Here is the log from the OTL Log:
OTL logfile created on: 5/27/2011 2:51:23 PM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\User\Desktop\virus killers
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 55.11% Memory free
4.00 Gb Paging File | 2.50 Gb Available in Paging File | 62.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 114.19 Gb Free Space | 76.61% Space Free | Partition Type: NTFS
Drive D: | 149.01 Gb Total Space | 58.74 Gb Free Space | 39.42% Space Free | Partition Type: NTFS
Drive G: | 233.75 Gb Total Space | 120.17 Gb Free Space | 51.41% Space Free | Partition Type: NTFS
Drive H: | 1863.01 Gb Total Space | 1779.27 Gb Free Space | 95.50% Space Free | Partition Type: NTFS
Computer Name: SILVER | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/05/25 10:39:07 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\virus killers\OTL.exe
PRC - [2011/05/24 23:20:40 | 000,376,352 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2011/05/24 23:20:38 | 001,713,712 | ---- | M] (Soluto) -- C:\Program Files\Soluto\Soluto.exe
PRC - [2011/05/19 07:11:59 | 002,084,848 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
PRC - [2011/05/19 07:11:54 | 001,449,368 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
PRC - [2011/05/11 12:52:52 | 001,660,232 | ---- | M] (Bootstrap Software Development) -- C:\Program Files\Common Files\BSD\AppUpdater\BSDChecker.exe
PRC - [2011/04/19 05:51:07 | 000,107,000 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2011/04/19 05:35:38 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2011/04/15 02:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/03/24 19:47:02 | 000,064,048 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
PRC - [2011/03/24 19:46:02 | 000,043,936 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
PRC - [2011/03/24 04:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2011/03/11 23:22:35 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/30 14:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/11/09 13:08:58 | 000,146,000 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2010/10/28 16:32:48 | 001,352,272 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2009/11/12 04:49:10 | 000,660,664 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/11/12 04:48:30 | 005,106,904 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009/07/10 16:53:52 | 000,372,736 | ---- | M] (Orbiscom Ltd. All rights reserved.) -- C:\Program Files\Virtual Account Numbers\CitiVAN.exe
PRC - [2009/07/10 16:50:36 | 000,145,920 | ---- | M] (Orbiscom Ltd.) -- C:\Windows\System32\OBroker.exe
PRC - [2008/03/18 17:31:20 | 004,742,184 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
PRC - [1997/07/11 01:00:00 | 000,122,880 | ---- | M] () -- C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
========== Modules (SafeList) ==========
MOD - [2011/05/25 10:39:07 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\virus killers\OTL.exe
MOD - [2011/04/12 08:51:56 | 000,276,992 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00088_002\plugin_nt.m32
MOD - [2011/03/14 20:36:16 | 000,166,912 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00088_002\plugin_extra.m32
MOD - [2011/03/14 20:35:18 | 000,089,600 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00088_002\plugin_net.m32
MOD - [2011/03/14 20:35:00 | 000,657,408 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00088_002\plugin_fragments.m32
MOD - [2011/03/14 20:34:32 | 000,120,832 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00088_002\plugin_registry.m32
MOD - [2011/03/14 20:34:16 | 000,136,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00088_002\plugin_base.m32
MOD - [2011/03/14 20:29:50 | 000,232,968 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\BitDefender\BitDefender 2011\Active Virus Control\Midas_00088_002\midas32.dll
MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/05/24 23:20:40 | 000,376,352 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2011/05/19 07:11:59 | 002,084,848 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2011/04/19 05:35:38 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2011/04/15 02:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/03/24 19:46:02 | 000,043,936 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (Updatesrv)
SRV - [2011/03/24 04:24:34 | 000,072,936 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2011/03/11 23:22:35 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011/03/10 19:22:10 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/11/30 07:19:06 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010/11/11 13:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 13:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/10/28 03:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/11/12 04:49:10 | 000,660,664 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/07/13 18:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 18:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/05/27 01:20:46 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43BDCF73-EF30-4BFD-B28E-D966EDF893C5}\MpKsla2e47ad5.sys -- (MpKsla2e47ad5)
DRV - [2011/05/26 04:41:56 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{43BDCF73-EF30-4BFD-B28E-D966EDF893C5}\MpKsl4f8da061.sys -- (MpKsl4f8da061)
DRV - [2011/05/24 23:03:58 | 000,051,144 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Soluto.sys -- (Soluto)
DRV - [2011/04/24 15:14:38 | 000,225,856 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2011/04/12 09:18:53 | 000,307,784 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\trufos.sys -- (Trufos)
DRV - [2011/04/12 07:31:57 | 000,105,152 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - [2011/03/24 15:36:18 | 000,353,096 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\bdfsfltr.sys -- (bdfsfltr)
DRV - [2011/03/24 04:24:30 | 000,126,696 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2011/03/12 01:08:31 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/03/11 23:22:38 | 000,160,288 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2011/03/11 23:22:30 | 000,911,680 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258)
DRV - [2011/03/11 23:22:25 | 000,581,984 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011/03/11 23:22:14 | 000,158,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010/11/29 14:12:20 | 001,066,232 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2010/11/29 14:12:14 | 000,535,824 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2010/11/25 06:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2010/11/20 05:30:17 | 000,296,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010/11/20 05:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 03:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/11/20 03:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/24 22:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 22:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/08/24 10:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/08/24 10:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/08/24 10:30:40 | 000,040,912 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2010/08/24 10:30:40 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2010/08/20 18:41:54 | 000,088,144 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2010/08/20 15:41:58 | 000,072,784 | ---- | M] (BitDefender) [Kernel | System | Running] -- c:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf6.sys -- (Bdfndisf)
DRV - [2010/05/13 16:52:04 | 000,152,528 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (bdfm)
DRV - [2010/04/29 05:58:18 | 000,026,112 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\androidusb.sys -- (HTCAND32)
DRV - [2010/04/29 05:58:18 | 000,026,112 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\androidusb.sys -- (androidusb)
DRV - [2009/12/30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/07/13 16:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 16:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/06/10 14:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/03/19 08:10:54 | 000,310,016 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MRVW24B.sys -- (MRV6X32U) Marvell TOPDOG 802.11n WLAN Driver for Vista x86 (USB8x)
DRV - [2007/04/18 09:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007/04/12 09:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 09:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 09:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 09:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 09:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 09:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 09:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 09:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/12 09:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007/04/12 09:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007/04/10 07:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007/04/10 06:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2007/04/10 05:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2007/04/10 05:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2007/04/10 05:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007/04/10 05:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2007/04/10 05:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007/04/10 05:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007/04/10 05:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/04/10 05:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/03/02 05:30:54 | 000,618,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2005/05/06 23:42:26 | 001,339,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2005/05/06 23:40:50 | 000,047,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2005/05/06 23:40:20 | 000,036,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2001/07/26 22:26:08 | 000,024,059 | ---- | M] (CASIO COMPUTER CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CW50.sys -- (CW50)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 64 66 7B B5 78 E0 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..keyword.URL: "http://www.searchqu....ystemid=406&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011/04/12 08:46:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\citius@orbiscom: C:\Program Files\Virtual Account Numbers [2011/04/13 09:50:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2011/04/19 05:52:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\SearchPredict\PRFireFox [2011/04/26 14:41:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox [2011/04/26 14:43:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/25 11:54:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/25 11:54:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/04/29 07:05:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2011\bdtbext\ [2011/04/12 08:46:33 | 000,000,000 | ---D | M]
[2011/05/24 05:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions
[2011/03/11 21:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/05/26 04:54:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3164z29i.default\extensions
[2011/05/16 13:46:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3164z29i.default\extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[2011/05/24 05:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/03/18 10:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/03/18 11:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2011/03/18 11:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
O1 HOSTS File: ([2011/05/26 04:40:12 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Virtual Account Numbers Helper) - {17424104-1444-4810-85D7-B4DA413C5A9A} - C:\Program Files\Virtual Account Numbers\CitiVANHelper.dll (Orbiscom Ltd. All rights reserved.)
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\User\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\Grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - !{472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Bitdefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Virtual Account Numbers) - {7A21A046-B886-4A62-9D69-EF2059B0A27B} - C:\Program Files\Virtual Account Numbers\CitiVANToolbar.dll (Orbiscom Ltd. All rights reserved.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BSDAppUpdater] C:\Program Files\Common Files\BSD\AppUpdater\BSDChecker.exe (Bootstrap Software Development)
O4 - HKLM..\Run: [Citi Virtual Account Numbers] C:\Program Files\Virtual Account Numbers\CitiVAN.exe (Orbiscom Ltd. All rights reserved.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [DeskCalc] c:\program files\deskcalc pro\deskcalc.exe (DeskCalc GbR)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: Download All By FlashGet3 - C:\Users\User\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download By FlashGet3 - C:\Users\User\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Password Generator - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html ()
O8 - Extra context menu item: RoboForm TaskBar Icon - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Set Fields - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: Generate - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html ()
O9 - Extra 'Tools' menuitem : Password Generator - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html ()
O9 - Extra Button: TaskBar - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html ()
O9 - Extra 'Tools' menuitem : RoboForm TaskBar Icon - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html ()
O9 - Extra Button: Set Fields - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html ()
O9 - Extra 'Tools' menuitem : Set Fields - {320AF880-6646-11D3-ABEE-C5DBF3571F52} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSetFields.html ()
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.1.1 68.238.64.12
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/09/22 23:11:49 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 14:30:52 | 000,000,000 | R--D | M] - H:\autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *bddel.exe) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/05/26 10:28:52 | 000,000,000 | ---D | C] -- C:\New folder
[2011/05/26 10:23:32 | 000,000,000 | ---D | C] -- C:\MONEY
[2011/05/26 03:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011/05/26 03:08:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\QFX Software
[2011/05/26 03:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2011/05/25 17:40:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/25 17:40:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\temp
[2011/05/25 16:05:04 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/25 16:05:04 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/25 16:05:04 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/25 16:00:17 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/25 15:43:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/25 15:42:47 | 004,293,906 | R--- | C] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe
[2011/05/25 15:20:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/25 12:17:33 | 000,051,144 | ---- | C] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2011/05/25 12:16:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
[2011/05/25 12:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2011/05/25 12:11:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
[2011/05/25 11:54:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2011/05/25 11:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[2011/05/25 10:43:08 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\temp
[2011/05/24 12:14:36 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Xilisoft
[2011/05/24 12:14:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Xilisoft
[2011/05/24 12:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2011/05/24 12:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Xilisoft
[2011/05/24 12:13:24 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2011/05/24 12:07:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\BSD
[2011/05/24 12:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaWidget
[2011/05/24 12:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\BSD
[2011/05/24 12:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BSD
[2011/05/24 12:06:48 | 002,219,008 | ---- | C] (Bootstrap Development, LLC.) -- C:\Windows\bsdsetup.dll
[2011/05/24 12:06:45 | 000,000,000 | ---D | C] -- C:\Program Files\Media Widget
[2011/05/24 10:01:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ParetoLogic
[2011/05/24 10:01:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\DriverCure
[2011/05/24 10:01:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
[2011/05/24 10:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic
[2011/05/24 10:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2011/05/24 10:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic
[2011/05/24 09:13:33 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\avz
[2011/05/24 09:07:43 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\virus killers
[2011/05/24 06:18:47 | 000,000,000 | ---D | C] -- C:\Program Files\Say the Time
[2011/05/23 13:57:59 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\My Downloads
[2011/05/23 07:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/05/22 14:48:12 | 000,000,000 | R--D | C] -- C:\Sandbox
[2011/05/22 10:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2011/05/22 10:07:58 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2011/05/21 23:55:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\licenses
[2011/05/21 23:55:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\PCMM2009
[2011/05/21 23:54:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\PCMM2011
[2011/05/21 23:30:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FileCure
[2011/05/19 02:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/05/19 02:13:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Malwarebytes
[2011/05/19 02:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/19 02:13:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/19 02:13:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/19 02:13:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/19 02:13:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/18 10:24:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TeamViewer
[2011/05/18 10:23:20 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2011/05/16 14:57:35 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\iphone 2 & 3
[2011/05/16 14:05:41 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\grn pois0n
[2011/05/16 13:09:52 | 000,440,072 | ---- | C] (InstallCore ©) -- C:\Users\User\Desktop\WhiteSmokeInstaller_9128.exe.dap
[2011/05/14 08:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Config
[2011/05/14 08:11:14 | 004,199,784 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\System32\cdintf400.dll
[2011/05/14 08:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2010
[2011/05/14 07:36:39 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Quicken
[2011/05/14 06:52:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Intuit
[2011/05/14 06:51:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Intuit
[2011/05/11 13:12:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MediaGet2
[2011/05/10 10:35:38 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\i-fun-box
[2011/05/10 06:00:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\vlc
[2011/05/08 06:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Palo Alto Software
[2011/05/08 06:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intuit
[2011/05/08 06:09:10 | 000,000,000 | ---D | C] -- C:\Program Files\Quicken
[2011/05/07 18:57:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2011/05/07 18:57:11 | 000,225,856 | ---- | C] (QFX Software Corporation) -- C:\Windows\System32\drivers\keyscrambler.sys
[2011/05/07 18:57:08 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler
[2011/05/05 17:14:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Uniblue
[2011/05/05 17:14:04 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/05/04 13:07:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Binreader
[2011/05/04 10:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Partition Master 8.0.1 Home Edition
[2011/05/04 10:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\EASEUS
[2011/05/01 06:36:01 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/05/01 06:30:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TechSmith
[2011/04/30 19:04:26 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\ImTOO
[2011/04/30 19:04:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ImTOO
[2011/04/30 19:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImTOO
[2011/04/30 18:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ImTOO
[2011/04/30 18:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\ImTOO
[2011/04/30 08:59:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snagit 10
[2011/04/28 16:13:18 | 000,000,000 | ---D | C] -- C:\Windows\MSAgent
[2011/04/28 16:08:54 | 000,000,000 | ---D | C] -- C:\hotfix
[2011/04/28 10:35:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/04/28 10:32:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/04/28 10:26:01 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2007/04/09 13:32:58 | 000,034,816 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[2007/04/09 13:19:16 | 000,010,240 | ---- | C] ( ) -- C:\Windows\System32\killapps.exe
========== Files - Modified Within 30 Days ==========
[2011/05/27 12:53:09 | 000,023,040 | ---- | M] () -- C:\Windows\System32\bddel.exe
[2011/05/27 12:53:06 | 000,017,778 | ---- | M] () -- C:\Windows\System32\bddel.dat
[2011/05/27 12:17:19 | 001,481,059 | ---- | M] () -- C:\Users\User\Documents\GLIbrochure.pdf
[2011/05/27 12:16:40 | 000,067,561 | ---- | M] () -- C:\Users\User\Documents\specialneeds.pdf
[2011/05/27 11:29:46 | 000,000,006 | ---- | M] () -- C:\Users\User\Documents\ver.new
[2011/05/27 10:27:52 | 000,004,336 | ---- | M] () -- C:\Windows\System32\.rsp
[2011/05/27 10:27:52 | 000,001,479 | ---- | M] () -- C:\Windows\System32\.lck
[2011/05/27 01:27:54 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/27 01:27:54 | 000,013,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/27 01:25:00 | 000,627,632 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/27 01:25:00 | 000,107,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/27 01:20:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/27 01:20:22 | 1609,166,848 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/27 01:19:24 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000004-00000000-00000001-00001102-00000004-20061102}.rfx
[2011/05/27 01:19:24 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXState-{00000004-00000000-00000001-00001102-00000004-20061102}.rfx
[2011/05/27 01:19:24 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXCtrlState-{00000004-00000000-00000001-00001102-00000004-20061102}.rfx
[2011/05/27 01:19:24 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXBkpCtrlState-{00000004-00000000-00000001-00001102-00000004-20061102}.rfx
[2011/05/27 01:19:24 | 000,011,564 | ---- | M] () -- C:\Windows\System32\DVCState-{00000004-00000000-00000001-00001102-00000004-20061102}.rfx
[2011/05/26 11:07:27 | 000,000,764 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/05/26 05:53:02 | 000,001,157 | ---- | M] () -- C:\Users\User\Desktop\BillMeLater.qif
[2011/05/26 05:40:13 | 000,146,518 | ---- | M] () -- C:\Users\User\Desktop\xl2qif.zip
[2011/05/26 04:40:12 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/05/26 03:40:21 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini
[2011/05/25 16:01:07 | 004,293,906 | R--- | M] (Swearware) -- C:\Users\User\Desktop\ComboFix.exe
[2011/05/25 13:48:30 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2011/05/25 13:48:30 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor.job
[2011/05/25 13:46:01 | 000,000,578 | ---- | M] () -- C:\Users\User\Documents\Say the Time Notes.xml
[2011/05/25 13:46:01 | 000,000,053 | ---- | M] () -- C:\Users\User\Documents\Say the Time Reminders.xml
[2011/05/25 12:25:13 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/05/25 10:32:21 | 000,938,568 | ---- | M] () -- C:\Users\User\Desktop\west view.jpg
[2011/05/24 23:03:58 | 000,051,144 | ---- | M] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2011/05/24 12:14:14 | 000,002,141 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft iPhone Transfer.lnk
[2011/05/24 12:14:14 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\Xilisoft iPhone Transfer.lnk
[2011/05/24 12:06:58 | 000,000,952 | ---- | M] () -- C:\Users\User\Desktop\MediaWidget.lnk
[2011/05/24 10:08:28 | 000,000,000 | -H-- | M] () -- C:\Users\User\Documents\Default.rdp
[2011/05/24 10:01:36 | 000,001,071 | ---- | M] () -- C:\Users\User\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/05/23 22:17:45 | 338,056,096 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/23 06:40:37 | 000,017,480 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/05/23 06:13:00 | 000,001,494 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2011/05/22 14:40:42 | 000,185,569 | ---- | M] () -- C:\Users\User\Desktop\statement_20110516.pdf
[2011/05/22 10:07:59 | 000,001,053 | ---- | M] () -- C:\Users\User\Desktop\Sandboxed Web Browser.lnk
[2011/05/22 10:07:59 | 000,001,053 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/22 06:18:50 | 000,000,442 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2011/05/22 06:18:50 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2011/05/20 08:11:50 | 001,359,906 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/05/19 18:12:19 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/05/19 02:32:42 | 000,513,032 | ---- | M] () -- C:\Users\User\Desktop\sdasetup.exe
[2011/05/19 02:13:34 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/18 10:23:50 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011/05/16 13:09:55 | 000,440,072 | ---- | M] (InstallCore ©) -- C:\Users\User\Desktop\WhiteSmokeInstaller_9128.exe.dap
[2011/05/16 10:36:48 | 000,010,385 | ---- | M] () -- C:\Users\User\Desktop\gettin hackuous.png
[2011/05/14 08:11:10 | 000,001,788 | ---- | M] () -- C:\Users\Public\Desktop\Quicken Deluxe 2010.lnk
[2011/05/14 08:10:52 | 000,000,165 | ---- | M] () -- C:\Windows\QUICKEN.INI
[2011/05/11 12:53:00 | 002,219,008 | ---- | M] (Bootstrap Development, LLC.) -- C:\Windows\bsdsetup.dll
[2011/05/11 06:40:17 | 001,893,498 | ---- | M] () -- C:\Users\User\Documents\http___www.worldstart.com_ebook_sample__email=ew_johnson@yahoo.pdf
[2011/05/09 11:12:54 | 000,000,109 | ---- | M] () -- C:\Users\User\Desktop\ws-ultimate-freeware.pdf
[2011/05/09 06:54:55 | 004,200,608 | ---- | M] () -- C:\Users\User\Desktop\ws_ultimate_electronics_buyers_guide.pdf
[2011/05/09 06:53:48 | 000,168,104 | ---- | M] () -- C:\Users\User\Desktop\worldstart_ultimate_shortcut_list.pdf
[2011/05/08 06:22:14 | 000,000,064 | ---- | M] () -- C:\Windows\qwimp.ini
[2011/05/07 16:50:11 | 001,194,678 | ---- | M] () -- C:\Users\User\Desktop\bmp.bmp
[2011/05/05 08:26:18 | 000,001,871 | ---- | M] () -- C:\Users\User\Desktop\DeskCalc.lnk
[2011/05/04 10:25:52 | 000,001,416 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\EASEUS Partition Master 8.0.1 Home Edition.lnk
[2011/04/30 19:01:00 | 000,002,110 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\ImTOO iPhone Transfer.lnk
[2011/04/30 19:01:00 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\ImTOO iPhone Transfer.lnk
[2011/04/30 08:59:55 | 000,002,060 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Snagit 10.lnk
[2011/04/30 08:59:55 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\Snagit 10.lnk
[2011/04/28 14:08:07 | 000,001,258 | ---- | M] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011/04/28 11:05:26 | 000,289,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2011/05/27 12:17:12 | 001,481,059 | ---- | C] () -- C:\Users\User\Documents\GLIbrochure.pdf
[2011/05/27 12:16:40 | 000,067,561 | ---- | C] () -- C:\Users\User\Documents\specialneeds.pdf
[2011/05/27 03:53:17 | 000,023,040 | ---- | C] () -- C:\Windows\System32\bddel.exe
[2011/05/26 10:47:03 | 000,000,764 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/05/26 05:45:26 | 000,001,157 | ---- | C] () -- C:\Users\User\Desktop\BillMeLater.qif
[2011/05/26 05:40:13 | 000,146,518 | ---- | C] () -- C:\Users\User\Desktop\xl2qif.zip
[2011/05/26 04:52:25 | 000,185,569 | ---- | C] () -- C:\Users\User\Desktop\statement_20110516.pdf
[2011/05/26 03:39:55 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2011/05/25 16:05:04 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/25 16:05:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/25 16:05:04 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/25 16:05:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/25 16:05:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/25 13:52:57 | 000,004,336 | ---- | C] () -- C:\Windows\System32\.rsp
[2011/05/25 13:52:57 | 000,001,479 | ---- | C] () -- C:\Windows\System32\.lck
[2011/05/25 13:46:01 | 000,000,578 | ---- | C] () -- C:\Users\User\Documents\Say the Time Notes.xml
[2011/05/25 13:46:01 | 000,000,053 | ---- | C] () -- C:\Users\User\Documents\Say the Time Reminders.xml
[2011/05/25 12:25:13 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/05/25 10:32:07 | 000,938,568 | ---- | C] () -- C:\Users\User\Desktop\west view.jpg
[2011/05/24 12:14:14 | 000,002,141 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft iPhone Transfer.lnk
[2011/05/24 12:14:14 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft iPhone Transfer.lnk
[2011/05/24 12:06:58 | 000,000,952 | ---- | C] () -- C:\Users\User\Desktop\MediaWidget.lnk
[2011/05/24 10:08:28 | 000,000,000 | -H-- | C] () -- C:\Users\User\Documents\Default.rdp
[2011/05/24 10:01:36 | 000,001,071 | ---- | C] () -- C:\Users\User\Desktop\ParetoLogic PC Health Advisor.lnk
[2011/05/24 10:01:34 | 000,000,374 | ---- | C] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2011/05/24 10:01:32 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\PC Health Advisor.job
[2011/05/22 10:11:41 | 000,001,053 | ---- | C] () -- C:\Users\User\Desktop\Sandboxed Web Browser.lnk
[2011/05/22 10:11:41 | 000,001,053 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2011/05/22 10:11:38 | 000,001,494 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011/05/21 23:52:26 | 000,000,442 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2011/05/21 23:30:32 | 000,000,416 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2011/05/21 22:17:59 | 338,056,096 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/05/20 08:11:06 | 001,359,906 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2011/05/19 02:32:44 | 000,513,032 | ---- | C] () -- C:\Users\User\Desktop\sdasetup.exe
[2011/05/19 02:13:34 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/18 10:23:50 | 000,001,136 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011/05/18 10:23:50 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011/05/16 10:33:56 | 000,010,385 | ---- | C] () -- C:\Users\User\Desktop\gettin hackuous.png
[2011/05/14 08:11:10 | 000,001,788 | ---- | C] () -- C:\Users\Public\Desktop\Quicken Deluxe 2010.lnk
[2011/05/11 06:40:17 | 001,893,498 | ---- | C] () -- C:\Users\User\Documents\http___www.worldstart.com_ebook_sample__email=ew_johnson@yahoo.pdf
[2011/05/09 11:12:53 | 000,000,109 | ---- | C] () -- C:\Users\User\Desktop\ws-ultimate-freeware.pdf
[2011/05/09 06:54:29 | 004,200,608 | ---- | C] () -- C:\Users\User\Desktop\ws_ultimate_electronics_buyers_guide.pdf
[2011/05/09 06:53:53 | 000,168,104 | ---- | C] () -- C:\Users\User\Desktop\worldstart_ultimate_shortcut_list.pdf
[2011/05/08 06:22:14 | 000,000,064 | ---- | C] () -- C:\Windows\qwimp.ini
[2011/05/08 06:10:52 | 000,000,165 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/05/04 10:25:52 | 000,001,416 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\EASEUS Partition Master 8.0.1 Home Edition.lnk
[2011/05/04 10:25:51 | 000,018,048 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011/05/04 10:25:50 | 002,340,992 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011/05/04 10:25:50 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011/05/04 10:25:50 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011/05/04 10:25:49 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011/04/30 19:01:00 | 000,002,110 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\ImTOO iPhone Transfer.lnk
[2011/04/30 19:01:00 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\ImTOO iPhone Transfer.lnk
[2011/04/30 08:59:55 | 000,002,591 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snagit 10
[2011/04/30 08:59:55 | 000,002,060 | ---- | C] () -- C:\Users\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Snagit 10.lnk
[2011/04/30 08:59:55 | 000,002,036 | ---- | C] () -- C:\Users\Public\Desktop\Snagit 10.lnk
[2011/04/28 10:27:32 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/04/28 10:25:28 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/04/28 10:25:20 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011/04/28 10:25:04 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011/04/27 19:34:15 | 000,017,778 | ---- | C] () -- C:\Windows\System32\bddel.dat
[2011/04/22 12:29:45 | 000,017,480 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/04/19 06:28:23 | 000,084,480 | ---- | C] () -- C:\Windows\System32\EasyHook32.dll
[2011/04/12 17:29:14 | 000,001,167 | ---- | C] () -- C:\Windows\Deskcalc.INI
[2011/04/12 09:27:39 | 000,000,016 | ---- | C] () -- C:\Windows\System32\asdict.dat
[2011/04/12 06:13:50 | 000,143,570 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011/04/12 05:52:51 | 000,000,598 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2011/04/12 05:52:30 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011/03/11 23:38:12 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011/03/11 21:55:34 | 000,000,957 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/03/11 21:55:34 | 000,000,737 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/03/10 19:04:06 | 000,021,316 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2010/07/08 10:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2009/07/13 21:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:33:53 | 000,289,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 19:05:48 | 000,627,632 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 19:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 19:05:48 | 000,107,898 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 19:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 19:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 19:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 16:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007/04/12 09:10:28 | 000,105,728 | ---- | C] () -- C:\Windows\System32\APOMgrH.dll
[2007/04/09 13:55:14 | 000,097,785 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2007/04/09 13:55:14 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2007/04/09 13:33:50 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CTBurst.dll
[2007/04/09 13:32:32 | 000,037,888 | ---- | C] () -- C:\Windows\System32\psconv.exe
[2007/04/09 13:24:30 | 000,325,821 | ---- | C] () -- C:\Windows\System32\ctdlang.dat
[2007/04/09 13:24:30 | 000,046,273 | ---- | C] () -- C:\Windows\System32\ctdnlstr.dat
[2007/04/09 13:21:44 | 000,048,128 | ---- | C] () -- C:\Windows\System32\regplib.exe
[2007/04/09 13:21:28 | 000,149,838 | ---- | C] () -- C:\Windows\System32\ctbas2w.dat
[2007/04/09 13:19:44 | 000,274,587 | ---- | C] () -- C:\Windows\System32\ctsbas2w.dat
[2007/04/09 13:19:36 | 000,241,084 | ---- | C] () -- C:\Windows\System32\CTSBASW.DAT
[2007/04/09 13:19:36 | 000,115,166 | ---- | C] () -- C:\Windows\System32\CTBASICW.DAT
[2007/04/09 13:19:20 | 000,313,207 | ---- | C] () -- C:\Windows\System32\ctstatic.dat
[2007/04/09 13:19:20 | 000,053,932 | ---- | C] () -- C:\Windows\System32\ctdaught.dat
[2007/04/09 13:19:18 | 000,005,120 | ---- | C] () -- C:\Windows\System32\enlocstr.exe
[2007/01/31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/10/02 10:25:18 | 000,000,307 | ---- | C] () -- C:\Windows\System32\kill.ini
[2005/06/16 11:17:16 | 000,071,680 | ---- | C] () -- C:\Windows\System32\ctmmactl.dll
[1997/07/11 01:00:00 | 000,061,440 | ---- | C] () -- C:\Windows\System32\WRKGADM.EXE
[1997/07/11 01:00:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\ODBCSTF.DLL
[1997/07/11 01:00:00 | 000,036,864 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997/07/11 01:00:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
========== LOP Check ==========
[2011/03/27 20:49:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Acronis
[2011/05/04 13:13:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Binreader
[2011/04/12 08:46:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BitDefender
[2011/05/11 15:44:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BITS
[2011/05/24 12:07:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BSD
[2011/03/12 01:09:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2011/05/24 10:01:48 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DriverCure
[2011/04/12 05:52:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FlashGet
[2011/04/12 05:52:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FlashGetBHO
[2011/03/12 01:05:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ImgBurn
[2011/04/30 19:04:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ImTOO
[2011/03/12 00:41:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2011/05/22 00:03:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\licenses
[2011/05/24 10:01:48 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ParetoLogic
[2011/05/22 00:00:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PCMM2009
[2011/05/21 23:54:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PCMM2011
[2011/05/26 03:08:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\QFX Software
[2011/04/12 06:14:40 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\QuickScan
[2011/03/12 00:47:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\RoboForm
[2011/05/18 11:10:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TeamViewer
[2011/05/01 06:30:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TechSmith
[2011/04/14 07:03:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Teleca
[2011/03/11 21:59:48 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Thunderbird
[2011/05/05 17:14:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Uniblue
[2011/05/24 12:14:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Xilisoft
[2011/05/22 06:18:50 | 000,000,442 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2011/05/22 06:18:50 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2011/05/25 13:48:30 | 000,000,374 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor Defrag.job
[2011/05/25 13:48:30 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor.job
[2009/07/13 21:53:46 | 000,026,372 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:553CA6CA
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 10 bytes -> C:\Users\User\Documents\USMoneyDlxSunset.exe:BDU
@Alternate Data Stream - 10 bytes -> C:\Users\User\Desktop\sdasetup.exe:BDU
< End of report >