Ron
The first two command prompts got successful actions shown
The last command had no response shown
The IE6 is still there with the homepage address but no web page loaded. I noticed the last OTL mentioned IE8, I know I had installed IE8 as part of bringing my windows SP1 fresh install up to date. I installed it after I installed SP3. I don't remember if I deleted any IE program that came with the windows installation or not.
OTL logfile created on: 1/28/2013 5:41:27 PM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.44 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 52.62% Memory free
3.29 Gb Paging File | 2.58 Gb Available in Paging File | 78.34% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.50 Gb Total Space | 89.72 Gb Free Space | 84.24% Space Free | Partition Type: NTFS
Drive D: | 5.29 Gb Total Space | 0.96 Gb Free Space | 18.14% Space Free | Partition Type: FAT32
Computer Name: YOUR-XHTR8HVC4P | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/01/23 12:09:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/11/01 14:45:21 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/08/23 22:34:34 | 000,016,384 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
PRC - [2003/08/09 11:27:16 | 000,139,264 | ---- | M] (Alcor Micro, Corp.) -- C:\Program Files\Multimedia Card Reader\shwicon2k.exe
PRC - [2003/06/14 01:53:34 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
PRC - [2003/06/13 06:08:16 | 000,233,472 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2003/05/23 04:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/03/21 19:52:06 | 000,552,960 | ---- | M] (interMute, Inc.) -- C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe
PRC - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
PRC - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
PRC - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
========== Modules (No Company Name) ========== MOD - [2003/08/23 22:34:34 | 000,143,360 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\bwfiles.dll
MOD - [2003/08/23 22:34:34 | 000,094,208 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\FrExt.dll
MOD - [2003/08/23 22:34:34 | 000,053,248 | ---- | M] () -- C:\Program Files\BackWeb\BackWeb Client\6.2.3.66\Program\clntutil.dll
MOD - [2003/08/23 22:34:34 | 000,020,480 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\frext-137903.dll
MOD - [2003/08/23 22:34:34 | 000,020,480 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BWfiles-137903.dll
MOD - [2003/08/23 22:34:34 | 000,016,384 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe
MOD - [2003/08/23 22:34:32 | 000,053,248 | ---- | M] () -- C:\Program Files\Updates from HP\137903\Program\HPClientExt.dll
MOD - [2003/06/17 01:57:56 | 000,163,840 | ---- | M] () -- c:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqUtil.dll
MOD - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () -- C:\Program Files\Softex\OmniPass\omniServ.exe
MOD - [2003/02/21 05:50:12 | 000,040,960 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPGina.dll
MOD - [2003/02/21 05:50:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Softex\OmniPass\OPXPApp.exe
MOD - [2003/02/21 05:49:44 | 000,061,440 | ---- | M] () -- C:\Program Files\Softex\OmniPass\ginastub.dll
MOD - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqCmon.exe
========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/01/16 15:10:51 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/07/11 13:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2003/02/21 06:07:06 | 000,068,704 | ---- | M] () [Auto | Running] -- C:\Program Files\Softex\OmniPass\omniServ.exe -- (omniserv)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (mrtRate)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/18 11:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2008/04/13 22:04:34 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003/08/11 12:22:54 | 000,040,228 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/21 23:18:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/03/31 23:29:42 | 000,625,537 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/03/20 00:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002/12/27 13:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/10/01 09:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001/06/04 16:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://us9.hpwis.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://srch-us9.hpwis.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://srch-us9.hpwis.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://srch-us9.hpwis.com/IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://us9.hpwis.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.finance.com/IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20130104,6902,0,64,0"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://finance.yahoo.com/"FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: extension21804%40extension21804.com:0.87.24
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.netassistant.keyword.url: "
http://syndaneta.net...94&searchterm="FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.10.835: C:\Program Files\Real\RealOne Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1136: C:\Program Files\Real\RealOne Player\Netscape6\nprjplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.847: C:\Program Files\Real\RealOne Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/22 01:09:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013/01/22 01:10:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2013/01/28 13:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions
[2013/01/28 13:24:22 | 000,000,000 | ---D | M] ("Coupon Companion Plugin") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\
[email protected][2013/01/23 12:13:00 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\
[email protected][2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\
[email protected]\chrome
[2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\
[email protected]\defaults
[2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\
[email protected]\locale
[2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\
[email protected]\skin
[2013/01/28 13:24:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\
[email protected]\chrome\content\extensionCode
[2013/01/24 20:51:13 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\nnyvx7il.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/01/22 01:09:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/16 15:11:06 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/01/16 15:10:30 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/12/14 09:57:14 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
[2013/01/16 15:10:30 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\crossrider
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.21.11_0\
CHR - Extension: No name found = C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/01/27 10:36:55 | 000,444,602 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15296 more lines...
O2 - BHO: (Reg Error: Value error.) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O3 - HKCU\..\Toolbar\WebBrowser: (HP View) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe ()
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE (Novell, Inc., c/o Corel Corporation Limited)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\BackupNotify.exe ( )
O4 - HKCU..\Run: [NVIEW] C:\WINDOWS\System32\nview.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe (Intuit Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903.exe ()
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSubtract.exe (interMute, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}
http://quickscan.bit...m/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71E0B485-8793-4C90-B0BB-4E041D1C2FBB}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\OPXPGina: DllName - (C:\Program Files\Softex\OmniPass\opxpgina.dll) - C:\Program Files\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/08/23 07:53:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2013/01/27 23:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\VS Revo Group
[2013/01/27 23:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
[2013/01/27 23:05:41 | 000,027,064 | ---- | C] (VS Revo Group) -- C:\WINDOWS\System32\drivers\revoflt.sys
[2013/01/27 23:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/01/27 10:17:19 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013/01/27 10:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2013/01/27 07:38:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/01/26 23:53:31 | 000,000,000 | ---D | C] -- C:\Temp
[2013/01/26 18:20:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/26 12:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2013/01/26 12:58:32 | 000,000,000 | ---D | C] -- C:\Program Files\Coupon Companion Plugin
[2013/01/26 11:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\SpeedFan
[2013/01/26 11:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2013/01/26 08:01:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/01/25 15:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\minidump unzipped
[2013/01/25 15:17:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/01/25 14:34:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Minidump
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\NirSoft BlueScreenView
[2013/01/25 12:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2013/01/24 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Adobe
[2013/01/24 20:24:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/01/24 01:13:13 | 002,712,200 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/23 22:54:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/01/23 22:49:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/01/23 22:49:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/01/23 22:49:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/01/23 22:49:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/01/23 22:49:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/23 22:49:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/01/23 22:41:22 | 005,026,656 | R--- | C] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/23 22:22:27 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 22:19:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Shortcut to 7-Zip
[2013/01/23 22:14:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\7-Zip
[2013/01/23 22:00:10 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Administrative Tools
[2013/01/23 18:28:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2013/01/23 17:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/01/23 13:24:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/01/23 12:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/23 12:09:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 09:47:34 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 09:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2013/01/23 08:51:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2013/01/22 23:33:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2013/01/22 23:25:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Google
[2013/01/22 23:25:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/01/22 23:25:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/01/22 23:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/01/22 13:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/01/22 13:04:53 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2013/01/22 08:12:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\WordPerfect Office 11
[2013/01/22 08:11:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2013/01/22 07:07:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2013/01/22 03:11:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/01/22 03:08:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/01/22 02:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/01/22 02:14:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Avg2013
[2013/01/22 01:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2013/01/22 01:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/22 01:38:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/01/22 01:38:26 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/01/22 01:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/22 01:25:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/01/22 01:25:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/01/22 01:20:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/01/22 01:18:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Identities
[2013/01/22 01:12:51 | 000,000,000 | ---D | C] -- C:\I386
[2013/01/22 01:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2013/01/22 01:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2013/01/22 01:09:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/01/22 01:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/01/22 01:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/22 01:03:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Program Files
[2013/01/22 01:03:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2013/01/22 01:03:15 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2013/01/22 01:03:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/01/22 01:03:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2013/01/22 01:03:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/01/22 01:03:02 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/01/22 01:02:48 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013/01/22 01:01:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2013/01/22 01:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Avg2013
[2013/01/22 01:01:19 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/01/22 01:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/01/22 01:01:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/01/22 01:00:29 | 000,000,000 | ---D | C] -- C:\$AVG
[2013/01/22 00:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2013/01/22 00:57:13 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/22 00:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Avg2013
[2013/01/22 00:40:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/01/22 00:39:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/01/22 00:39:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/01/22 00:33:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/01/22 00:33:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/01/22 00:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/01/22 00:31:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/01/22 00:29:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013/01/22 00:29:29 | 003,374,640 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/01/22 00:29:08 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/01/22 00:26:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/01/22 00:26:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013/01/22 00:26:12 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Macromedia
[2013/01/22 00:08:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Adobe
[2013/01/21 23:41:13 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\UserData
[2013/01/21 23:37:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2013/01/21 23:36:03 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/01/21 23:35:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013/01/21 23:32:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/01/21 23:31:25 | 001,675,264 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2013/01/21 23:31:25 | 001,630,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2013/01/21 23:31:25 | 000,106,496 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgspl.ax
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2013/01/21 23:31:25 | 000,081,920 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2013/01/21 23:31:25 | 000,069,632 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2013/01/21 23:31:25 | 000,047,104 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgad.ax
[2013/01/21 23:31:24 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2013/01/21 23:31:24 | 001,150,976 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2013/01/21 23:31:24 | 000,094,208 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\lmpgvd.ax
[2013/01/21 23:30:54 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL
[2013/01/21 23:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\Encarta Online
[2013/01/21 23:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Multimedia Card Reader
[2013/01/21 23:29:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/01/28 17:36:25 | 000,001,394 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/28 17:35:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/28 17:35:16 | 1542,901,760 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/28 15:35:37 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/28 15:25:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/28 15:20:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/01/27 23:18:43 | 000,000,830 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/27 23:05:44 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2013/01/27 13:34:14 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2013/01/27 10:36:55 | 000,444,602 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/01/27 10:17:45 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2013/01/27 08:19:13 | 000,423,410 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/27 08:19:12 | 000,062,442 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/26 23:31:57 | 000,821,248 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\FreeISOBurner.exe
[2013/01/26 11:44:31 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/26 11:13:38 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:36 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/25 15:00:23 | 000,026,911 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:34 | 000,140,608 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 20:19:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130127-103655.backup
[2013/01/24 20:07:26 | 005,026,656 | R--- | M] (Swearware) -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2013/01/24 13:45:12 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:40 | 004,009,167 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:48 | 000,574,315 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 01:13:15 | 002,712,200 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Owner\Desktop\procexp.exe
[2013/01/24 00:15:51 | 000,000,368 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/23 23:07:48 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:54:11 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/23 22:23:23 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Owner\Desktop\aswMBR.exe
[2013/01/23 16:04:13 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 13:30:48 | 001,531,090 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/23 13:24:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2013/01/23 13:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2013/01/23 12:30:10 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:09:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2013/01/23 12:08:06 | 002,053,105 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 12:07:54 | 001,653,739 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 09:47:36 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\tdsskiller.exe
[2013/01/23 02:00:00 | 000,000,510 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 13:04:53 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2013/01/22 08:40:36 | 000,196,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/22 08:13:50 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/01/22 08:13:07 | 000,001,079 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2013/01/22 08:13:07 | 000,000,258 | ---- | M] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 01:38:32 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:09:59 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:17 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/22 00:29:38 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/01/22 00:29:38 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2013/01/21 23:36:28 | 000,001,865 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | M] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:32:38 | 000,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/01/21 23:27:45 | 000,000,196 | RHS- | M] () -- C:\BOOT.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/01/27 23:05:44 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
[2013/01/27 10:17:45 | 000,000,944 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2013/01/27 09:32:05 | 000,165,818 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-4098188977-3005115923-3956672664-1003-0.dat
[2013/01/26 23:53:32 | 000,165,818 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/01/26 23:31:56 | 000,821,248 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\FreeISOBurner.exe
[2013/01/26 13:44:45 | 000,000,830 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/01/26 11:13:38 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SpeedFan.lnk
[2013/01/26 11:13:33 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2013/01/25 20:38:23 | 1542,901,760 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/25 15:04:53 | 000,090,112 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Mini012313-01.jpg
[2013/01/25 15:00:23 | 000,026,911 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\Minidump.zip
[2013/01/25 12:51:39 | 000,140,608 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\bluescreenview_setup.exe
[2013/01/24 13:45:10 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Owner\Desktop\VEW(1).exe
[2013/01/24 01:39:25 | 004,009,167 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ServicesRepair.exe
[2013/01/24 01:21:47 | 000,574,315 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\adwcleaner.exe
[2013/01/24 00:30:04 | 001,531,090 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0387.JPG
[2013/01/24 00:15:51 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\My Documents.lnk
[2013/01/23 23:10:54 | 002,053,105 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0386.JPG
[2013/01/23 23:10:38 | 001,653,739 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\IMG_0385.JPG
[2013/01/23 23:06:55 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/23 22:49:36 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/01/23 22:49:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/01/23 22:49:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/01/23 22:49:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/01/23 22:49:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/01/23 16:04:12 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.com
[2013/01/23 12:30:09 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/01/23 12:30:06 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/01/22 23:25:38 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 0e3eb492-cbf8-45c6-b942-0acf4ac16323.job
[2013/01/22 23:25:37 | 000,000,510 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task d5461f6d-cebd-4812-b517-c079b1b30ec8.job
[2013/01/22 23:25:16 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/01/22 09:54:00 | 000,001,518 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Notepad.lnk
[2013/01/22 08:13:07 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\BDEMERGE.INI
[2013/01/22 01:38:32 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/01/22 01:32:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/01/22 01:20:27 | 000,001,394 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/01/22 01:09:59 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/22 01:09:59 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/22 01:01:05 | 000,000,713 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/01/22 00:40:31 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2013/01/22 00:40:29 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2013/01/22 00:40:25 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2013/01/22 00:33:36 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/01/22 00:33:36 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/01/22 00:33:36 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/01/22 00:33:36 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/01/22 00:33:36 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/01/22 00:33:36 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/01/22 00:33:36 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/01/22 00:33:36 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/01/22 00:33:36 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/01/22 00:33:35 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/01/22 00:33:35 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/01/22 00:33:35 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/01/22 00:33:35 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/01/22 00:33:35 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/01/22 00:33:35 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/01/22 00:33:35 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/01/22 00:33:35 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/01/22 00:33:35 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/01/22 00:33:35 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/01/22 00:33:35 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/01/22 00:33:35 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/01/22 00:33:35 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/01/22 00:33:35 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/01/22 00:33:35 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/01/22 00:33:35 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/01/22 00:33:35 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/01/22 00:33:34 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/01/22 00:33:34 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/01/22 00:33:34 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/01/22 00:33:34 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/01/22 00:33:34 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/01/22 00:33:34 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/01/22 00:33:34 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/01/22 00:33:34 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/01/22 00:33:34 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/01/22 00:33:34 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/01/22 00:33:34 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/01/22 00:33:34 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/01/22 00:33:34 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/01/22 00:33:34 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/01/22 00:33:34 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/01/22 00:33:34 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/01/22 00:33:34 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/01/22 00:33:34 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/01/22 00:33:34 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/01/22 00:33:34 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/01/22 00:33:34 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/01/22 00:33:34 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/01/22 00:33:34 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/01/22 00:33:34 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/01/22 00:33:34 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/01/22 00:33:34 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/01/22 00:33:34 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/01/22 00:33:34 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/01/22 00:33:34 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/01/22 00:33:34 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/01/22 00:33:34 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/01/22 00:33:34 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/01/22 00:33:34 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/01/22 00:33:33 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/01/22 00:33:33 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/01/22 00:33:33 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/01/22 00:33:33 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/01/22 00:33:33 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/01/22 00:33:33 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/01/22 00:33:33 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/01/22 00:33:33 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/01/22 00:33:33 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/01/22 00:33:33 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/01/22 00:33:33 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/01/22 00:33:33 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/01/22 00:33:33 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/01/22 00:33:33 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/01/22 00:33:33 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/01/22 00:29:57 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/01/22 00:29:57 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/01/22 00:29:57 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/01/22 00:29:57 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
[2013/01/22 00:29:55 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/01/22 00:29:55 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2013/01/22 00:29:50 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/01/22 00:29:41 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2013/01/22 00:29:39 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2013/01/22 00:29:39 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2013/01/22 00:29:38 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
[2013/01/22 00:29:38 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
[2013/01/22 00:29:37 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
[2013/01/22 00:29:37 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
[2013/01/22 00:29:37 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
[2013/01/22 00:29:37 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
[2013/01/22 00:29:37 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
[2013/01/22 00:29:36 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
[2013/01/22 00:29:36 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
[2013/01/22 00:29:34 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
[2013/01/22 00:29:34 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/01/22 00:29:31 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2013/01/22 00:29:26 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2013/01/22 00:29:25 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
[2013/01/22 00:29:25 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
[2013/01/22 00:29:22 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/01/22 00:29:21 | 000,046,133 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2013/01/22 00:29:11 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
[2013/01/22 00:29:10 | 000,033,464 | ---- | C] () -- C:\WINDOWS\System32\services.msc
[2013/01/22 00:29:08 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/01/22 00:29:08 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/01/22 00:29:07 | 000,003,167 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
[2013/01/22 00:29:04 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
[2013/01/22 00:29:03 | 000,003,708 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2013/01/22 00:29:02 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
[2013/01/22 00:28:56 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013/01/22 00:28:56 | 000,058,273 | R--- | C] () -- C:\WINDOWS\System32\perfmon.msc
[2013/01/22 00:28:56 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013/01/22 00:28:55 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
[2013/01/22 00:28:52 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\oembios.sig
[2013/01/22 00:28:52 | 000,006,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.sig
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2013/01/22 00:28:52 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.dat
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2013/01/22 00:28:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\dllcache\oembios.bin
[2013/01/22 00:28:46 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2013/01/22 00:28:43 | 000,032,968 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2013/01/22 00:28:43 | 000,026,209 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2013/01/22 00:28:42 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
[2013/01/22 00:28:42 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2013/01/22 00:28:42 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2013/01/22 00:28:42 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2013/01/22 00:28:42 | 000,027,866 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2013/01/22 00:28:41 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/01/22 00:28:40 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
[2013/01/22 00:28:40 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
[2013/01/22 00:28:40 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
[2013/01/22 00:28:40 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
[2013/01/22 00:28:40 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
[2013/01/22 00:28:40 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
[2013/01/22 00:28:40 | 000,007,052 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2013/01/22 00:28:40 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2013/01/22 00:28:40 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
[2013/01/22 00:28:39 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/01/22 00:28:36 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/01/22 00:28:27 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2013/01/22 00:28:24 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2013/01/22 00:28:24 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2013/01/22 00:28:23 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2013/01/22 00:28:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013/01/22 00:28:18 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2013/01/22 00:28:16 | 000,039,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2013/01/22 00:28:15 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/01/22 00:28:14 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/01/22 00:28:14 | 000,042,166 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
[2013/01/22 00:27:24 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2013/01/22 00:27:24 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\dllcache\keyboard.sys
[2013/01/22 00:27:21 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2013/01/22 00:27:18 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/01/22 00:27:18 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/01/22 00:27:17 | 000,004,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2013/01/22 00:27:15 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
[2013/01/22 00:27:13 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2013/01/22 00:27:12 | 000,032,760 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
[2013/01/22 00:27:11 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2013/01/22 00:27:11 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2013/01/22 00:27:10 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2013/01/22 00:27:10 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
[2013/01/22 00:27:09 | 000,056,678 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
[2013/01/22 00:27:09 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2013/01/22 00:27:08 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
[2013/01/22 00:27:08 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2013/01/22 00:27:08 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
[2013/01/22 00:27:06 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2013/01/22 00:27:06 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013/01/22 00:27:06 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2013/01/22 00:27:05 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
[2013/01/22 00:26:27 | 000,033,673 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
[2013/01/22 00:26:26 | 000,041,397 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
[2013/01/22 00:26:26 | 000,033,079 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
[2013/01/22 00:26:26 | 000,020,634 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2013/01/22 00:26:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2013/01/22 00:26:24 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2013/01/22 00:26:21 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\country.sys
[2013/01/22 00:26:20 | 000,038,302 | ---- | C] () -- C:\WINDOWS\System32\compmgmt.msc
[2013/01/22 00:26:15 | 000,082,944 | ---- | C] () -- C:\WINDOWS\clock.avi
[2013/01/22 00:26:15 | 000,071,859 | ---- | C] () -- C:\WINDOWS\System32\cliconf.chm
[2013/01/22 00:26:15 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\cmos.ram
[2013/01/22 00:26:14 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2013/01/22 00:26:13 | 000,042,339 | ---- | C] () -- C:\WINDOWS\System32\certmgr.msc
[2013/01/22 00:26:13 | 000,041,762 | ---- | C] () -- C:\WINDOWS\System32\ciadv.msc
[2013/01/22 00:26:11 | 000,028,420 | ---- | C] () -- C:\WINDOWS\System32\bios1.rom
[2013/01/22 00:26:11 | 000,008,191 | ---- | C] () -- C:\WINDOWS\System32\bios4.rom
[2013/01/22 00:25:59 | 000,012,498 | ---- | C] () -- C:\WINDOWS\System32\dllcache\append.exe
[2013/01/22 00:25:59 | 000,009,029 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2013/01/22 00:25:57 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\12520850.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2013/01/22 00:25:57 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\12520437.cpx
[2013/01/21 23:36:43 | 000,000,196 | RHS- | C] () -- C:\BOOT.BAK
[2013/01/21 23:36:35 | 000,245,920 | RHS- | C] () -- C:\cmldr
[2013/01/21 23:36:28 | 000,001,865 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk
[2013/01/21 23:34:43 | 000,004,168 | RHS- | C] () -- C:\WINDOWS\System32\drivers\HP_DM168A-ABA A320N_YC_Pavi_QMXK339_E34NAheBLU2_4_IA7N8X-LA_SASUSTeK Computer INC._VRev 1.xx_B3.13_T030813_WXH1_L409_M1472_J120_7AMD_8Athlon XP 2800+_92.08_110DE006E_N10DE0066_P_Z11C1044C_K_A10DE006A_U10DE0067_G10DE01F0.MRK
[2013/01/21 23:31:41 | 000,001,488 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Recovery.lnk
[2013/01/21 23:31:41 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealOne Player.lnk
[2013/01/21 23:31:41 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Help and Support.lnk
[2003/08/23 09:12:08 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2003/08/23 08:08:30 | 000,012,159 | ---- | C] () -- C:\Documents and Settings\Owner\ml1.srt
[2003/08/23 08:08:30 | 000,011,847 | ---- | C] () -- C:\Documents and Settings\Owner\ml2.srt
========== ZeroAccess Check ========== [2003/08/23 08:16:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/10/31 06:33:26 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/01/22 01:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2013
[2013/01/22 00:57:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/01/28 14:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2013/01/22 01:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG2013
[2003/08/28 22:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\interMute
[2013/01/23 18:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan
[2003/08/23 22:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SampleView
[2013/01/22 01:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TuneUp Software
========== Purity Check ========== < End of report >