Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Deadly Slow Web Connection


  • Please log in to reply

#1
Bulljoe

Bulljoe

    Member

  • Member
  • PipPip
  • 25 posts
Recently I had a problem with my computer taking over 30 minutes to boot up.
I took it to a computer repair shop and received it back two days ago. I was told that the Windows program was faulty.
The computer now boots up quickly but "hangs" when trying to connect to a website.

When I do eventually get onto a website, Malwarebytes keeps warning me:-

"Malwarebytes has successfully blocked access to portentially malicious website 89.28.17.125
Type: outgoing"

Sometimes it refers to "incoming" and sometimes to "outgoing" and the address changes.
Another example...incoming, 58.241.38.71

Following is the OTL Report. Hope you can help solve this problem


OTL logfile created on: 9/06/2013 12:08:45 PM - Run 15
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

1.97 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 53.31% Memory free
4.69 Gb Paging File | 3.79 Gb Available in Paging File | 80.90% Paging File free
Paging file location(s): c:\pagefile.sys 2940 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.57 Gb Total Space | 13.28 Gb Free Space | 19.09% Space Free | Partition Type: NTFS
Drive D: | 396.19 Gb Total Space | 222.58 Gb Free Space | 56.18% Space Free | Partition Type: NTFS
Drive F: | 1006.73 Mb Total Space | 1004.45 Mb Free Space | 99.77% Space Free | Partition Type: FAT
Drive H: | 1863.01 Gb Total Space | 829.19 Gb Free Space | 44.51% Space Free | Partition Type: NTFS

Computer Name: USER-84F12D431F | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/09 12:06:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2013/05/25 10:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/27 07:45:10 | 000,534,160 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe
PRC - [2013/02/27 15:38:44 | 001,259,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/12/05 02:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2012/11/19 16:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/11/08 02:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/11/02 02:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2010/10/27 18:24:42 | 000,645,952 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2010/10/27 18:23:16 | 001,483,072 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/06 20:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/07 10:24:33 | 000,971,264 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
MOD - [2013/06/07 10:22:33 | 000,240,128 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f7ad6d88ce5b96b4d281578fc1bf8b00\WindowsFormsIntegration.ni.dll
MOD - [2013/06/07 10:22:28 | 005,450,752 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
MOD - [2013/06/07 10:22:12 | 001,592,320 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\4ed71046fbeba6e2c8e3e800a5fa29e0\System.Drawing.ni.dll
MOD - [2013/06/07 10:21:47 | 000,224,768 | ---- | M] () -- c:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\46a680814559114706a33282e9df4b7a\PresentationFramework.Classic.ni.dll
MOD - [2013/05/01 09:00:43 | 001,581,056 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft\Media Tools\plugins\pl-b2e730376325753834d77280c183157b.dll
MOD - [2013/03/14 06:48:52 | 024,978,944 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Dropbox\bin\libcef.dll
MOD - [2013/03/04 07:46:27 | 000,224,256 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Microsoft\Media Tools\MediaIconsOverlays.dll
MOD - [2012/11/28 13:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 13:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/14 09:32:50 | 003,558,400 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/03/12 02:07:38 | 000,159,744 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mmfinfo.dll
MOD - [2011/09/08 23:59:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2010/07/05 07:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2007/05/22 14:53:10 | 000,006,656 | ---- | M] () -- C:\Program Files\WinAVI Video Converter\SimpleExt.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -- (HOSTS Anti-PUPs)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/06/07 18:02:43 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 12:50:12 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/18 09:26:53 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/26 00:29:12 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_ca0e279.dll -- (Akamai)
SRV - [2012/12/05 02:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/11/02 02:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/01 17:22:06 | 000,295,224 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/27 18:23:16 | 001,483,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/03/02 14:06:16 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Gigabyte\EasySaver\essvr.exe -- (ES lite Service)
SRV - [2009/02/20 09:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/12/06 20:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\SYMEVENT.SYS -- (SymEvent)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\NuMega\SoftICE Driver Suite\Common\Binsiwvid.sys -- (SiwvidStart)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/04/11 03:18:40 | 000,302,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/03/27 07:40:56 | 000,209,304 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2013/02/19 19:20:24 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/01/30 08:40:38 | 000,010,496 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012/12/10 02:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/11/08 02:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/10/11 14:55:04 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2012/09/18 19:33:00 | 000,043,960 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2012/09/18 19:33:00 | 000,039,608 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2012/09/18 19:33:00 | 000,030,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2012/09/18 19:32:56 | 000,012,216 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2012/01/12 19:52:06 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2012/01/10 20:07:36 | 000,179,200 | R--- | M] (Dexetek ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DxVGrb.sys -- (DxVGrb)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/07/13 17:09:26 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011/06/02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010/10/07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/07/20 23:56:52 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2010/07/20 23:45:12 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2010/07/20 23:37:38 | 006,086,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/03/17 16:42:46 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2010/03/10 07:18:20 | 000,024,216 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ivusb.sys -- (ivusb)
DRV - [2009/04/08 02:32:48 | 000,116,224 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/03/25 16:29:52 | 000,130,432 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007/12/26 01:47:30 | 000,272,128 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111v2.sys -- (RTLWUSB)
DRV - [2006/12/14 09:41:48 | 000,011,984 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/07/19 11:29:08 | 000,027,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2006/07/19 11:28:56 | 000,071,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2006/07/19 11:28:04 | 000,036,736 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2006/07/19 11:27:46 | 000,055,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042MOU.SYS -- (L8042mou)
DRV - [2006/07/19 11:27:26 | 000,013,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.SYS -- (L8042Kbd)
DRV - [2005/04/07 09:46:50 | 000,034,240 | R--- | M] (ADS) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adsexpb.sys -- (ADSEXPB)
DRV - [2001/11/07 04:40:00 | 000,018,240 | ---- | M] (Compuware Corporation - NuMega Lab) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\DbgMsg.sys -- (DbgMsg)
DRV - [2001/11/07 01:09:10 | 001,347,462 | ---- | M] (Compuware Corporation - NuMega Lab) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ntice.sys -- (NTice)
DRV - [2001/11/07 01:09:10 | 000,119,658 | ---- | M] (Compuware Corporation - NuMega Lab) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\siwvid.sys -- (Siwvid)
DRV - [2001/11/07 01:09:10 | 000,022,900 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\siwsym.sys -- (Siwsym)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {B48DCA56-2F73-4321-827B-AC88FFB71781}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{B48DCA56-2F73-4321-827B-AC88FFB71781}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\..\SearchScopes,DefaultScope = {B48DCA56-2F73-4321-827B-AC88FFB71781}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9FD7B827-2C19-4010-A3EF-936A29545E4C}: "URL" = http://www.bing.com/...=SPLBR2&pc=SPLH
IE - HKCU\..\SearchScopes\{B48DCA56-2F73-4321-827B-AC88FFB71781}: "URL" = http://www.google.co...1I7WQIB_enAU539
IE - HKCU\..\SearchScopes\{DABE5CFC-59E3-4577-B5E6-D8B9CEF16EAB}: "URL" = http://au.search.yah...cevm&type=STDVM
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/30 17:32:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/01 09:19:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/08 18:52:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1266764D-FC4F-4FA7-B63B-884D53B1680F}: C:\Documents and Settings\User\Application Data\NetAssistant\ [2011/04/21 09:37:29 | 000,000,000 | ---D | M]

[2010/04/01 16:33:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2013/05/29 10:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\706l0eqd.default-1343368655062\extensions
[2013/05/29 10:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions
[2012/07/12 14:52:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/07/23 18:26:01 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012/06/27 18:13:17 | 000,000,000 | ---D | M] (Sothink Web Video Downloader for Firefox) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
[2012/05/12 09:52:17 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2012/06/28 16:33:44 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2012/07/09 16:20:27 | 000,000,000 | ---D | M] (VideoFileDownload - Download YouTube Videos) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2013/05/29 10:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions
[2011/12/08 14:47:10 | 000,014,961 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2011/10/03 17:58:10 | 000,074,961 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2013/04/12 01:54:38 | 000,197,614 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2011/11/30 15:54:45 | 000,051,994 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2012/07/04 17:03:41 | 000,087,157 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2011/11/22 19:16:08 | 000,004,527 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2013/04/19 08:00:18 | 000,213,470 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2012/12/27 15:19:42 | 000,213,444 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]
[2011/12/03 11:01:05 | 000,003,691 | R--- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2012/06/28 15:20:29 | 000,185,362 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012/07/25 08:54:47 | 000,741,958 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/08/28 14:28:29 | 000,042,336 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi
[2012/06/12 02:26:43 | 000,007,915 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\khw12ymo.default\extensions\[email protected]\chrome\content\ff\view_expiry.js
[2013/05/07 21:34:11 | 000,004,530 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\[email protected]
[2013/02/23 14:38:42 | 000,615,654 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\[email protected]
[2013/04/21 09:13:51 | 000,765,412 | ---- | M] () (No name found) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\vppgx98u.default-1343368773312\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/06/01 09:19:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/01 09:19:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/06/01 09:19:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/01 09:19:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/07 18:02:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\distribution\extensions
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2010/12/09 07:21:24 | 000,002,224 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\webblog.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.babylo...C846CF0492D34DF
CHR - Extension: No name found = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn\3.0_0\
CHR - Extension: No name found = C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn\3.0_0\

O1 HOSTS File: ([2013/05/29 08:42:23 | 000,444,957 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15308 more lines...
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSecurityTab = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1370225264671 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1370225646625 (MUWebControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EA6C079-3333-4797-9BAC-AF0FD534706A}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C85F8EC6-C08E-404C-9D39-C29A7821E0FD}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/01 11:50:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/11/19 13:09:57 | 000,000,000 | ---D | M] - C:\AutoHideIP -- [ NTFS ]
O32 - AutoRun File - [2007/11/07 12:49:32 | 000,000,090 | ---- | M] () - F:\AUTORUN.INF -- [ FAT ]
O34 - HKLM BootExecute: (sdnclean.exe)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2020/12/01 12:20:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2013/06/09 12:06:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2013/06/08 18:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2013/06/08 18:56:15 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/06/08 18:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/06/08 18:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/06/08 18:51:51 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/06/07 17:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2013/06/07 17:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2013/06/06 11:04:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/06/06 11:04:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/06/06 11:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/06/06 10:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2013/06/05 16:26:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/06/05 16:22:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/06/05 16:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2013/06/05 16:05:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/06/05 15:22:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/06/05 15:22:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/06/05 15:21:07 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/06/05 15:16:57 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013/06/05 14:47:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/06/05 14:43:16 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2013/06/02 18:04:56 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2013/06/01 09:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/05/31 13:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2013/05/31 13:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\YTD Video Downloader
[2013/05/28 17:29:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\HandBrake
[2013/05/28 17:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\Handbrake
[2013/05/28 17:29:19 | 000,000,000 | ---D | C] -- C:\Program Files\Handbrake
[2013/05/28 17:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\FTDownloader.com
[2013/05/28 17:27:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Start Menu\Programs\FTDownloader.com
[2013/05/28 14:23:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Aimersoft
[2013/05/26 18:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2013/05/26 18:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Aimersoft DVD Ripper
[2013/05/26 18:11:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Aimersoft
[2013/05/26 18:11:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Aimersoft
[2013/05/26 18:11:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Aimersoft DVD Ripper
[2013/05/26 18:11:26 | 000,000,000 | ---D | C] -- C:\Program Files\Aimersoft
[2013/05/26 15:40:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2013/05/20 15:24:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Media Player Classic
[2013/05/20 08:40:21 | 002,029,056 | ---- | C] (Bytescout) -- C:\WINDOWS\System32\PDFDocScout.DLL
[2013/05/20 08:40:21 | 000,606,208 | ---- | C] (Lorenzi Davide) -- C:\WINDOWS\System32\HexUniRTFBox.ocx
[2013/05/15 08:55:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/04/18 09:19:47 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Program Files\unicows.dll
[2013/04/18 09:19:39 | 000,189,808 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\AutoPlay.exe
[2013/03/28 11:33:30 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\User\Application Data\pcouffin.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/09 12:06:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2013/06/09 12:01:29 | 000,000,308 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Malware and Spyware Cleaning Guide - Geeks to Go Forums.URL
[2013/06/09 11:50:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/09 11:37:21 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/09 11:36:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/09 11:36:05 | 2110,316,544 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013/06/09 11:25:38 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/06/09 09:18:39 | 122,549,687 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2013/06/09 06:37:25 | 000,031,475 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2013/06/08 18:56:49 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/06/08 18:52:10 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/06/08 09:36:50 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\SpeedyPC Pro.job
[2013/06/07 15:06:41 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut (2) to Local Disk ©.lnk
[2013/06/07 15:06:09 | 000,000,293 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to Local Disk ©.lnk
[2013/06/07 14:56:52 | 000,000,282 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to SAMSUNG (H).lnk
[2013/06/07 11:34:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/06/07 11:05:08 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Disk Cleanup.lnk
[2013/06/07 10:20:39 | 000,470,040 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/06/07 10:20:39 | 000,076,326 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/06 11:55:06 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/06/06 11:14:08 | 000,334,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/06 10:11:29 | 000,001,021 | ---- | M] () -- C:\Documents and Settings\User\Start Menu\Programs\Startup\Dropbox.lnk
[2013/06/06 10:10:59 | 000,001,003 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Dropbox.lnk
[2013/06/05 17:32:40 | 000,000,307 | -HS- | M] () -- C:\boot.ini
[2013/06/05 16:30:47 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/05 16:23:05 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/06/05 15:24:49 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/06/05 15:20:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/06/05 15:20:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/06/05 15:19:55 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013/06/05 15:17:06 | 000,022,720 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/05 14:44:00 | 000,012,881 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2013/06/02 20:30:53 | 000,000,678 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013/06/02 16:45:37 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/06/02 14:22:23 | 000,000,619 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to AdwCleaner.exe.lnk
[2013/05/31 17:33:10 | 000,000,651 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Shortcut to ytd.exe.lnk
[2013/05/31 13:06:24 | 000,026,900 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\dt.dat
[2013/05/31 13:05:40 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
[2013/05/29 15:20:44 | 000,000,107 | ---- | M] () -- C:\WINDOWS\IfoEdit.INI
[2013/05/29 08:42:23 | 000,444,957 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/05/28 17:29:21 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Handbrake.lnk
[2013/05/28 17:27:00 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\User\Desktop\FTDownloader.lnk
[2013/05/28 14:23:11 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Aimersoft DVD Ripper.lnk
[2013/05/24 16:31:16 | 000,001,041 | ---- | M] () -- C:\Documents and Settings\User\Application Data\vso_ts_preview.xml
[2013/05/20 08:40:33 | 000,000,774 | ---- | M] () -- C:\Documents and Settings\User\Desktop\MyHeritage Family Tree Builder.lnk
[2013/05/15 08:55:04 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/09 11:32:34 | 2110,316,544 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2013/06/08 18:56:49 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2013/06/08 18:52:10 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2013/06/07 15:06:41 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut (2) to Local Disk ©.lnk
[2013/06/07 15:06:09 | 000,000,293 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to Local Disk ©.lnk
[2013/06/07 14:56:52 | 000,000,282 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to SAMSUNG (H).lnk
[2013/06/05 17:32:39 | 000,001,021 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Startup\Dropbox.lnk
[2013/06/05 16:30:47 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\User\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/05 16:30:47 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Internet Explorer.lnk
[2013/06/05 16:13:12 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/06/05 16:13:12 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/06/05 16:13:12 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/06/05 16:13:11 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/06/05 16:13:11 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/06/05 16:13:11 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/06/05 16:13:11 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/06/05 16:13:11 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/06/05 16:13:11 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/06/05 16:13:11 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/06/05 16:13:11 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/06/05 16:13:11 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/06/05 16:13:11 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/06/05 16:13:11 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/06/05 16:13:11 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/06/05 16:13:11 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/06/05 16:13:11 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/06/05 16:13:10 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/06/05 16:13:10 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/06/05 16:13:10 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/06/05 16:13:10 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/06/05 16:13:10 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/06/05 16:13:10 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/06/05 16:13:10 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/06/05 16:13:10 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/06/05 16:13:10 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/06/05 16:13:10 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/06/05 16:13:10 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/06/05 16:13:10 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/06/05 16:13:10 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/06/05 16:13:10 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/06/05 16:13:10 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/06/05 16:13:10 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/06/05 16:13:10 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/06/05 16:13:10 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/06/05 16:13:10 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/06/05 16:13:10 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/06/05 16:13:10 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/06/05 16:13:10 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/06/05 16:13:10 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/06/05 16:13:10 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/06/05 16:13:10 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/06/05 16:13:10 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/06/05 16:13:10 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/06/05 16:13:10 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/06/05 16:13:10 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/06/05 16:13:10 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/06/05 16:13:10 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/06/05 16:13:10 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/06/05 16:13:10 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/06/05 16:13:10 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/06/05 16:13:10 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/06/05 16:13:10 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/06/05 16:13:10 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/06/05 16:13:10 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/06/05 16:13:10 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/06/05 16:13:10 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/06/05 16:13:10 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/06/05 16:13:10 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/06/05 16:13:10 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/06/05 16:13:10 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/06/05 16:13:10 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/06/05 16:13:10 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/06/05 16:13:10 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/06/05 16:13:09 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/06/05 16:13:09 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/06/05 16:13:09 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/06/05 16:13:09 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/06/05 16:13:09 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/06/05 16:13:09 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/06/05 16:13:09 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/06/05 16:13:08 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/06/05 16:13:08 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/06/05 16:13:08 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/06/05 16:13:08 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/06/05 16:13:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/06/05 16:13:08 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/06/05 16:13:08 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/06/05 16:13:08 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/06/05 16:13:08 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/06/05 15:36:43 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\User\Start Menu\Programs\Windows Media Player.lnk
[2013/06/05 15:22:23 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013/06/05 15:21:55 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013/06/05 15:21:44 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013/06/05 15:21:43 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013/06/05 15:21:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013/06/05 15:21:34 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013/06/05 15:21:29 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013/06/05 15:21:10 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013/06/05 15:17:06 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/05 15:03:51 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/06/05 15:03:51 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/06/05 15:03:51 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/06/05 15:03:51 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/06/05 15:03:51 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/06/05 15:03:51 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/06/05 15:03:50 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2013/06/05 14:44:01 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/06/03 12:02:24 | 000,012,881 | ---- | C] () -- C:\WINDOWS\setupapi.old
[2013/06/02 14:22:23 | 000,000,619 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to AdwCleaner.exe.lnk
[2013/05/31 17:33:10 | 000,000,651 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Shortcut to ytd.exe.lnk
[2013/05/31 13:06:24 | 000,026,900 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\dt.dat
[2013/05/28 17:29:21 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Handbrake.lnk
[2013/05/28 17:27:00 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\User\Desktop\FTDownloader.lnk
[2013/05/28 14:23:11 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Aimersoft DVD Ripper.lnk
[2013/05/20 17:15:00 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
[2013/04/18 19:11:03 | 000,001,041 | ---- | C] () -- C:\Documents and Settings\User\Application Data\vso_ts_preview.xml
[2013/04/18 09:19:38 | 000,000,055 | ---- | C] () -- C:\Program Files\Autorun.inf
[2013/04/18 09:19:31 | 000,018,183 | ---- | C] () -- C:\Program Files\Lisezmoi.htm
[2013/04/18 09:19:31 | 000,015,557 | ---- | C] () -- C:\Program Files\ReadMe.htm
[2013/04/18 09:19:30 | 000,017,015 | ---- | C] () -- C:\Program Files\Liesmich.htm
[2013/04/04 12:59:13 | 000,000,678 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013/03/17 19:10:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2013/01/05 09:16:08 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\User\wxDownloadFast.ini
[2012/12/24 16:44:31 | 000,000,060 | ---- | C] () -- C:\Documents and Settings\User\jagex_cl_runescape_LIVE.dat
[2012/12/24 16:44:31 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\User\random.dat
[2012/11/01 07:23:29 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2012/10/12 11:34:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2012/10/12 11:32:58 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/08/29 16:27:34 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/08/29 16:27:34 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/08/29 16:27:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/08/29 16:27:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/08/29 16:27:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/08/18 12:37:16 | 000,001,588 | ---- | C] () -- C:\WINDOWS\debugrcfile.ini
[2012/07/13 17:21:23 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012/07/13 17:21:23 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012/03/04 13:29:22 | 000,002,396 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012/02/15 16:00:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/27 12:31:10 | 000,000,520 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2011/12/17 14:20:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2011/12/08 18:40:31 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\KRSBridgeControls.dll
[2011/12/08 18:40:31 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\JeanieInterface.dll
[2011/12/08 18:40:31 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\KRSSockets.dll
[2011/12/08 18:40:31 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\FuzzBox.dll
[2011/12/08 18:40:31 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\BrowseForDirectory.dll
[2011/11/29 22:12:25 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2011/11/29 22:09:35 | 000,000,578 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2011/11/29 22:07:18 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2011/11/22 19:21:10 | 000,002,816 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\un.png
[2011/11/22 19:15:59 | 000,000,316 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Setting.dat
[2011/11/22 19:15:59 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\User\Application Data\UserFlag.ini
[2011/09/07 17:03:45 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/28 12:29:04 | 002,097,152 | ---- | C] () -- C:\Documents and Settings\User\My Volume N
[2011/04/21 19:28:31 | 000,000,022 | --S- | C] () -- C:\Documents and Settings\User\Application Data\Sys2662.Config.Repository.bin
[2011/02/18 19:11:28 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\User\Application Data\AutoGK.ini
[2011/02/10 07:29:06 | 000,000,043 | --S- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2010/04/05 12:20:52 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\User\default.pls
[2010/04/02 14:04:29 | 000,166,400 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/02 12:18:12 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\User\Application Data\pcouffin.cat
[2010/04/02 12:18:12 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\User\Application Data\pcouffin.inf

========== ZeroAccess Check ==========

[2010/04/21 09:55:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 22:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/06/08 18:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011/03/12 19:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro
[2012/01/22 18:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\38FDB89C-1EBD-4366-84B2-336D12CC3209
[2012/12/30 15:04:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4shared Desktop
[2013/05/26 18:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aimersoft DVD Ripper
[2011/05/03 13:20:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aiseesoft Studio
[2012/10/07 12:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anvsoft
[2012/02/23 10:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AutoHideIP
[2012/02/16 09:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2013/03/17 21:11:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2013/04/24 18:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bridge Analyser
[2010/04/02 15:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2013/06/05 17:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/09/27 10:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CompuClever
[2011/11/22 20:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_0_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/11/22 20:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_2_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/03/08 21:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2011/02/10 07:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
[2011/11/24 12:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ErrorEND
[2011/11/22 20:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HideIPEasy
[2012/03/28 14:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2012/12/04 16:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Leawo
[2010/04/14 10:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2013/05/15 08:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/12/11 11:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2012/07/28 18:10:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MyHeritage
[2011/08/06 17:29:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\oM01602IaPfD01602
[2010/12/13 13:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2013/04/22 08:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QFX Software
[2011/09/08 13:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2011/12/23 16:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2012/03/02 16:17:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2012/10/07 12:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Socusoft
[2012/07/29 08:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedyPC Software
[2010/07/25 22:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\sureshotgps
[2013/06/02 18:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/04/08 12:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2011/12/11 14:51:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2011/10/16 15:22:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2012/10/15 15:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wondershare
[2013/01/02 08:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WoW Worldwide Software LTD
[2013/05/28 14:29:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\xml_param
[2012/10/08 14:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YouTube Downloader
[2013/05/31 13:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
[2011/02/07 09:47:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/06/12 17:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/02/18 09:32:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
[2011/11/25 11:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/03/30 20:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D2044A97-3875-40E7-8161-DA975C6BA7CF}
[2010/04/14 18:10:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012/11/01 07:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
[2012/08/19 15:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\.minecraft
[2012/07/28 17:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\.techniclauncher
[2012/07/25 20:29:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ad-Aware Antivirus
[2011/09/24 13:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Alaz
[2013/01/02 10:22:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Amazon
[2011/11/22 18:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AutoHideIP
[2011/09/07 18:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG10
[2012/02/16 09:44:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\AVG2012
[2011/10/18 19:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Azureus
[2010/10/24 10:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BackTalk
[2013/04/24 18:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bridge Analyser
[2010/12/19 13:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bridge Baron 19
[2012/02/13 07:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Bridge Baron 21
[2013/01/02 08:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\calibre
[2010/04/02 16:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\CD-LabelPrint
[2012/09/27 10:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\CompuClever
[2012/07/26 11:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Curiolab
[2011/11/22 20:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_0_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/11/22 20:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\C__Documents and Settings_User_Local Settings_temp_ir_ext_temp_2_AutoPlay_Docs_Crack_HideIPEasy.exe
[2011/01/11 15:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Digiarty
[2012/01/22 18:36:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Downloaded Installations
[2011/03/06 13:12:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DriverCure
[2012/04/07 09:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\driveridentifier
[2013/06/09 11:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Dropbox
[2013/03/28 11:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DVDVideoSoft
[2011/08/06 14:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\EarMaster
[2013/05/26 16:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FamilyTreeMaker
[2011/01/03 11:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\FDBTemp
[2012/04/16 17:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Garmin
[2011/12/05 16:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GetRightToGo
[2011/07/26 17:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\GrabPro
[2013/05/28 18:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\HandBrake
[2011/11/22 20:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\HideIPEasy
[2012/03/28 12:28:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\iolo
[2011/09/24 13:04:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ivsu
[2012/01/03 21:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Kernel for Windows Data Recovery
[2012/08/05 11:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2012/12/04 15:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leawo
[2011/11/29 22:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Millennia
[2011/07/21 12:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Moyea
[2011/11/29 22:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\MyHeritage
[2011/01/27 15:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\NCH Swift Sound
[2011/04/21 09:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\NetAssistant
[2012/11/13 20:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OpenOffice.org
[2012/07/28 17:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Oracle
[2013/03/31 11:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Orbit
[2013/03/31 11:39:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\OxelonMC
[2013/01/12 14:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Photo DVD Maker
[2012/10/07 12:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Photo DVD Slideshow
[2011/07/26 17:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ProgSense
[2011/02/14 12:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Purple Ghost Software, Inc
[2013/04/22 08:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\QFX Software
[2012/08/04 17:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Qualys
[2011/04/30 11:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Regensoft
[2011/11/23 16:23:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Registry Mechanic
[2011/04/21 10:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\RegistryKeys
[2011/02/11 18:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Reviversoft
[2011/02/18 16:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\ScanSpyware
[2011/11/26 13:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SourceTec
[2012/07/27 17:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SpeedyPC Software
[2010/06/30 17:10:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\spotmau
[2012/04/07 11:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SystemRequirementsLab
[2011/11/29 22:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\The Complete Genealogy Reporter - FTB
[2010/06/30 17:09:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Thinstall
[2012/12/04 12:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\tiger-k
[2013/06/02 17:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\TuneUp Software
[2011/12/11 13:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ulead Systems
[2013/06/09 11:02:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\uTorrent
[2013/05/27 12:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Vso
[2011/03/28 13:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Desktop Search
[2011/04/11 10:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Windows Search
[2010/11/10 21:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Xilisoft
[2013/01/21 11:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\XMedia Recode
[2012/03/11 16:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\YouTube Downloader

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C265C458
@Alternate Data Stream - 184 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4BF2F6B5
@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP