Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

problem problem


  • Please log in to reply

#1
mikker39

mikker39

    New Member

  • Member
  • Pip
  • 3 posts
I did what i found from the forum, about the windows recovery. Malwarebytes' Anti-Malware found some errors what i was able to delete. but now would like to know that, is the pc ok and clean from all kind of stuff, or i still need to do anything else? There's still the problem that some of the folders are hidden in my pc. so i'm doubting that is my pc clean or nor.

anyways here is the log. thank you if anyone has time to look at it.






OTL logfile created on: 21.05.2011 22:47:14 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rashel\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000425 | Country: Estonia | Language: ETI | Date Format: d.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 41,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 45,12 Gb Total Space | 8,08 Gb Free Space | 17,90% Space Free | Partition Type: NTFS
Drive D: | 162,31 Gb Total Space | 50,80 Gb Free Space | 31,30% Space Free | Partition Type: NTFS
Drive F: | 90,62 Gb Total Space | 22,75 Gb Free Space | 25,10% Space Free | Partition Type: NTFS

Computer Name: MDMA | User Name: Rashel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.05.21 21:23:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rashel\Desktop\OTL.exe
PRC - [2011.05.20 15:44:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.05.14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.26 14:10:22 | 000,136,840 | -H-- | M] () -- C:\Program Files (x86)\Mobile Broadband\UIExec.exe
PRC - [2010.03.26 14:04:02 | 000,251,016 | -H-- | M] () -- C:\Program Files (x86)\Mobile Broadband\AssistantServices.exe
PRC - [2010.02.22 16:50:16 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2009.01.08 15:44:06 | 000,070,936 | -H-- | M] (Octoshape ApS) -- C:\Users\Rashel\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
PRC - [2006.03.01 03:10:18 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\Windows\SysWOW64\Crypserv.exe


========== Modules (SafeList) ==========

MOD - [2011.05.21 21:23:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rashel\Desktop\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.05.18 11:21:52 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.02.22 16:52:54 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010.02.22 16:50:16 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.01.22 09:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.17 10:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008.05.08 01:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\SysNative\Crypserv.exe -- (Crypkey License)
SRV - [2010.07.29 20:20:55 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.26 14:04:02 | 000,251,016 | -H-- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband\AssistantServices.exe -- (UI Assistant Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.03.01 03:10:18 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\SysWow64\Crypserv.exe -- (Crypkey License)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.07.25 19:05:47 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.06.23 10:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.04.19 19:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.02.22 16:51:44 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010.02.22 16:51:40 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010.02.22 16:51:36 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010.02.22 16:50:12 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.02.22 16:47:40 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.01.22 09:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010.01.22 09:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.01.22 08:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.12.21 20:39:26 | 000,019,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2009.12.21 20:39:24 | 000,013,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2009.10.29 18:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2009.10.29 18:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2009.10.29 18:28:24 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2009.10.29 18:28:24 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.30 09:34:32 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.18 00:50:00 | 000,199,296 | ---- | M] (Roland Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rdwm1079.sys -- (RDID1079)
DRV:64bit: - [2009.08.24 12:20:22 | 000,285,744 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.17 10:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009.07.17 10:06:16 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2006.01.10 04:47:27 | 000,031,846 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\ckldrv.sys -- (NetworkX)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neti.ee/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 1D 6E 0C B4 CC CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.neti.ee"
FF - prefs.js..extensions.enabledItems: [email protected]:3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.20 15:44:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.20 15:44:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.04.15 22:53:10 | 000,000,000 | ---D | M]

[2010.03.28 01:54:05 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Rashel\AppData\Roaming\Mozilla\Extensions
[2011.05.20 15:27:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Rashel\AppData\Roaming\Mozilla\Firefox\Profiles\rj7nha7s.default\extensions
[2011.02.12 17:23:58 | 000,000,000 | -H-D | M] (Fast Dial) -- C:\Users\Rashel\AppData\Roaming\Mozilla\Firefox\Profiles\rj7nha7s.default\extensions\[email protected]
[2010.11.17 19:27:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.11.17 19:27:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.21 10:41:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
[2011.05.20 15:44:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.05.20 15:44:05 | 000,001,159 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eki-ee.xml
[2011.05.20 15:44:05 | 000,001,960 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\neti-ee.xml
[2011.05.20 15:44:05 | 000,000,904 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\osta-ee.xml
[2011.05.20 15:44:05 | 000,001,174 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-et.xml

O1 HOSTS File: ([2010.07.29 20:46:40 | 000,001,364 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UIExec] C:\Program Files (x86)\Mobile Broadband\UIExec.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\Rashel\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O4 - Startup: C:\Users\Rashel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: danskebank.dk ([english] https in Trusted sites)
O15 - HKCU\..Trusted Domains: danskebank.dk ([www] https in Trusted sites)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.euro....r/SysProExe.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.su...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.18 11:43:02 | 000,000,000 | ---D | M] - D:\autocad -- [ NTFS ]
O33 - MountPoints2\{028881a2-980f-11df-af3e-b8ac6f5d6b39}\Shell - "" = AutoRun
O33 - MountPoints2\{028881a2-980f-11df-af3e-b8ac6f5d6b39}\Shell\AutoRun\command - "" = G:\Installer.exe
O33 - MountPoints2\{4ffadff0-56a8-11df-bf85-b8ac6f5d6b39}\Shell - "" = AutoRun
O33 - MountPoints2\{4ffadff0-56a8-11df-bf85-b8ac6f5d6b39}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c5871d2d-3f3f-11df-be85-a4f3b7cfd288}\Shell - "" = AutoRun
O33 - MountPoints2\{c5871d2d-3f3f-11df-be85-a4f3b7cfd288}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{def52ae9-38a6-11df-8beb-b8ac6f53c264}\Shell - "" = AutoRun
O33 - MountPoints2\{def52ae9-38a6-11df-8beb-b8ac6f53c264}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{def52afd-38a6-11df-8beb-b8ac6f53c264}\Shell - "" = AutoRun
O33 - MountPoints2\{def52afd-38a6-11df-8beb-b8ac6f53c264}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ec4c9a87-d9d6-11df-9178-f1c42826b39a}\Shell - "" = AutoRun
O33 - MountPoints2\{ec4c9a87-d9d6-11df-9178-f1c42826b39a}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{ec4c9a98-d9d6-11df-9178-f1c42826b39a}\Shell - "" = AutoRun
O33 - MountPoints2\{ec4c9a98-d9d6-11df-9178-f1c42826b39a}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{ec4c9ab1-d9d6-11df-9178-f1c42826b39a}\Shell - "" = AutoRun
O33 - MountPoints2\{ec4c9ab1-d9d6-11df-9178-f1c42826b39a}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.05.21 21:23:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rashel\Desktop\OTL.exe
[2011.05.21 16:06:32 | 000,000,000 | ---D | C] -- C:\Users\Rashel\AppData\Roaming\Malwarebytes
[2011.05.21 16:06:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.21 16:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.21 16:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.21 16:06:24 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.21 16:06:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.21 03:47:02 | 000,000,000 | ---D | C] -- C:\Users\Rashel\Desktop\parandus
[2011.05.21 02:59:14 | 000,000,000 | -H-D | C] -- C:\Users\Rashel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011.05.18 12:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2011.05.18 12:04:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2011.05.18 12:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2011.05.18 12:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2011.05.18 11:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011.05.18 11:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2011.05.18 11:20:01 | 000,000,000 | ---D | C] -- C:\Users\Rashel\AppData\Local\Autodesk
[2011.05.18 11:10:39 | 000,000,000 | -H-D | C] -- C:\Users\Rashel\AppData\Roaming\Autodesk
[2011.05.18 11:10:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Autodesk
[2011.05.15 03:22:06 | 000,000,000 | ---D | C] -- C:\Users\Rashel\Desktop\xx4
[2011.05.08 21:02:49 | 000,000,000 | ---D | C] -- C:\Users\Rashel\Desktop\acid rain
[2011.05.05 18:23:20 | 000,000,000 | ---D | C] -- C:\Users\Rashel\Desktop\New folder
[2011.04.30 01:28:11 | 000,000,000 | R--D | C] -- C:\Users\Rashel\Desktop\Untitled Project
[2011.04.23 17:20:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yuna Software
[1 C:\Users\Rashel\AppData\Local\*.tmp files -> C:\Users\Rashel\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.05.21 22:16:09 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.21 21:23:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rashel\Desktop\OTL.exe
[2011.05.21 20:16:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.21 16:24:25 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.21 16:24:25 | 000,014,416 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.21 16:17:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.21 16:17:06 | 3168,165,888 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.21 16:06:27 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.21 15:49:57 | 002,669,936 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.21 15:49:57 | 002,071,804 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.21 15:49:57 | 000,005,160 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.21 02:59:19 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~40034040r
[2011.05.21 02:59:19 | 000,000,120 | -H-- | M] () -- C:\ProgramData\~40034040
[2011.05.21 02:59:09 | 000,000,336 | -H-- | M] () -- C:\ProgramData\40034040
[2011.05.21 01:10:24 | 005,948,465 | ---- | M] () -- C:\Users\Rashel\Desktop\855_11.mp3
[2011.05.20 21:44:42 | 000,650,832 | ---- | M] () -- C:\Users\Rashel\Desktop\855_10.mp3
[2011.05.20 16:03:27 | 000,074,869 | ---- | M] () -- C:\Users\Rashel\Desktop\kviitung.pdf
[2011.05.20 15:44:29 | 000,002,065 | -H-- | M] () -- C:\Users\Rashel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011.05.19 20:43:50 | 013,861,421 | ---- | M] () -- C:\Users\Rashel\Desktop\Wet (David Guetta Extended Mix).mp3
[2011.05.18 12:39:29 | 002,326,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.05.16 13:21:05 | 000,156,477 | ---- | M] () -- C:\Users\Rashel\Desktop\76512.dwg
[2011.05.15 20:36:29 | 000,042,842 | -HS- | M] () -- C:\Users\Rashel\Desktop\Folder.jpg
[2011.05.15 20:36:29 | 000,009,024 | -HS- | M] () -- C:\Users\Rashel\Desktop\AlbumArtSmall.jpg
[2011.05.14 08:08:16 | 000,070,915 | ---- | M] () -- C:\Users\Rashel\Desktop\rashel2.jpg
[2011.05.14 07:59:34 | 000,575,836 | ---- | M] () -- C:\Users\Rashel\Desktop\rashel1.jpg
[2011.05.14 07:53:50 | 001,196,514 | ---- | M] () -- C:\Users\Rashel\Desktop\rashel.jpg
[2011.05.14 04:11:28 | 005,017,864 | ---- | M] () -- C:\Users\Rashel\Desktop\IMG_8905.JPG
[2011.05.14 00:04:57 | 009,077,336 | ---- | M] () -- C:\Users\Rashel\Desktop\08 Chris Brown Feat Benny Benassi - Beautiful People.mp3
[2011.05.09 21:56:43 | 004,827,498 | ---- | M] () -- C:\Users\Rashel\Desktop\863_11.mp3
[2011.05.08 20:52:03 | 010,485,446 | ---- | M] () -- C:\Users\Rashel\Desktop\acid rain.rar
[2011.05.08 01:08:35 | 000,000,000 | ---- | M] () -- C:\Users\Rashel\AppData\Local\{58F1958C-30FE-46C9-9256-39899C550D81}
[2011.05.03 19:25:25 | 000,726,228 | ---- | M] () -- C:\Users\Rashel\Desktop\kassaaruanne cop tiim.jpg
[2011.05.01 14:21:05 | 002,983,043 | ---- | M] () -- C:\Users\Rashel\Desktop\881_5helen1.mp3
[2011.05.01 05:10:20 | 002,924,111 | ---- | M] () -- C:\Users\Rashel\Desktop\881_5.mp3
[2011.04.23 22:26:10 | 001,172,855 | ---- | M] () -- C:\Users\Rashel\Desktop\IMG_8266.JPG
[2011.04.23 22:25:01 | 000,936,842 | ---- | M] () -- C:\Users\Rashel\Desktop\IMG_8226a.jpg
[2011.04.22 14:39:48 | 003,418,919 | ---- | M] () -- C:\Users\Rashel\Desktop\IMG_8226.JPG
[2011.04.22 13:13:16 | 003,742,154 | ---- | M] () -- C:\Users\Rashel\Desktop\IMG_8168.JPG
[2011.04.22 13:13:12 | 003,630,902 | ---- | M] () -- C:\Users\Rashel\Desktop\IMG_8164.JPG
[1 C:\Users\Rashel\AppData\Local\*.tmp files -> C:\Users\Rashel\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.05.21 16:06:27 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.21 02:59:19 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~40034040r
[2011.05.21 02:59:19 | 000,000,120 | -H-- | C] () -- C:\ProgramData\~40034040
[2011.05.21 02:59:09 | 000,000,336 | -H-- | C] () -- C:\ProgramData\40034040
[2011.05.21 01:07:34 | 005,948,465 | ---- | C] () -- C:\Users\Rashel\Desktop\855_11.mp3
[2011.05.20 21:44:23 | 000,650,832 | ---- | C] () -- C:\Users\Rashel\Desktop\855_10.mp3
[2011.05.20 16:03:26 | 000,074,869 | ---- | C] () -- C:\Users\Rashel\Desktop\kviitung.pdf
[2011.05.19 20:29:54 | 013,861,421 | ---- | C] () -- C:\Users\Rashel\Desktop\Wet (David Guetta Extended Mix).mp3
[2011.05.16 13:21:04 | 000,156,477 | ---- | C] () -- C:\Users\Rashel\Desktop\76512.dwg
[2011.05.14 08:08:46 | 000,070,915 | ---- | C] () -- C:\Users\Rashel\Desktop\rashel2.jpg
[2011.05.14 07:57:19 | 000,575,836 | ---- | C] () -- C:\Users\Rashel\Desktop\rashel1.jpg
[2011.05.14 07:53:49 | 001,196,514 | ---- | C] () -- C:\Users\Rashel\Desktop\rashel.jpg
[2011.05.14 07:42:13 | 005,017,864 | ---- | C] () -- C:\Users\Rashel\Desktop\IMG_8905.JPG
[2011.05.13 17:25:24 | 009,077,336 | ---- | C] () -- C:\Users\Rashel\Desktop\08 Chris Brown Feat Benny Benassi - Beautiful People.mp3
[2011.05.09 21:54:53 | 004,827,498 | ---- | C] () -- C:\Users\Rashel\Desktop\863_11.mp3
[2011.05.08 20:46:56 | 010,485,446 | ---- | C] () -- C:\Users\Rashel\Desktop\acid rain.rar
[2011.05.08 01:08:35 | 000,000,000 | ---- | C] () -- C:\Users\Rashel\AppData\Local\{58F1958C-30FE-46C9-9256-39899C550D81}
[2011.05.03 19:25:31 | 000,726,228 | ---- | C] () -- C:\Users\Rashel\Desktop\kassaaruanne cop tiim.jpg
[2011.05.01 14:20:25 | 002,983,043 | ---- | C] () -- C:\Users\Rashel\Desktop\881_5helen1.mp3
[2011.05.01 05:09:40 | 002,924,111 | ---- | C] () -- C:\Users\Rashel\Desktop\881_5.mp3
[2011.04.23 22:24:59 | 000,936,842 | ---- | C] () -- C:\Users\Rashel\Desktop\IMG_8226a.jpg
[2011.04.23 22:15:30 | 003,630,902 | ---- | C] () -- C:\Users\Rashel\Desktop\IMG_8164.JPG
[2011.04.23 22:14:29 | 003,742,154 | ---- | C] () -- C:\Users\Rashel\Desktop\IMG_8168.JPG
[2011.04.23 22:12:13 | 003,418,919 | ---- | C] () -- C:\Users\Rashel\Desktop\IMG_8226.JPG
[2011.04.23 22:10:19 | 001,172,855 | ---- | C] () -- C:\Users\Rashel\Desktop\IMG_8266.JPG
[2010.12.06 15:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe
[2010.07.22 00:14:51 | 000,000,036 | -H-- | C] () -- C:\Windows\SysWow64\swk.ini
[2010.05.10 23:25:05 | 000,678,746 | ---- | C] () -- C:\Windows\unins000.exe
[2010.05.10 23:25:05 | 000,031,616 | ---- | C] () -- C:\Windows\unins000.dat
[2010.05.01 20:07:05 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.05.01 20:07:05 | 000,000,088 | RHS- | C] () -- C:\ProgramData\B4861E070E.sys
[2010.04.30 23:12:01 | 000,000,104 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2010.04.08 21:17:26 | 000,000,068 | ---- | C] () -- C:\Windows\spwdr.INI
[2010.04.08 20:45:11 | 000,000,145 | ---- | C] () -- C:\Windows\Crypkey.ini
[2010.04.08 20:45:08 | 000,031,846 | ---- | C] () -- C:\Windows\SysWow64\Ckldrv.sys
[2010.04.08 20:45:08 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe
[2010.04.08 20:45:08 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2010.04.08 20:45:08 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
[2010.04.03 19:27:53 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.04.03 17:58:48 | 000,000,111 | -H-- | C] () -- C:\Users\Rashel\AppData\Roaming\burnaware.ini
[2010.04.02 21:00:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.31 23:57:33 | 000,002,756 | -H-- | C] () -- C:\Windows\SysWow64\ssolekuy.dll
[2010.03.31 23:57:33 | 000,002,756 | -H-- | C] () -- C:\Windows\SysWow64\ssoleht.dll
[2010.03.31 23:57:33 | 000,002,756 | -H-- | C] () -- C:\Windows\SysWow64\sslibkh.dll
[2010.03.31 23:57:33 | 000,002,756 | -H-- | C] () -- C:\Windows\SysWow64\sslibjy.dll
[2010.03.31 23:57:33 | 000,002,756 | -H-- | C] () -- C:\Windows\SysWow64\sslibfg.dll
[2010.03.31 23:57:33 | 000,002,756 | -H-- | C] () -- C:\Windows\SysWow64\sslibeh.dll
[2010.03.31 23:57:33 | 000,002,756 | -H-- | C] () -- C:\Windows\SysWow64\slibff.dll
[2010.03.31 23:57:33 | 000,002,756 | -H-- | C] () -- C:\Windows\SysWow64\slibddf.dll
[2010.03.31 18:46:02 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.03.27 11:24:58 | 000,013,576 | ---- | C] () -- C:\Windows\SysWow64\wnaspi32.dll
[2010.03.25 23:17:11 | 000,007,597 | ---- | C] () -- C:\Users\Rashel\AppData\Local\resmon.resmoncfg
[2010.03.25 21:55:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.04.24 10:16:15 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\abgx360
[2011.02.17 20:45:00 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\Ableton
[2010.05.29 14:37:07 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\AMPSoft
[2011.05.18 11:39:27 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\Autodesk
[2010.10.26 20:53:53 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.07.25 19:10:04 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\DAEMON Tools Lite
[2010.04.15 22:53:43 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\ESET
[2010.04.18 16:38:47 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\GlobalSCAPE
[2010.09.09 09:52:12 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\ImgBurn
[2010.07.29 20:47:54 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\No Company Name
[2010.05.25 21:50:03 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\Octoshape
[2010.11.17 19:28:42 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\OpenOffice.org
[2010.10.23 15:09:24 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\Opera
[2011.04.20 21:03:06 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\SynthMaker
[2010.03.28 14:49:25 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\TeamViewer
[2011.05.21 16:34:41 | 000,000,000 | -H-D | M] -- C:\Users\Rashel\AppData\Roaming\uTorrent
[2011.03.17 02:09:04 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:1B8FCD170B6C75A4

< End of report >

Edited by mikker39, 21 May 2011 - 02:54 PM.

  • 0

Advertisements


#2
mikker39

mikker39

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
any help?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP