05 | 000,014,336 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\HotFldrUI.dll
[2012/09/22 01:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/09/22 01:28:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/09/22 01:28:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/09/21 17:09:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LOCALAPPDATA%
[2012/09/16 13:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\Templates
[2012/09/16 13:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\Start Menu
[2012/09/16 13:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\SendTo
[2012/09/16 13:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\Recent
[2012/09/16 13:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\PrintHood
[2012/09/16 13:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\NetHood
[2012/09/16 13:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\Local Settings
[2012/09/16 13:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\Cookies
[2012/09/16 13:43:12 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\Application Data
[2012/09/16 13:43:11 | 000,000,000 | -HSD | C] -- C:\Users\Lisette Miller\My Documents
[2012/09/16 13:42:18 | 000,000,000 | ---D | C] -- C:\Users\Lisette Miller\Adobe Flash Builder 4.5
[2012/09/16 13:42:16 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Desktop
[2012/09/16 13:42:16 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Contacts
[2012/09/16 13:42:16 | 000,000,000 | -H-D | C] -- C:\Users\Lisette Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/09/16 13:42:16 | 000,000,000 | -H-D | C] -- C:\Users\Lisette Miller\AppData
[2012/09/16 13:42:15 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Videos
[2012/09/16 13:42:15 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Searches
[2012/09/16 13:42:15 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Saved Games
[2012/09/16 13:42:15 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Pictures
[2012/09/16 13:42:15 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Music
[2012/09/16 13:42:15 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Links
[2012/09/16 13:42:15 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Favorites
[2012/09/16 13:42:15 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Downloads
[2012/09/16 13:42:15 | 000,000,000 | R--D | C] -- C:\Users\Lisette Miller\Documents
[2012/09/16 13:40:17 | 000,000,000 | ---D | C] -- C:\Recovery
[2012/09/16 13:40:17 | 000,000,000 | ---D | C] -- \Recovery
[2012/09/16 13:35:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/09/16 12:59:49 | 000,044,544 | ---- | C] (Absolute Software Corp.) -- C:\Windows\System32\agremove.exe
[2012/09/05 19:26:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2012/09/05 19:26:36 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2012/09/05 17:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Minnetonka Audio Software
[2012/09/05 16:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky SDK
[2012/09/05 16:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
[2012/09/05 16:46:05 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\kl1.sys
[2012/09/05 16:46:03 | 000,305,168 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2012/09/05 16:45:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs
[2012/09/05 16:45:25 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2012/09/05 16:44:59 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2012/09/05 16:16:51 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2012/09/05 16:16:34 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
========== Files - Modified Within 30 Days ==========
[2012/09/30 13:19:26 | 000,627,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/30 13:19:26 | 000,107,366 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/30 13:14:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/30 13:14:10 | 1609,015,296 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/30 13:13:31 | 000,016,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/30 13:13:31 | 000,016,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/30 11:56:45 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012/09/30 11:22:53 | 000,000,937 | ---- | M] () -- C:\Users\Lisette Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/09/30 11:22:53 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/09/30 10:31:05 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/09/30 04:17:33 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/09/30 04:17:14 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/09/30 02:06:25 | 000,001,221 | ---- | M] () -- C:\Windows\System32\userawacs.cfg
[2012/09/30 02:02:14 | 000,004,131 | ---- | M] () -- C:\ProgramData\ihfeumzb.qzk
[2012/09/29 22:04:20 | 000,000,238 | ---- | M] () -- C:\Windows\System32\usergui.cfg
[2012/09/29 21:24:12 | 000,000,120 | ---- | M] () -- C:\Windows\System32\userguistate.cfg
[2012/09/29 18:37:37 | 003,775,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/09/29 11:47:24 | 000,001,407 | ---- | M] () -- C:\Users\Lisette Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/29 11:23:56 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/09/28 16:22:14 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/09/24 19:10:17 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/09/24 16:40:06 | 000,000,144 | ---- | M] () -- C:\Windows\System32\pdfl.dat
[2012/09/24 16:15:34 | 000,000,726 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/09/24 13:11:32 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/24 12:08:19 | 000,001,382 | RHS- | M] () -- C:\Users\Lisette Miller\ntuser.pol
[2012/09/23 19:56:06 | 000,002,229 | ---- | M] () -- C:\Users\Public\Desktop\VE LXi Expert 10.5.lnk
[2012/09/23 19:56:06 | 000,002,004 | ---- | M] () -- C:\Users\Public\Desktop\Production Manager 10.5.lnk
[2012/09/23 19:45:16 | 000,000,032 | ---- | M] () -- C:\Windows\CD_Start.INI
[2012/09/22 01:46:38 | 000,001,485 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/22 01:28:39 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/09/16 13:39:50 | 000,040,251 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012/09/16 12:59:59 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\agremove.exe
[2012/09/09 23:37:00 | 000,000,139 | ---- | M] () -- C:\Windows\System32\devnum.vbs
[2012/09/08 20:54:26 | 000,000,027 | ---- | M] () -- C:\Windows\System32\netwin.bat
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/05 19:26:57 | 000,002,162 | ---- | M] () -- C:\Users\Lisette Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft Video Converter Ultimate 6.lnk
[2012/09/05 19:26:57 | 000,002,138 | ---- | M] () -- C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate 6.lnk
[2012/09/05 18:03:10 | 000,000,087 | ---- | M] () -- C:\Windows\System32\ssprs.tgz
[2012/09/05 18:03:09 | 000,000,219 | ---- | M] () -- C:\Windows\System32\lsprst7.tgz
[2012/09/05 18:03:09 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI
[2012/09/05 17:53:17 | 000,001,025 | ---- | M] () -- C:\Windows\System32\sysprs7.tgz
[2012/09/05 17:53:17 | 000,001,025 | ---- | M] () -- C:\Windows\System32\sysprs7.dll
[2012/09/05 17:53:17 | 000,001,025 | ---- | M] () -- C:\Windows\System32\clauth2.dll
[2012/09/05 17:53:17 | 000,001,025 | ---- | M] () -- C:\Windows\System32\clauth1.dll
[2012/09/05 16:17:23 | 000,000,144 | ---- | M] () -- C:\Windows\System32\lkfl.dat
[2012/09/05 16:17:23 | 000,000,080 | ---- | M] () -- C:\Windows\System32\ibfl.dat
========== Files Created - No Company Name ==========
[2012/09/30 11:56:45 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012/09/30 11:22:53 | 000,000,937 | ---- | C] () -- C:\Users\Lisette Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/09/30 11:22:53 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/09/30 10:31:05 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/09/30 04:17:33 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/09/30 02:02:14 | 000,004,131 | ---- | C] () -- C:\ProgramData\ihfeumzb.qzk
[2012/09/29 17:54:11 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012/09/29 17:53:58 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/09/29 17:52:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012/09/29 17:52:46 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012/09/29 17:52:40 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012/09/29 11:23:56 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/09/25 11:44:29 | 000,000,120 | ---- | C] () -- C:\Windows\System32\userguistate.cfg
[2012/09/24 19:10:17 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/09/24 16:35:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/09/24 16:35:24 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/09/24 16:35:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/09/24 16:35:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/09/24 16:35:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/24 13:11:32 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/24 11:59:56 | 000,001,221 | ---- | C] () -- C:\Windows\System32\userawacs.cfg
[2012/09/24 11:59:56 | 000,000,238 | ---- | C] () -- C:\Windows\System32\usergui.cfg
[2012/09/23 19:55:20 | 000,002,229 | ---- | C] () -- C:\Users\Public\Desktop\VE LXi Expert 10.5.lnk
[2012/09/23 19:55:20 | 000,002,004 | ---- | C] () -- C:\Users\Public\Desktop\Production Manager 10.5.lnk
[2012/09/23 19:45:16 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2012/09/22 01:28:39 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/09/22 01:28:39 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/09/16 13:42:22 | 000,002,162 | ---- | C] () -- C:\Users\Lisette Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft Video Converter Ultimate 6.lnk
[2012/09/16 13:42:22 | 000,001,407 | ---- | C] () -- C:\Users\Lisette Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/09/16 13:42:22 | 000,000,290 | ---- | C] () -- C:\Users\Lisette Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/09/16 13:42:22 | 000,000,272 | ---- | C] () -- C:\Users\Lisette Miller\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/09/16 13:42:15 | 000,001,382 | RHS- | C] () -- C:\Users\Lisette Miller\ntuser.pol
[2012/09/16 13:06:08 | 000,000,139 | ---- | C] () -- C:\Windows\System32\devnum.vbs
[2012/09/08 21:28:16 | 000,000,027 | ---- | C] () -- C:\Windows\System32\netwin.bat
[2012/09/08 19:04:43 | 000,000,726 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/09/05 19:26:57 | 000,002,138 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate 6.lnk
[2012/09/05 17:53:17 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.tgz
[2012/09/05 17:53:17 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2012/09/05 17:53:17 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2012/09/05 17:53:17 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2012/09/05 17:53:17 | 000,000,219 | ---- | C] () -- C:\Windows\System32\lsprst7.tgz
[2012/09/05 17:53:17 | 000,000,087 | ---- | C] () -- C:\Windows\System32\ssprs.tgz
[2012/09/05 17:53:17 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/09/05 16:45:26 | 000,001,485 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2012/09/05 16:17:23 | 000,000,144 | ---- | C] () -- C:\Windows\System32\pdfl.dat
[2012/09/05 16:17:23 | 000,000,144 | ---- | C] () -- C:\Windows\System32\lkfl.dat
[2012/09/05 16:17:23 | 000,000,080 | ---- | C] () -- C:\Windows\System32\ibfl.dat
[2012/08/29 22:00:03 | 1609,015,296 | -HS- | C] () -- \hiberfil.sys
[2009/07/13 22:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009/07/13 22:04:04 | 000,000,010 | ---- | C] () -- \config.sys
========== ZeroAccess Check ==========
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:888AFB86
< End of report >