OTL logfile created on: 4/29/2013 11:05:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jessi\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.96 Gb Total Physical Memory | 1.06 Gb Available Physical Memory | 35.92% Memory free
6.17 Gb Paging File | 4.48 Gb Available in Paging File | 72.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 218.20 Gb Total Space | 102.84 Gb Free Space | 47.13% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 7.80 Gb Free Space | 53.28% Space Free | Partition Type: NTFS
Drive F: | 393.72 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: JESSI-PC | User Name: Jessi | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/04/29 23:05:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jessi\Downloads\OTL.exe
PRC - [2013/04/09 01:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/03/29 10:45:02 | 002,937,384 | ---- | M] (AOL Inc.) -- C:\Users\Jessi\AppData\Local\AOL\AIM\aim.exe
PRC - [2012/11/13 14:08:14 | 003,500,568 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
PRC - [2012/11/13 14:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ========== MOD - [2013/04/09 01:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 01:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 01:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 01:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/03/29 10:43:40 | 023,756,328 | ---- | M] () -- C:\Users\Jessi\AppData\Local\AOL\AIM\libcef.dll
MOD - [2013/03/28 15:46:46 | 014,717,144 | ---- | M] () -- C:\Users\Jessi\AppData\Local\AOL\AIM\NPSWF32.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/08/23 09:38:24 | 000,574,840 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/03/19 16:50:59 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/06 05:36:52 | 000,093,984 | ---- | M] (Conduit) [Auto | Stopped] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/02/05 08:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/05/18 23:29:53 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2009/05/18 23:28:57 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/05/18 23:28:17 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
SRV - [2009/05/18 23:12:20 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/02/23 07:48:06 | 000,632,048 | ---- | M] (SoftThinks) [Auto | Stopped] -- C:\Windows\sminst\SftService.exe -- (SftService)
SRV - [2009/02/04 22:57:14 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Stopped] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/01/29 22:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2009/01/05 15:19:10 | 000,824,560 | ---- | M] (Dell Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2009/01/05 15:19:08 | 000,173,296 | ---- | M] (SingleClick Systems) [Auto | Stopped] -- C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2008/12/18 11:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/12/14 21:13:46 | 000,241,746 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\stacsv.exe -- (STacSV)
SRV - [2008/12/14 21:13:30 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ae0b52e0\AEstSrv.exe -- (AESTFilters)
SRV - [2008/05/07 15:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/01/20 19:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/21 11:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\Program Files\Common Files\Dell\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2007/09/14 11:35:04 | 005,730,304 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe -- (dsl-db)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6055061C-49CD-4E36-AD5D-492E09E20D6C}\MpKslf665a6b8.sys -- (MpKslf665a6b8)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/06/23 07:21:30 | 000,157,568 | ---- | M] (Hauppauge, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcwhdpvr.sys -- (hcwhdpvr)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/02/19 14:22:52 | 000,127,744 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ArcHlp.sys -- (archlp)
DRV - [2008/12/22 03:32:18 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/12/14 21:13:54 | 000,393,216 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/11/04 16:16:40 | 000,022,904 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support Center\HWDiag\bin\pcd5srvc.pkms -- (PCD5SRVC{3F6A8B78-EC003E00-05040104})
DRV - [2008/09/03 22:29:08 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/09/03 01:44:22 | 000,269,216 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA009Vid.sys -- (OA009Vid)
DRV - [2008/09/03 01:44:22 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OA009Ufd.sys -- (OA009Ufd)
DRV - [2008/06/17 09:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/01/20 19:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 00:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2005/08/17 07:47:48 | 000,073,696 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2005/08/17 07:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 07:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2005/06/24 17:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 10:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 10:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" =
http://slirsredirect...hromesbox-en-usIE - HKLM\..\SearchScopes\{4EAB203A-8E7C-42D9-82F2-F35DA6BF28E2}: "URL" =
http://search.live.c...ferrer:source?}IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USCON/1IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.condui...&ctid=CT3292584IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" =
http://slirsredirect...hromesbox-en-usIE - HKCU\..\SearchScopes\{4EAB203A-8E7C-42D9-82F2-F35DA6BF28E2}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...1I7ADBS_enUS432IE - HKCU\..\SearchScopes\{CC7ABE2A-E615-4A7A-85D7-4130ADA83E52}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:47392
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
http://search.condui...2200242225&UM=2CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
O1 HOSTS File: ([2013/04/17 15:34:41 | 000,444,749 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15278 more lines...
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Solid Savings) - {11111111-1111-1111-1111-110211621178} - C:\Program Files\Solid Savings\Solid Savings.dll (215 Apps)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files\PricePeep\pricepeep.dll (PricePeep)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [RunDLLEntry] C:\Windows\System32\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [SMessaging] C:\Users\Jessi\AppData\Local\Strongvault Online Backup\SMessaging.exe (Stronghold Online Backup)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BackupAgent] C:\Program Files\Strongvault Online Backup\BackupAgent.exe (Strongvault LLC)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_F51A6D0EEE39DF9BB15E2444D1233C4B] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Jessi\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [SightSpeed] C:\Program Files\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe (Adobe Systems Incorporated)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; GTB6.6; SLCC1; .NET CLR 2.0.50727; MDDC; .NET CLR 3.5.30729; WinNT-PAI 01.09.2009; .NET4.0C; .NET CLR 3.0.30729)" -"
http://mappinghistor...ive/map32.html" File not found
O4 - Startup: C:\Users\Jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.lnk = C:\Users\Jessi\AppData\Local\Strongvault\StrongVaultApp.exe ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18C4C674-F587-4FDC-A02F-467FE837A48F}: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A5EA9E0-83B8-4D98-8E47-6FB6667165A1}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O24 - Desktop WallPaper: C:\Users\Jessi\Downloads\abstract_0013.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jessi\Downloads\abstract_0013.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 14:01:00 | 000,000,053 | -HS- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2010/07/13 06:46:19 | 000,000,000 | ---D | M] - F:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2007/08/14 07:29:44 | 000,000,055 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3eb5f0b0-59ac-11e0-8d73-0023ae342cef}\Shell - "" = AutoRun
O33 - MountPoints2\{3eb5f0b0-59ac-11e0-8d73-0023ae342cef}\Shell\AutoRun\command - "" = D:\TLBootstrap_WPP.exe
O33 - MountPoints2\{5858a4fc-e1b3-11df-8745-0023ae342cef}\Shell\AutoRun\command - "" = H:\PMBP_Win.exe
O33 - MountPoints2\{97ba615e-440c-11de-a745-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{97ba615e-440c-11de-a745-806e6f6e6963}\Shell\AutoRun\command - "" = F:\.\Setup.exe -- [2009/05/13 07:09:17 | 000,183,640 | R--- | M] ()
O33 - MountPoints2\{cdfe852f-ede0-11de-884f-0023ae342cef}\Shell\AutoRun\command - "" = H:\MI.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
========== Files/Folders - Created Within 30 Days ========== [2013/04/29 15:12:45 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Roaming\Malwarebytes
[2013/04/29 15:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/04/29 15:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/04/29 12:50:22 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Roaming\TuneUp Software
[2013/04/29 12:49:17 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/04/29 12:49:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/04/29 12:48:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/04/29 12:32:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/04/29 12:32:54 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\MFAData
[2013/04/29 12:32:54 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/04/29 12:32:54 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\Avg2013
[2013/04/28 19:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2013/04/28 19:06:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013/04/28 19:06:22 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain
[2013/04/28 16:19:45 | 000,000,000 | ---D | C] -- C:\Users\Jessi\.thumbnails
[2013/04/28 16:11:21 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\fontconfig
[2013/04/28 16:11:14 | 000,000,000 | ---D | C] -- C:\Users\Jessi\.gimp-2.8
[2013/04/28 16:11:10 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\gegl-0.2
[2013/04/24 17:47:42 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Roaming\Strongvault
[2013/04/24 17:46:53 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Roaming\vlc
[2013/04/24 17:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2013/04/24 17:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/04/24 17:45:56 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\Strongvault Online Backup
[2013/04/24 17:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Strongvault Online Backup
[2013/04/24 17:45:52 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\Strongvault
[2013/04/24 17:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\Strongvault Online Backup
[2013/04/24 17:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/04/24 17:45:44 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Strongvault Online Backup
[2013/04/24 17:45:31 | 000,000,000 | -HSD | C] -- C:\AI_RecycleBin
[2013/04/23 12:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
[2013/04/23 12:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\Cain
[2013/04/23 12:03:49 | 000,000,000 | ---D | C] -- C:\Users\Jessi\Desktop\UDP Unicorn
[2013/04/18 22:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2013/04/18 22:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2013/04/18 22:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2013/04/08 19:19:49 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIM for Windows
[2013/04/08 19:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2013/03/31 21:05:25 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2013/03/31 20:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Net Tools
[2013/03/31 20:45:38 | 000,077,824 | ---- | C] (JVSoftware) -- C:\Windows\System32\nmapwin.exe
[2013/03/31 20:45:35 | 000,114,688 | ---- | C] (Open Source Telecom) -- C:\Windows\System32\CCGNU32.dll
[2013/03/31 20:45:25 | 000,010,752 | ---- | C] (Almeida & Andrade Ltda) -- C:\Windows\System32\aamd532.dll
[2013/03/31 20:45:22 | 000,939,224 | ---- | C] (Macromedia, Inc.) -- C:\Windows\System32\Flash.ocx
[2013/03/31 20:32:30 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\iLivid
[2013/03/31 20:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\Net Tools
[2013/03/31 20:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\PricePeep
[2013/03/31 20:13:22 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\Solid Savings
[2013/03/31 20:13:12 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\Updater26278
[2013/03/31 20:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Solid Savings
[2013/03/31 20:12:21 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/03/31 20:11:27 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\Conduit
[2013/03/31 20:10:43 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2013/03/31 20:10:27 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Roaming\SearchProtect
[2013/03/31 20:10:23 | 000,000,000 | ---D | C] -- C:\Users\Jessi\AppData\Local\CRE
========== Files - Modified Within 30 Days ========== [2013/04/29 20:56:11 | 000,907,768 | ---- | M] () -- C:\Users\Jessi\Desktop\IMG_2342 (1).jpg
[2013/04/29 20:08:52 | 000,078,499 | ---- | M] () -- C:\Users\Jessi\Desktop\logo20462277001271987215.png
[2013/04/29 18:11:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/29 17:28:06 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/29 17:28:06 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/29 17:28:05 | 000,000,620 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/04/29 17:13:04 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/29 17:12:56 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\Registry Optimizer_DEFAULT.job
[2013/04/29 17:00:11 | 000,006,756 | ---- | M] () -- C:\Users\Jessi\AppData\Local\d3d9caps.dat
[2013/04/29 10:07:47 | 000,049,283 | ---- | M] () -- C:\Users\Jessi\Desktop\Exam 2.pdf
[2013/04/29 10:07:05 | 000,064,490 | ---- | M] () -- C:\Users\Jessi\Desktop\Functions Test Final.pdf
[2013/04/28 16:23:37 | 000,102,955 | ---- | M] () -- C:\Users\Jessi\Untitled.xcf
[2013/04/28 16:23:37 | 000,001,458 | ---- | M] () -- C:\Users\Jessi\AppData\Local\recently-used.xbel
[2013/04/25 08:57:59 | 000,034,350 | ---- | M] () -- C:\Users\Jessi\Desktop\Functions 2 - Exam 2.pdf
[2013/04/25 03:01:06 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\Registry Optimizer_UPDATES.job
[2013/04/25 03:01:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/25 03:00:45 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/24 17:46:38 | 000,000,821 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/04/24 17:45:58 | 000,001,926 | ---- | M] () -- C:\Users\Jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.lnk
[2013/04/24 17:45:29 | 000,000,000 | ---- | M] () -- C:\END
[2013/04/24 17:43:37 | 000,069,877 | ---- | M] () -- C:\Windows\unins000.dat
[2013/04/24 17:42:08 | 000,723,230 | ---- | M] () -- C:\Windows\unins000.exe
[2013/04/24 12:57:34 | 000,000,616 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/04/18 21:10:16 | 000,087,098 | ---- | M] () -- C:\Users\Jessi\Desktop\My girl.jpg
[2013/04/17 15:34:41 | 000,444,749 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/04/10 03:31:18 | 000,286,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/04/09 20:34:14 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/09 16:48:38 | 588,907,279 | ---- | M] () -- C:\Users\Jessi\Documents\Untitled.mp4
[2013/04/09 15:06:12 | 084,998,562 | ---- | M] () -- C:\Users\Jessi\Documents\Track 3 - 1.wav
[2013/04/09 15:06:12 | 000,332,080 | ---- | M] () -- C:\Users\Jessi\Documents\Track 3 - 1.sfk
[2013/04/09 15:06:12 | 000,001,024 | ---- | M] () -- C:\Users\Jessi\Documents\Track 3 - 2.wav
[2013/04/08 19:19:49 | 000,000,867 | ---- | M] () -- C:\Users\Jessi\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2013/04/08 19:19:49 | 000,000,865 | ---- | M] () -- C:\Users\Jessi\Desktop\AIM.lnk
[2013/04/02 03:10:32 | 000,640,462 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/02 03:10:32 | 000,118,682 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/01 17:22:55 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2013/03/31 20:46:08 | 000,000,778 | ---- | M] () -- C:\Users\Jessi\Desktop\NetTools.lnk
[2013/03/31 20:35:16 | 000,000,835 | ---- | M] () -- C:\Users\Jessi\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013/03/31 20:35:16 | 000,000,833 | ---- | M] () -- C:\Users\Jessi\Desktop\iLivid.lnk
[2013/03/31 20:29:26 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
========== Files Created - No Company Name ========== [2013/04/29 20:56:09 | 000,907,768 | ---- | C] () -- C:\Users\Jessi\Desktop\IMG_2342 (1).jpg
[2013/04/29 20:08:51 | 000,078,499 | ---- | C] () -- C:\Users\Jessi\Desktop\logo20462277001271987215.png
[2013/04/29 10:07:47 | 000,049,283 | ---- | C] () -- C:\Users\Jessi\Desktop\Exam 2.pdf
[2013/04/29 10:07:03 | 000,064,490 | ---- | C] () -- C:\Users\Jessi\Desktop\Functions Test Final.pdf
[2013/04/28 16:23:37 | 000,102,955 | ---- | C] () -- C:\Users\Jessi\Untitled.xcf
[2013/04/28 16:23:37 | 000,001,458 | ---- | C] () -- C:\Users\Jessi\AppData\Local\recently-used.xbel
[2013/04/25 08:57:56 | 000,034,350 | ---- | C] () -- C:\Users\Jessi\Desktop\Functions 2 - Exam 2.pdf
[2013/04/24 17:46:38 | 000,000,821 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/04/24 17:45:58 | 000,001,926 | ---- | C] () -- C:\Users\Jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.lnk
[2013/04/24 17:43:22 | 000,723,230 | ---- | C] () -- C:\Windows\unins000.exe
[2013/04/24 17:43:22 | 000,069,877 | ---- | C] () -- C:\Windows\unins000.dat
[2013/04/23 12:25:00 | 000,416,768 | ---- | C] () -- C:\Users\Jessi\Desktop\UDP Unicorn.exe
[2013/04/18 21:10:16 | 000,087,098 | ---- | C] () -- C:\Users\Jessi\Desktop\My girl.jpg
[2013/04/09 15:06:12 | 000,332,080 | ---- | C] () -- C:\Users\Jessi\Documents\Track 3 - 1.sfk
[2013/04/09 15:06:12 | 000,001,024 | ---- | C] () -- C:\Users\Jessi\Documents\Track 3 - 2.wav
[2013/04/09 14:58:46 | 084,998,562 | ---- | C] () -- C:\Users\Jessi\Documents\Track 3 - 1.wav
[2013/04/08 19:19:49 | 000,000,865 | ---- | C] () -- C:\Users\Jessi\Desktop\AIM.lnk
[2013/03/31 20:46:08 | 000,000,778 | ---- | C] () -- C:\Users\Jessi\Desktop\NetTools.lnk
[2013/03/31 20:45:38 | 000,809,345 | ---- | C] () -- C:\Windows\System32\nmap-os-fingerprints
[2013/03/31 20:45:38 | 000,557,444 | ---- | C] () -- C:\Windows\System32\nmap-service-probes
[2013/03/31 20:45:38 | 000,482,123 | ---- | C] () -- C:\Windows\System32\nmapwin.chm
[2013/03/31 20:45:38 | 000,452,096 | ---- | C] () -- C:\Windows\System32\nmap.exe
[2013/03/31 20:45:38 | 000,290,816 | ---- | C] () -- C:\Windows\System32\nmapserv.exe
[2013/03/31 20:45:38 | 000,225,546 | ---- | C] () -- C:\Windows\System32\nmap-mac-prefixes
[2013/03/31 20:45:38 | 000,192,007 | ---- | C] () -- C:\Windows\System32\CHANGELOG
[2013/03/31 20:45:38 | 000,108,536 | ---- | C] () -- C:\Windows\System32\nmap-services
[2013/03/31 20:45:38 | 000,025,611 | ---- | C] () -- C:\Windows\System32\COPYING
[2013/03/31 20:45:38 | 000,021,552 | ---- | C] () -- C:\Windows\System32\nmap.xsl
[2013/03/31 20:45:38 | 000,017,955 | ---- | C] () -- C:\Windows\System32\nmap-rpc
[2013/03/31 20:45:38 | 000,006,318 | ---- | C] () -- C:\Windows\System32\nmap-protocols
[2013/03/31 20:45:38 | 000,000,192 | ---- | C] () -- C:\Windows\System32\nmap_performance.reg
[2013/03/31 20:45:22 | 000,010,348 | ---- | C] () -- C:\Windows\System32\SubclassingSink.tlb
[2013/03/31 20:35:16 | 000,000,841 | ---- | C] () -- C:\Users\Jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
[2013/03/31 20:35:16 | 000,000,835 | ---- | C] () -- C:\Users\Jessi\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
[2013/03/31 20:35:16 | 000,000,833 | ---- | C] () -- C:\Users\Jessi\Desktop\iLivid.lnk
[2013/03/31 20:29:26 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2013/03/31 20:09:58 | 000,000,000 | ---- | C] () -- C:\END
[2013/03/24 19:29:25 | 000,127,744 | ---- | C] () -- C:\Windows\System32\drivers\ArcHlp.sys
[2013/03/24 19:21:11 | 000,000,265 | ---- | C] () -- C:\Windows\HCWBlast.ini
[2013/03/24 19:20:22 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2013/03/24 19:19:50 | 000,002,336 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2012/05/27 15:46:21 | 000,225,233 | ---- | C] () -- C:\Users\Jessi\AppData\Roaming\UserTile.png
[2011/12/10 23:55:26 | 000,123,720 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/07/30 14:11:32 | 000,006,022 | -HS- | C] () -- C:\Users\Jessi\AppData\Local\8w1q6yk7g38oh2v5al00mcc5270
[2011/07/30 14:11:32 | 000,006,022 | -HS- | C] () -- C:\ProgramData\8w1q6yk7g38oh2v5al00mcc5270
[2011/07/30 14:11:30 | 000,000,000 | ---- | C] () -- C:\ProgramData\qrsa.exe
[2011/07/30 14:11:30 | 000,000,000 | ---- | C] () -- C:\Users\Jessi\AppData\Local\pxwm.exe
[2011/07/30 14:11:30 | 000,000,000 | ---- | C] () -- C:\ProgramData\ovih.exe
[2011/07/30 14:11:30 | 000,000,000 | ---- | C] () -- C:\ProgramData\nskh.exe
[2011/07/30 14:11:30 | 000,000,000 | ---- | C] () -- C:\Users\Jessi\AppData\Local\nhpp.exe
[2011/07/30 14:11:30 | 000,000,000 | ---- | C] () -- C:\ProgramData\mqbg.exe
[2011/07/30 14:11:30 | 000,000,000 | ---- | C] () -- C:\Users\Jessi\AppData\Local\jqjq.exe
[2011/07/30 14:11:30 | 000,000,000 | ---- | C] () -- C:\Users\Jessi\AppData\Local\ceec.exe
[2011/06/03 21:33:39 | 000,010,422 | -HS- | C] () -- C:\Users\Jessi\AppData\Local\io2j138s300jt5
[2011/06/03 21:33:39 | 000,010,422 | -HS- | C] () -- C:\ProgramData\io2j138s300jt5
[2010/06/21 13:23:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/07 18:57:34 | 000,006,756 | ---- | C] () -- C:\Users\Jessi\AppData\Local\d3d9caps.dat
[2009/08/03 17:57:54 | 000,014,312 | ---- | C] () -- C:\Users\Jessi\AppData\Roaming\wklnhst.dat
[2009/07/28 21:04:31 | 000,331,776 | ---- | C] () -- C:\Users\Jessi\AppData\Roaming\DataSafeDotNet.exe
[2009/05/27 15:46:44 | 000,081,408 | ---- | C] () -- C:\Users\Jessi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ========== [2006/11/02 05:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2010/01/29 23:42:44 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\acccore
[2011/05/02 16:52:04 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Awem
[2010/02/06 12:26:20 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\BanzaiInteractive
[2009/10/25 10:04:29 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\BeachPartyCraze
[2011/01/30 18:36:52 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Boomzap
[2009/09/10 16:05:41 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Camel101
[2009/09/15 19:43:59 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\CupcakeCafe
[2010/09/07 09:52:31 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\DigirononGames
[2011/04/03 13:06:07 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Dying for Daylight
[2011/04/03 13:06:43 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Dying for Daylight Shared
[2009/12/26 12:34:38 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\EscapeTheMuseum2
[2009/06/01 21:38:06 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Farm Mania
[2011/07/29 20:48:49 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Farm Mania 2
[2009/08/25 15:54:32 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Fever Frenzy
[2009/10/23 16:51:49 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Flood Light Games
[2010/07/08 21:50:46 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Floodlight Games
[2009/09/23 16:19:59 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\FloodLightGames
[2011/01/04 15:37:19 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Freeze Tag
[2010/05/22 09:41:35 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\FreezeTag
[2010/05/19 19:24:25 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Fugazo
[2011/07/09 20:17:08 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\funkitron
[2010/07/18 22:12:34 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\GamesCafe
[2010/12/21 10:20:46 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Gogii
[2009/09/18 16:07:02 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Gold Casual Games
[2009/06/09 12:12:32 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\GOL_byHasbro
[2009/09/25 20:26:15 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\IronCode
[2009/10/23 16:30:35 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\iWin_generic
[2011/01/20 22:07:47 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\LittleGamesCompany
[2011/01/20 07:08:06 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Meridian93
[2009/09/17 16:14:10 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Merscom
[2011/02/04 23:28:25 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Mystery of Mortlake Mansion
[2010/05/26 16:47:17 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Namco
[2013/04/29 17:10:12 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Nico Mak Computing
[2010/08/28 13:11:17 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\PeaceCraft2
[2011/07/13 00:49:25 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\PlayFirst
[2009/10/16 09:11:15 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Playrix Entertainment
[2009/10/05 16:40:44 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Princess Isabella
[2013/03/27 23:37:05 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Publish Providers
[2012/07/02 11:34:11 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\redsn0w
[2011/02/11 22:40:35 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Scholastic
[2013/03/31 20:10:44 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\SearchProtect
[2009/09/17 16:29:00 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Shape games
[2010/08/29 01:11:44 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Silverback Productions
[2013/03/28 12:00:13 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Sony
[2011/04/08 20:16:46 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\SpinTop Games
[2013/04/28 16:27:03 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Strongvault
[2009/08/03 17:57:55 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Template
[2010/05/27 16:32:14 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\The Inquisitor
[2010/09/11 18:00:03 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Total Eclipse
[2013/04/29 12:50:22 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\TuneUp Software
[2010/05/30 10:52:03 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\UNOUndercover
[2013/04/29 17:10:12 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\uTorrent
[2010/09/02 21:05:38 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\V-Games
[2011/05/09 19:26:09 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\Visan
[2009/09/21 16:40:52 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\WildGames 3 Days Zoo Mystery
[2012/12/24 21:36:44 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\WildTangent
[2010/04/22 17:35:59 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\WildTangent Janes Realty2
[2010/07/06 17:48:17 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\WildTangentv1000
[2009/08/25 16:49:56 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\WildTangentv1001
[2010/09/17 18:15:05 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\WildTangentv1002
[2009/09/21 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\Jessi\AppData\Roaming\WildTangentv1005
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2009/05/19 01:25:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009/05/19 01:25:48 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009/05/19 01:25:48 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2012/11/13 14:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) MD5=E4A0900CF535888DDD85B10040CA3E34 -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe
[2009/05/19 01:25:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 19:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SERVICES.EXE >[2008/01/20 19:34:36 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SVCHOST.EXE >[2008/01/20 19:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 19:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/20 19:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 19:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 19:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< %systemroot%\*. /mp /s > ========== Alternate Data Streams ========== @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5D432CE3
< End of report >