Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Someprograms and Files Close on their own accord

Started by curlex , Oct 08 2009 07:02 AM

  • Please log in to reply

#1
curlex
Posted 08 October 2009 - 07:02 AM

curlex

    Member

  • Member
  • PipPip
  • 26 posts
Hello . This morning I logged in and tried opening Photoshop tocontin ue to work on my artwork but the minute i tried to look up the folder "My Pictures" it closed down so i treid opening it again and it did the same thing. I tried going directly to the folder but when I did it closed down. So I tried opening the folder in Paint and the minute I clicked on the Folder my Pictures it did the same . I dont kow what to do please help me. I also have another problem with Dr.watson Post mortem debugger I get the message "Dr. Watson Post Mortem Debugger Has Encountered A Problem And Needs To Close". no matter what i click it freezes my computer and i have to restart. Also C:\$Mft file is said to be corrupt or unreadable. I know it seems like alot of problems but please help .Any help would be apprecitated.


Here is a otl log:

OTL logfile created on: 2009/10/08 14:03:36 - Run 1
OTL by OldTimer - Version 3.0.18.4 Folder = C:\Documents and Settings\Hisham\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000411 | Country: Japan | Language: JPN | Date Format: yyyy/MM/dd

1014.07 Mb Total Physical Memory | 352.42 Mb Available Physical Memory | 34.75% Memory free
2.38 Gb Paging File | 1.48 Gb Available in Paging File | 62.12% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.69 Gb Total Space | 5.48 Gb Free Space | 10.40% Space Free | Partition Type: NTFS
Drive D: | 18.61 Gb Total Space | 18.18 Gb Free Space | 97.71% Space Free | Partition Type: NTFS
Drive E: | 1.91 Gb Total Space | 1.91 Gb Free Space | 99.99% Space Free | Partition Type: FAT
Drive F: | 131.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 1.95 Mb Total Space | 1.49 Mb Free Space | 76.13% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HISHAM
Current User Name: Hisham
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/08/30 00:32:01 | 00,715,392 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/02/21 23:02:53 | 00,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007/08/27 16:36:34 | 00,111,912 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe
PRC - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2007/01/30 15:30:39 | 00,537,520 | ---- | M] ( ) -- C:\WINDOWS\System32\lxcjcoms.exe
PRC - [2009/09/16 14:48:40 | 00,092,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2008/01/30 03:19:34 | 00,041,472 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbMediaService.exe
PRC - [2005/12/22 20:21:44 | 00,061,526 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\PRISMSVC.EXE
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2005/01/14 09:32:38 | 00,053,248 | ---- | M] () -- C:\WINDOWS\System32\PAStiSvc.exe
PRC - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
PRC - [2005/12/22 20:15:46 | 00,381,014 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\PRISMSVR.EXE
PRC - [2005/10/14 13:46:34 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\hkcmd.exe
PRC - [2005/10/14 13:50:30 | 00,114,688 | ---- | M] (Intel Corporation) -- C:\WINDOWS\System32\igfxpers.exe
PRC - [2006/10/16 22:52:12 | 00,185,784 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2005/09/21 18:08:48 | 00,290,816 | ---- | M] (WALTOP International Corp.) -- C:\WINDOWS\System32\atwtusb.exe
PRC - [2007/09/16 13:04:30 | 00,720,896 | ---- | M] (eSnips Ltd.) -- C:\Program Files\eSnips\ClientGW.exe
PRC - [2007/01/30 15:32:06 | 00,205,744 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 8300 Series\lxcjmon.exe
PRC - [2007/01/30 15:35:59 | 00,103,344 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 8300 Series\ezprint.exe
PRC - [2006/09/20 08:35:26 | 00,020,480 | ---- | M] () -- C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe
PRC - [2005/06/17 19:09:08 | 00,061,440 | ---- | M] (WALTOP International Corp.) -- C:\WINDOWS\System32\TBLMOUSE.EXE
PRC - [2006/10/30 16:59:34 | 00,024,576 | ---- | M] () -- C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2007/05/14 23:22:22 | 00,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2009/02/06 19:21:00 | 00,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009/03/09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/08/30 00:32:19 | 01,796,368 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2009/09/21 16:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2004/07/19 07:51:24 | 00,306,688 | ---- | M] (Gteko Ltd.) -- C:\Program Files\Dell Support\DSAgnt.exe
PRC - [2008/08/13 18:06:56 | 03,660,848 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
PRC - [2008/04/01 02:54:06 | 00,507,904 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbTray.exe
PRC - [2007/08/30 11:50:42 | 00,205,480 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
PRC - [2009/02/06 19:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/05/20 00:26:22 | 03,561,720 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2003/10/29 02:06:00 | 00,024,576 | R--- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2005/12/22 21:14:54 | 00,921,704 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Wireless\PRISMCFG.exe
PRC - [2003/08/29 19:05:35 | 00,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 11:14:56 | 00,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
PRC - [2008/01/30 03:19:32 | 00,073,728 | ---- | M] (Orb Networks, Inc.) -- C:\Program Files\Winamp Remote\bin\Orb.exe
PRC - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/02/06 18:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009/08/10 20:44:59 | 15,900,672 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe
PRC - [2008/04/14 01:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/10/08 13:46:48 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hisham\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2007/01/05 21:28:09 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/02/21 23:02:53 | 00,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/08/30 00:32:01 | 00,715,392 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent [Auto | Running])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/06 19:08:58 | 00,533,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc [On_Demand | Stopped])
SRV - [2009/03/03 14:53:32 | 00,033,176 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper [On_Demand | Stopped])
SRV - [2009/04/12 14:54:22 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2008/04/14 01:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/08/27 16:36:34 | 00,111,912 | ---- | M] (SingleClick Systems) -- C:\Program Files\Dell Network Assistant\hnm_svc.exe -- (hnmsvc [Auto | Running])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/09/21 16:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/03/09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2008/02/21 23:02:44 | 03,220,856 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate [On_Demand | Stopped])
SRV - [2007/01/30 15:30:39 | 00,537,520 | ---- | M] ( ) -- C:\WINDOWS\System32\lxcjcoms.exe -- (lxcj_device [Auto | Running])
SRV - [2009/09/16 14:48:40 | 00,092,296 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service [Auto | Running])
SRV - [2004/11/19 11:26:40 | 00,147,456 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe -- (NetSvc [On_Demand | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - File not found -- -- (NMIndexingService [Disabled | Stopped])
SRV - [2008/01/30 03:19:34 | 00,041,472 | ---- | M] (Orb Networks) -- C:\Program Files\Winamp Remote\bin\OrbMediaService.exe -- (OrbMediaService [Auto | Running])
SRV - [2005/12/22 20:21:44 | 00,061,526 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\PRISMSVC.EXE -- (PRISMSVC [Auto | Running])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2006/11/06 15:21:10 | 00,210,432 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer [On_Demand | Stopped])
SRV - [2005/01/14 09:32:38 | 00,053,248 | ---- | M] () -- C:\WINDOWS\System32\PAStiSvc.exe -- (STI Simulator [Auto | Running])
SRV - [2006/10/18 21:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft...amp;ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,startpage = http://www.spy-prote...om/securitypage
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}:1.5.47.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.4
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Application Data\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/05/26 14:08:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2009/10/02 16:33:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/03/07 00:09:29 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 21:00:31 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2009/06/17 23:50:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\mozilla\Extensions
[2009/06/17 23:50:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/12 17:20:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\mozilla\Extensions\[email protected]
[2009/06/17 23:50:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\mozilla\Firefox\Profiles\hrelnuiy.default\extensions

O1 HOSTS File: (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (eSnips) - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll (eSnips Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [atwtusb] C:\WINDOWS\System32\atwtusb.exe (WALTOP International Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.CPL (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [eSnips] C:\Program Files\eSnips\ClientGW.exe (eSnips Ltd.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 8300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LXCJCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcjmon.exe] C:\Program Files\Lexmark 8300 Series\lxcjmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [DellSupport] C:\Program Files\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Orb] C:\Program Files\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe File not found
O4 - HKCU..\Run: [Veoh] C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless USB 2.0 WLAN Card Utility.lnk = C:\Program Files\Dell Wireless\PRISMCFG.exe (Dell Inc.)
O4 - Startup: C:\Documents and Settings\Hisham\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcaf...01/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} http://www.miniclip....er/igloader.CAB (igLoader Content on Demand)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\PRISMAPI.DLL: DllName - PRISMAPI.DLL - C:\WINDOWS\System32\PRISMAPI.DLL (Conexant Systems, Inc.)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/03/06 20:52:30 | 00,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/06 20:52:31 | 00,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/01/10 17:14:34 | 00,000,288 | ---- | M] () - E:\autorun.inf -- [ FAT ]
O32 - AutoRun File - [2009/01/10 17:14:46 | 00,000,288 | RHS- | M] () - G:\autorun.inf -- [ FAT ]
O33 - MountPoints2\{26536b2e-d710-11dc-a581-00160109c987}\Shell - "" = AutoRun
O33 - MountPoints2\{26536b2e-d710-11dc-a581-00160109c987}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{26536b2e-d710-11dc-a581-00160109c987}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{26536b2f-d710-11dc-a581-00160109c987}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- [2008/05/13 19:01:24 | 00,044,544 | RHS- | M] ()
O33 - MountPoints2\{26536b2f-d710-11dc-a581-00160109c987}\Shell\open\command - "" = G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- [2008/05/13 19:01:24 | 00,044,544 | RHS- | M] ()
O33 - MountPoints2\{800ed877-873d-11dd-a6a1-00160109c987}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- [2008/05/13 19:01:24 | 00,044,544 | RHS- | M] ()
O33 - MountPoints2\{800ed877-873d-11dd-a6a1-00160109c987}\Shell\open\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- [2008/05/13 19:01:24 | 00,044,544 | RHS- | M] ()
O33 - MountPoints2\{c6c7c9c4-d8c1-11dd-a700-00160109c987}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- [2008/05/13 19:01:24 | 00,044,544 | RHS- | M] ()
O33 - MountPoints2\{c6c7c9c4-d8c1-11dd-a700-00160109c987}\Shell\open\command - "" = E:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- [2008/05/13 19:01:24 | 00,044,544 | RHS- | M] ()
O33 - MountPoints2\{c6c7c9c5-d8c1-11dd-a700-00160109c987}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- [2008/05/13 19:01:24 | 00,044,544 | RHS- | M] ()
O33 - MountPoints2\{c6c7c9c5-d8c1-11dd-a700-00160109c987}\Shell\open\command - "" = G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\autorunme.exe -- [2008/05/13 19:01:24 | 00,044,544 | RHS- | M] ()
O33 - MountPoints2\{e026b2fc-8551-11dc-a547-00160109c987}\Shell - "" = AutoRun
O33 - MountPoints2\{e026b2fc-8551-11dc-a547-00160109c987}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e026b2fc-8551-11dc-a547-00160109c987}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (/p) - File not found
O34 - HKLM BootExecute: (\??\C:) - File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2009/09/26 14:34:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/10/07 17:32:34 | 00,000,000 | ---D | C] -- C:\Program Files\Audacity
[2009/10/07 16:53:51 | 00,000,000 | ---D | C] -- C:\Program Files\DebugMode
[2009/10/08 13:07:34 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/09/26 14:22:12 | 00,000,000 | ---D | C] -- C:\Program Files\iPhone Configuration Utility
[2009/09/26 14:34:38 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/09/26 14:34:33 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/10/08 11:42:14 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/10/07 16:55:53 | 00,000,000 | ---D | C] -- C:\Program Files\Pure Motion
[2009/09/26 14:31:29 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2009/10/07 16:54:33 | 00,000,000 | ---D | C] -- C:\Program Files\Sonic Foundry
[2009/10/08 13:46:46 | 00,520,704 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hisham\Desktop\OTL.exe
[2009/10/08 13:06:47 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Hisham\Desktop\erunt_setup.exe
[2009/10/08 12:00:04 | 00,271,872 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hisham\Desktop\TFC.exe
[2009/10/08 11:42:38 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2009/10/04 00:04:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hisham\Desktop\bullets4japanese
[2009/10/03 16:14:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hisham\Desktop\KouzanMouhituFont
[2009/10/03 13:25:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hisham\Desktop\ftlx041e
[2009/10/03 13:07:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Hisham\Desktop\SS_kanji
[2009/09/26 14:30:51 | 00,000,000 | -HSD | C] -- C:\Config.Msi

========== Files - Modified Within 14 Days ==========

[2009/10/08 13:46:48 | 00,520,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hisham\Desktop\OTL.exe
[2009/10/08 13:43:21 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\settings.dat
[2009/10/08 13:31:10 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/08 13:31:04 | 00,000,440 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/10/08 13:29:42 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/08 13:29:21 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/08 13:29:09 | 10,634,07616 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/08 13:12:35 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/08 13:07:50 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\NTREGOPT.lnk
[2009/10/08 13:07:50 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\ERUNT.lnk
[2009/10/08 13:06:55 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Hisham\Desktop\erunt_setup.exe
[2009/10/08 12:00:04 | 00,271,872 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hisham\Desktop\TFC.exe
[2009/10/08 10:40:50 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FB68D0D8-C588-4463-A4DE-EBCF705366E9}.job
[2009/10/07 20:39:43 | 06,174,044 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\Sound clip 08g.wav
[2009/10/07 20:33:06 | 07,056,044 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\Sound clip 08.wav
[2009/10/07 20:29:46 | 07,056,044 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\Sound clip 080.wav
[2009/10/07 19:52:25 | 04,855,712 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\_Navi_-_Heart_Damage_(OFFICIAL_INSTRUMENTAL).mp3
[2009/10/07 19:42:15 | 05,672,480 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\_Girl's_Generation_instrumental_karaoke.mp3
[2009/10/07 18:42:28 | 04,981,280 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\_[MV]_After_School_-_AH!_(Instrumental)_(English_Subbed).mp3
[2009/10/07 17:38:30 | 00,034,816 | ---- | M] () -- C:\Documents and Settings\Hisham\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/07 17:32:59 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\Audacity.lnk
[2009/10/05 07:20:07 | 00,000,354 | ---- | M] () -- C:\Documents and Settings\Hisham\Application Data\wklnhst.dat
[2009/10/04 21:23:54 | 00,074,800 | ---- | M] () -- C:\Documents and Settings\Hisham\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/04 12:31:15 | 00,233,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/03 19:12:04 | 08,272,028 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\msgothic.ttc
[2009/10/03 15:48:49 | 00,162,850 | ---- | M] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/10/03 15:48:49 | 00,162,850 | ---- | M] () -- C:\WINDOWS\System32\c_10001.nls
[2009/10/03 13:52:42 | 00,076,192 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\ANGSAZ.TTF
[2009/10/03 13:39:43 | 00,066,082 | ---- | M] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009/10/03 13:39:43 | 00,066,082 | ---- | M] () -- C:\WINDOWS\System32\c_10021.nls
[2009/10/03 13:24:31 | 00,003,802 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\ftlx041e.zip
[2009/10/03 13:23:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/03 13:07:10 | 01,642,709 | ---- | M] () -- C:\Documents and Settings\Hisham\Desktop\SS_kanji.zip
[2009/10/03 00:27:44 | 00,003,881 | ---- | M] () -- C:\WINDOWS\aiptbl.ini
[2009/10/02 18:30:00 | 00,000,356 | ---- | M] () -- C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (DELL-USER-Belgasem).job
[2009/09/26 14:36:02 | 00,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/09/26 14:31:48 | 00,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk

========== Files - No Company Name ==========
[2009/10/08 13:43:21 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\settings.dat
[2009/10/08 13:12:35 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/08 13:07:50 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\NTREGOPT.lnk
[2009/10/08 13:07:50 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\ERUNT.lnk
[2009/10/07 20:39:17 | 06,174,044 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\Sound clip 08g.wav
[2009/10/07 20:29:18 | 07,056,044 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\Sound clip 080.wav
[2009/10/07 20:23:18 | 07,056,044 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\Sound clip 08.wav
[2009/10/07 19:52:25 | 04,855,712 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\_Navi_-_Heart_Damage_(OFFICIAL_INSTRUMENTAL).mp3
[2009/10/07 19:42:15 | 05,672,480 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\_Girl's_Generation_instrumental_karaoke.mp3
[2009/10/07 18:42:28 | 04,981,280 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\_[MV]_After_School_-_AH!_(Instrumental)_(English_Subbed).mp3
[2009/10/07 17:32:59 | 00,000,630 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\Audacity.lnk
[2009/10/03 19:12:03 | 08,272,028 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\msgothic.ttc
[2009/10/03 15:53:04 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2009/10/03 15:53:04 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/10/03 15:53:04 | 00,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2009/10/03 15:53:04 | 00,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2009/10/03 15:52:58 | 00,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2009/10/03 15:52:58 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/10/03 15:52:58 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls
[2009/10/03 15:52:58 | 00,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2009/10/03 15:52:58 | 00,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2009/10/03 15:52:58 | 00,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2009/10/03 15:52:58 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/10/03 15:52:58 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls
[2009/10/03 15:52:58 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2009/10/03 15:52:58 | 00,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2009/10/03 15:52:58 | 00,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2009/10/03 15:52:58 | 00,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2009/10/03 15:52:58 | 00,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2009/10/03 15:52:58 | 00,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2009/10/03 15:52:58 | 00,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2009/10/03 15:52:58 | 00,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2009/10/03 15:52:58 | 00,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2009/10/03 15:52:58 | 00,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2009/10/03 15:52:58 | 00,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2009/10/03 15:52:57 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/10/03 15:52:57 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls
[2009/10/03 15:52:57 | 00,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP
[2009/10/03 15:52:57 | 00,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP
[2009/10/03 15:52:55 | 01,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2009/10/03 15:52:55 | 01,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2009/10/03 15:52:55 | 01,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2009/10/03 15:52:55 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls
[2009/10/03 15:52:55 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls
[2009/10/03 15:52:55 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/10/03 15:52:55 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/10/03 15:52:54 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/10/03 15:52:54 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls
[2009/10/03 15:52:53 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/10/03 15:52:53 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/10/03 15:52:42 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/10/03 15:52:42 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls
[2009/10/03 15:52:42 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/10/03 15:52:42 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls
[2009/10/03 15:52:41 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls
[2009/10/03 15:52:41 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/10/03 15:52:24 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/10/03 15:52:24 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls
[2009/10/03 15:52:24 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/10/03 15:52:24 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls
[2009/10/03 15:52:24 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/10/03 15:52:24 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls
[2009/10/03 15:52:24 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/10/03 15:52:24 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls
[2009/10/03 15:52:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/10/03 15:52:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/10/03 15:52:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls
[2009/10/03 15:52:24 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls
[2009/10/03 15:48:42 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/10/03 15:48:42 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls
[2009/10/03 13:58:38 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls
[2009/10/03 13:58:38 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/10/03 13:52:41 | 00,076,192 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\ANGSAZ.TTF
[2009/10/03 13:39:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009/10/03 13:39:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10021.nls
[2009/10/03 13:24:30 | 00,003,802 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\ftlx041e.zip
[2009/10/03 13:07:02 | 01,642,709 | ---- | C] () -- C:\Documents and Settings\Hisham\Desktop\SS_kanji.zip
[2009/09/26 14:36:02 | 00,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2009/09/26 14:31:48 | 00,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2009/03/28 17:28:44 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Hisham\Application Data\$_hpcst$.hpc
[2009/01/11 14:19:34 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\N360BUOptions.ini
[2008/04/27 17:04:54 | 00,001,536 | ---- | C] () -- C:\Documents and Settings\Hisham\Application Data\dvd.bmk
[2007/07/24 23:06:38 | 00,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/05/26 23:31:24 | 00,000,354 | ---- | C] () -- C:\Documents and Settings\Hisham\Application Data\wklnhst.dat
[2007/04/20 19:59:32 | 00,000,129 | ---- | C] () -- C:\Documents and Settings\Hisham\Local Settings\Application Data\fusioncache.dat
[2006/09/25 21:34:24 | 00,034,816 | ---- | C] () -- C:\Documents and Settings\Hisham\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/08/25 20:35:35 | 00,074,800 | ---- | C] () -- C:\Documents and Settings\Hisham\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/08/23 23:05:31 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Hisham\Application Data\desktop.ini
[2006/08/23 23:05:30 | 05,699,818 | -H-- | C] () -- C:\Documents and Settings\Hisham\Local Settings\Application Data\IconCache.db
[2004/08/11 17:07:11 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini

========== LOP Check ==========

[2009/09/26 14:34:33 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/04/03 17:14:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/09/26 14:35:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/10 17:25:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007/07/19 15:07:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2008/02/28 20:18:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aliasworlds
[2008/06/15 11:12:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2007/05/31 18:41:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2007/12/29 21:32:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FireGlow
[2008/08/05 16:23:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2009/05/23 11:59:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2008/10/08 17:52:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrovision
[2008/05/31 11:12:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2008/06/12 20:27:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2008/06/12 20:30:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2009/05/23 12:18:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2009/02/01 00:45:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OrbNetworks
[2007/01/27 15:49:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2008/08/04 15:34:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2006/08/22 00:48:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Prism
[2007/12/31 18:36:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2004/08/11 17:25:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2007/03/01 19:52:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SingleClick Systems
[2009/10/08 11:01:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/04/12 17:22:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2007/04/21 22:24:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
[2007/08/06 13:36:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2007/08/06 13:54:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2008/05/31 11:11:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2009/10/05 07:20:07 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Hisham\Application Data
[2007/12/29 14:24:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Alawar
[2009/08/30 00:32:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Any Video Converter
[2009/02/16 22:55:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Audacity
[2007/12/31 17:02:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Chicken Chase
[2009/04/04 18:32:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2006/08/22 00:52:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Corel
[2006/09/02 11:34:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Corel Photo Album
[2007/03/22 18:06:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\COWON
[2008/08/05 20:34:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\FrimaStudio
[2008/05/30 18:12:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Gaijin Ent
[2008/05/31 11:12:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\GameHouse
[2007/12/23 13:41:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\GetRightToGo
[2009/02/05 20:34:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\gtk-2.0
[2008/02/26 20:27:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\iWin
[2008/10/09 16:07:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Macrovision
[2008/01/01 17:53:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Magus
[2008/12/21 18:11:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\MSNInstaller
[2007/07/17 20:25:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\MusicNet
[2008/06/12 20:27:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\NCH Swift Sound
[2008/07/19 17:08:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\NewSoft
[2007/04/29 19:49:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\NJStar
[2007/02/03 21:32:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\PC Suite
[2008/08/04 15:34:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\PlayFirst
[2009/01/22 19:38:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Red Chair Software
[2009/06/17 12:12:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Samsung
[2008/08/12 21:19:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Screaming Bee
[2009/06/29 21:45:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\SmartDraw
[2008/03/21 14:51:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\SpinTop
[2007/12/29 18:43:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Super-Cow
[2008/10/07 21:24:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Template
[2009/04/12 17:20:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\TomTom
[2009/02/07 13:04:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\U3
[2009/03/31 22:06:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Unity
[2007/12/31 17:24:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Zak&Jack
[2008/05/31 11:12:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Hisham\Application Data\Zylom
[2009/10/03 13:23:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/04 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/02 18:30:00 | 00,000,356 | ---- | M] () -- C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (DELL-USER-Belgasem).job
[2009/10/08 13:31:04 | 00,000,440 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2008/08/16 19:34:18 | 00,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job
[2009/10/08 13:29:42 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/10/08 10:40:50 | 00,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FB68D0D8-C588-4463-A4DE-EBCF705366E9}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2006/03/03 00:42:40 | 00,073,728 | ---- | M] () -- C:\pv.exe

< %systemroot%\system32\eventlog.dll >
[2008/04/14 01:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll

< %systemroot%\system32\scecli.dll >
[2008/04/14 01:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\netlogon.dll >

< %systemroot%\system32\cngaudit.dll >

< %systemroot%\system32\sceclt.dll >

< %systemroot%\ntelogon.dll >

< %systemroot%\system32\logevent.dll >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe:SummaryInformation
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEB71B81
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0C1D7085
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

Edited by curlex, 08 October 2009 - 08:38 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP