Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Infected Computer Access issues when Java updated


  • Please log in to reply

#1
LibbyL1961

LibbyL1961

    Member

  • Member
  • PipPip
  • 19 posts
I have had a number of small issues because this is an old computer. However, I accepted the JaVa update yesterday and everything went crazy. Older PC with limited space been compensating with a external which will not work. I have removed some ignoring add-ons from Firefox that made ads appear on content that it should not have (double hyperlinks appeared.)
1. Unable to access my external hard-drive (major issue)
2. Add and Remove program does not load the list. even in Safemode.

Please help I am infected.
OTL logfile created on: 3/7/2013 2:44:32 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 77.70% Memory free
3.33 Gb Paging File | 2.84 Gb Available in Paging File | 85.32% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.46 Gb Total Space | 24.60 Gb Free Space | 33.03% Space Free | Partition Type: NTFS
Drive F: | 100.00 Mb Total Space | 75.87 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive G: | 452.66 Gb Total Space | 450.82 Gb Free Space | 99.59% Space Free | Partition Type: NTFS

Computer Name: TBBSHOME4 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/07 14:34:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2013/03/06 15:00:57 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/01/31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2010/02/18 10:32:56 | 000,138,680 | ---- | M] (ALWIL Software) -- c:\Alwil Software\Avast4\aswServ.exe
PRC - [2010/02/18 10:32:41 | 000,254,040 | ---- | M] (ALWIL Software) -- c:\Alwil Software\Avast4\aswMaiSv.exe
PRC - [2010/02/18 10:28:34 | 000,352,920 | ---- | M] (ALWIL Software) -- c:\Alwil Software\Avast4\aswWebSv.exe
PRC - [2010/02/18 10:21:19 | 000,052,160 | ---- | M] (ALWIL Software) -- c:\Alwil Software\Avast4\AvAgent.exe
PRC - [2010/02/18 10:20:05 | 000,018,752 | ---- | M] (ALWIL Software) -- c:\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/29 16:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2010/01/21 00:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/05/19 01:26:13 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\sdt1cl3.dll


========== Services (SafeList) ==========

SRV - [2013/03/06 23:27:19 | 000,025,088 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\Remote Drive\mounter.exe -- (DokanMounter)
SRV - [2013/03/06 15:00:57 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/02/26 21:33:13 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/19 14:12:43 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/31 10:38:54 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/18 10:32:56 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- c:\Alwil Software\Avast4\aswServ.exe -- (avast! Antivirus)
SRV - [2010/02/18 10:32:41 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- c:\Alwil Software\Avast4\aswMaiSv.exe -- (avast! Mail Scanner)
SRV - [2010/02/18 10:28:34 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- c:\Alwil Software\Avast4\aswWebSv.exe -- (avast! Web Scanner)
SRV - [2010/02/18 10:21:19 | 000,052,160 | ---- | M] (ALWIL Software) [Auto | Running] -- c:\Alwil Software\Avast4\AvAgent.exe -- (avast! NetAgent)
SRV - [2010/02/18 10:20:05 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- c:\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2010/01/21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/03/06 23:27:19 | 000,096,256 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\dokan.sys -- (Dokan)
DRV - [2010/02/18 10:32:21 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/02/18 10:31:25 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/02/18 10:30:32 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/18 10:28:54 | 000,048,624 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/02/18 10:28:44 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/02/18 10:27:33 | 000,028,064 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009/05/18 01:04:43 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2005/08/17 06:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2000/07/24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BRPAR.SYS -- (BrPar)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {5CC913E5-2FBA-451D-A481-5F3D4CA72599}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{5CC913E5-2FBA-451D-A481-5F3D4CA72599}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://supertoolbar....hTerms}&locale=
IE - HKCU\..\SearchScopes\{5CC913E5-2FBA-451D-A481-5F3D4CA72599}: "URL" = http://www.google.co...1I7ADSA_enUS453
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADSA_enUS453
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2394708
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...TDF&PC=SUN3&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http:/google.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://www.bing.com/...TDF&PC=SUN3&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\User\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/19 14:12:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/07 14:10:34 | 000,000,000 | ---D | M]

[2010/03/05 09:56:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2013/03/07 14:31:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\ogl6tjmm.default\extensions
[2013/03/07 14:31:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\ogl6tjmm.default\extensions\staged
[2009/06/16 16:20:58 | 000,002,236 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\ogl6tjmm.default\searchplugins\askcom.xml
[2010/07/21 15:00:14 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\ogl6tjmm.default\searchplugins\bing.xml
[2013/02/19 14:12:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/19 14:12:28 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/02/19 14:12:44 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/09 12:00:19 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/02/19 14:12:42 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.152\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.152\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\25.0.1364.152\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\User\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Candy = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fiejadjmcgacmocgeegodfhligbpecdg\1.0_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.6.0.11664_0\
CHR - Extension: GetSavin = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl\5.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2011/08/13 22:36:32 | 000,000,759 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: ed.gov ([fafsa] https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.233.222.2 64.233.222.7
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{000BAFA1-C051-4879-9DE7-9F8B4978F988}: DhcpNameServer = 64.233.222.2 64.233.222.7
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:C /k:D *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/07 14:34:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2013/03/07 14:09:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/03/06 23:27:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\ASUSCloud
[2013/03/06 23:27:19 | 000,096,256 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\dokan.sys
[2013/03/06 23:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2013/03/06 23:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ASUS
[2013/03/06 17:09:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EaseUS Data Recovery Wizard 5.8.0
[2013/03/06 17:09:29 | 000,000,000 | ---D | C] -- C:\Program Files\EaseUS
[2013/03/06 16:16:44 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2013/03/06 16:16:05 | 000,000,000 | -HSD | C] -- C:\AI_RecycleBin
[2013/03/06 16:15:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\getsavin
[2013/03/06 15:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/03/04 22:19:04 | 000,000,000 | ---D | C] -- C:\Program Files\LabMentors
[2013/02/19 14:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/13 17:22:42 | 000,019,537 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BRPAR.SYS
[2013/02/13 17:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\Brownie
[2013/02/13 17:22:36 | 000,200,704 | ---- | C] (brother) -- C:\WINDOWS\System32\Pdrvinst.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\User\*.tmp files -> C:\Documents and Settings\User\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/07 14:34:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2013/03/07 14:33:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/07 14:33:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/07 14:10:34 | 000,001,771 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/03/07 14:01:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3022703003-4038430192-2922668659-1007UA.job
[2013/03/07 13:45:44 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/07 13:45:40 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/07 13:45:33 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3022703003-4038430192-2922668659-1007.job
[2013/03/07 13:44:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/07 13:44:45 | 2137,149,440 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/07 07:01:00 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3022703003-4038430192-2922668659-1007Core.job
[2013/03/07 02:00:00 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-TBBSHOME4-User.job
[2013/03/06 23:27:19 | 000,096,256 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\dokan.sys
[2013/03/06 23:27:19 | 000,046,080 | ---- | M] () -- C:\WINDOWS\System32\dokan.dll
[2013/03/06 17:09:33 | 000,000,914 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EaseUS Data Recovery Wizard 5.8.0 .lnk
[2013/03/06 16:59:18 | 000,000,324 | ---- | M] () -- C:\WINDOWS\Brownie.ini
[2013/03/06 16:58:20 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2013/03/06 16:48:56 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2013/03/06 16:15:20 | 000,000,000 | ---- | M] () -- C:\end
[2013/03/06 01:56:03 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2013/03/04 22:12:07 | 000,000,426 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2013/03/04 19:26:05 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/03/04 07:24:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3022703003-4038430192-2922668659-1007.job
[2013/02/27 19:42:28 | 000,119,808 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/20 00:03:26 | 000,309,760 | ---- | M] () -- C:\Documents and Settings\User\My Documents\Publication5.pub
[2013/02/15 20:25:15 | 000,002,332 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome (2).lnk
[2013/02/14 04:19:44 | 003,648,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/14 03:26:27 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/02/14 03:19:04 | 000,503,792 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/14 03:19:04 | 000,089,058 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/13 17:22:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\brmx2001.ini
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\User\*.tmp files -> C:\Documents and Settings\User\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/07 14:10:34 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/03/07 14:10:34 | 000,001,771 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/03/07 13:44:45 | 2137,149,440 | -HS- | C] () -- C:\hiberfil.sys
[2013/03/06 23:27:19 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\dokan.dll
[2013/03/06 17:09:33 | 000,000,914 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EaseUS Data Recovery Wizard 5.8.0 .lnk
[2013/03/06 16:15:14 | 000,000,000 | ---- | C] () -- C:\end
[2013/03/04 00:42:45 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2013/03/04 00:42:45 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2013/02/15 20:25:15 | 000,002,332 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome (2).lnk
[2013/02/13 17:22:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2013/02/13 17:22:39 | 000,031,265 | ---- | C] () -- C:\WINDOWS\HL-5370DW.INI
[2013/02/13 17:21:45 | 000,000,324 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2013/01/01 18:16:45 | 000,000,426 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2012/12/20 17:23:02 | 000,000,025 | ---- | C] () -- C:\WINDOWS\IV3.INI
[2012/12/20 17:23:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\Application Data\IVOPEN.$$$
[2012/04/15 05:43:12 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Adobe PNG Format CS5 Prefs
[2012/04/03 02:25:14 | 000,062,604 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/02/16 13:55:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/28 06:37:03 | 007,288,164 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3022703003-4038430192-2922668659-1007-0.dat
[2012/01/28 06:36:50 | 000,410,774 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/01/27 14:26:31 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/11/13 02:13:42 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
[2011/08/16 23:34:33 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2011/08/13 22:24:42 | 000,000,073 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2011/08/13 12:48:53 | 000,000,032 | ---- | C] () -- C:\WINDOWS\dbqwiksite.ini
[2011/08/13 11:45:33 | 000,000,032 | ---- | C] () -- C:\WINDOWS\dbqwik~2.ini
[2011/08/13 11:41:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\DBQARM.dll
[2011/07/15 17:27:11 | 000,151,552 | ---- | C] () -- C:\WINDOWS\KMSEmulator.exe
[2011/06/30 16:54:37 | 000,000,084 | ---- | C] () -- C:\WINDOWS\php_wizard.ini
[2011/04/29 22:52:08 | 000,097,280 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\UrlManager.exe
[2011/04/29 22:52:08 | 000,002,241 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\urlManager.xml
[2010/09/14 06:13:37 | 000,119,808 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/26 20:41:01 | 000,093,360 | ---- | C] () -- C:\Documents and Settings\User\AvBatExW.bav
[2007/09/28 12:45:20 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat
[2006/05/11 15:17:39 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol

========== ZeroAccess Check ==========

[2004/08/11 17:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011/06/21 13:18:34 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/09/03 10:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2010/09/25 09:55:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\catalog.wci
[2011/11/12 14:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2006/12/14 11:17:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/03/25 16:21:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Amazon
[2012/08/01 14:42:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Artisteer
[2013/03/06 23:27:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ASUSCloud
[2009/09/03 10:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Broderbund
[2011/06/24 12:30:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bullzip
[2012/01/21 21:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/08/16 20:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/06/29 14:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/09/10 18:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DemoCreator
[2012/03/22 17:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Elluminate
[2012/12/23 02:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Family Lawyer
[2013/02/23 12:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FileZilla
[2009/08/26 20:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GetRightToGo
[2009/05/08 03:59:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ICAClient
[2011/05/16 15:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\JAM Software
[2010/09/10 18:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\QuizCreator
[2013/03/06 15:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Samsung
[2012/02/08 21:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SQL Maestro Group
[2011/11/13 01:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/01/11 19:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SWiSH Max4
[2012/07/14 20:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SWiSH miniMax3
[2012/06/06 17:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SWiSH miniMax4
[2013/02/05 12:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TeamViewer
[2011/07/03 00:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Trillian
[2010/04/06 15:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Unity

========== Purity Check ==========



< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP