IDP & Crypt AQLW Trojan DDS Log pasted.

**osjknights** · 2012-04-24, 23:13

OTL logfile created on: 24/04/2012 22:06:45 - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Documents and Settings\Dr Michael Foster\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 80.02% Memory free
4.84 Gb Paging File | 4.38 Gb Available in Paging File | 90.55% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 77.16 Gb Free Space | 33.13% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 65.25 Mb Free Space | 65.25% Space Free | Partition Type: NTFS
Drive F: | 931.41 Gb Total Space | 776.89 Gb Free Space | 83.41% Space Free | Partition Type: NTFS
Drive L: | 1.46 Gb Total Space | 1.42 Gb Free Space | 97.18% Space Free | Partition Type: NTFS
Drive M: | 226.05 Gb Total Space | 225.63 Gb Free Space | 99.81% Space Free | Partition Type: NTFS

Computer Name: KNIGHTS-2EE6007 | User Name: Dr Michael Foster | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Dr Michael Foster\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Program Files\AVG\AVG2012\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe (Nokia)
PRC - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Program Files\FaxTalk\FTmsgsvc.exe (Thought Communications, Inc.)
PRC - C:\Program Files\FaxTalk\FTclctrl.exe (Thought Communications, Inc.)
PRC - C:\Program Files\FaxTalk\fapiexe.exe (Thought Communications, Inc.)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Magic Formation\MagicFormation.exe ()
PRC - C:\Program Files\SolidDocuments\SolidPDFCreator\SPC\SolidPdfService.exe (Solid Documents, LLC)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)
PRC - C:\Program Files\winfax\WFXMOD32.EXE (Symantec Corporation)
PRC - C:\WINDOWS\system32\WFXSNT40.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\system32\WFXSVC.EXE (Symantec Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll ()
MOD - C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll ()
MOD - C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll ()
MOD - C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll ()
MOD - C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll ()
MOD - C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll ()
MOD - C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll ()
MOD - C:\Program Files\Magic Formation\MagicFormation.exe ()
MOD - C:\Program Files\Magic Formation\MFHook.dll ()
MOD - C:\WINDOWS\system32\solidlocalmon.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\winfax\DCCDA32I.DLL ()
MOD - C:\Program Files\winfax\WFXVW32I.DLL ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\WFXPNT40.DLL ()
MOD - C:\Program Files\winfax\SENGINE.DLL ()
MOD - C:\Program Files\winfax\DCCTBP32.DLL ()

========== Win32 Services (SafeList) ==========

SRV - (winpowermanager) -- %systemroot%\system32\oracleorahome92pagingserver.dll File not found
SRV - (wap3gx) -- %systemroot%\system32\ati2mpaa.dll File not found
SRV - (w29n51) -- %systemroot%\system32\cpqfcalm.dll File not found
SRV - (vrservice) -- %systemroot%\system32\NETw4v32.dll File not found
SRV - (USBVCD) -- %systemroot%\system32\msgsrvservice.dll File not found
SRV - (USBAAPL) -- %systemroot%\system32\stisvc.dlle File not found
SRV - (USB11LDR) -- %systemroot%\system32\olregcap.dll File not found
SRV - (upsentry_smart) -- %systemroot%\system32\RR2Vbi.dll File not found
SRV - (U2SP) -- %systemroot%\system32\rpsupdaterr.dll File not found
SRV - (trlokom_rmhsvc) -- %systemroot%\system32\iksyssec.dll File not found
SRV - (symdns) -- %systemroot%\system32\SunkFilt39.dll File not found
SRV - (softfax) -- %systemroot%\system32\beatjamupnpmusicserver.dll File not found
SRV - (smservaz) -- %systemroot%\system32\s217mgmt.dll File not found
SRV - (smartwiservice) -- %systemroot%\system32\emupia.dll File not found
SRV - (SiRemFil) -- %systemroot%\system32\backupexecnamingservice.dll File not found
SRV - (sfsync04) -- %systemroot%\system32\dcsloader.dll File not found
SRV - (SfCtlCom) -- %systemroot%\system32\djsnetcn.dll File not found
SRV - (SaiMini) -- %systemroot%\system32\webrootenterpriseupdateservice.dll File not found
SRV - (roxmediadb) -- %systemroot%\system32\motmodem.dll File not found
SRV - (ql2100) -- %systemroot%\system32\DLH5X.dll File not found
SRV - (protectionservice) -- %systemroot%\system32\PCDRSRVC.dll File not found
SRV - (procexp100) -- %systemroot%\system32\PTDCBus.dll File not found
SRV - (pktfilter) -- %systemroot%\system32\PDExchange.dll File not found
SRV - (pgpsdkservice) -- %systemroot%\system32\besclient.dll File not found
SRV - (pdlndldl) -- %systemroot%\system32\vds.dll File not found
SRV - (omci) -- %systemroot%\system32\EIO_XP.dll File not found
SRV - (NWHOST) -- %systemroot%\system32\outpostfirewall.dll File not found
SRV - (n558) -- %systemroot%\system32\iolo_srv.dll File not found
SRV - (Mvc25U870_VID_1262&PID_25FD) -- %systemroot%\system32\StickyMesger.dll File not found
SRV - (MSICPL) -- %systemroot%\system32\SaiH040B.dll File not found
SRV - (MSCamSvc) -- %systemroot%\system32\NsTrcNT.dll File not found
SRV - (MRV6X32P) -- %systemroot%\system32\n3900.dll File not found
SRV - (MR97310_USB_DUAL_CAMERA) -- %systemroot%\system32\viamraid.dllrvc File not found
SRV - (mindrepair) -- %systemroot%\system32\epson_pm_rpcv2_02.dll File not found
SRV - (mf) -- %systemroot%\system32\ql2100.dll File not found
SRV - (mcdetect.exe) -- %systemroot%\system32\InterBaseGuardian.dll File not found
SRV - (mafwboot) -- %systemroot%\system32\vds.dll File not found
SRV - (lxrsge10s) -- %systemroot%\system32\snapman.dll File not found
SRV - (LUsbFilt) -- %systemroot%\system32\NwSapAgent.dll File not found
SRV - (int15) -- %systemroot%\system32\isapnp.dll File not found
SRV - (incdfs) -- %systemroot%\system32\flutilssvc.dll File not found
SRV - (icdsptsv) -- %systemroot%\system32\DS1410D.dll File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (helpsvc) -- %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dlles\pchsvc.dll File not found
SRV - (hap16v2k) -- %systemroot%\system32\qbfcservice.dll File not found
SRV - (giveio) -- %systemroot%\system32\winachsx.dll File not found
SRV - (getPlusHelper) -- %systemroot%\system32\smserial.dll File not found
SRV - (fsaa) -- %systemroot%\system32\mxssvr.dll File not found
SRV - (FINEPIX_PCC) -- %systemroot%\system32\mail2ec.dll File not found
SRV - (EU3_USB) -- %systemroot%\system32\symwsc.dll File not found
SRV - (EL90X) -- %systemroot%\system32\sentinel.dll File not found
SRV - (EACSvrMngr) -- %systemroot%\system32\int15.sys.dll File not found
SRV - (dlaopiom) -- %systemroot%\system32\CXTUNE.dll File not found
SRV - (dladresn) -- %systemroot%\system32\crystaloutputfileserver.dll File not found
SRV - (DC21x4) -- %systemroot%\system32\RapiMgr.dll File not found
SRV - (cygserver) -- %systemroot%\system32\snapman380.dll File not found
SRV - (commserver) -- %systemroot%\system32\ndis.dll File not found
SRV - (CoachUsb) -- %systemroot%\system32\mqdmmdm.dll File not found
SRV - (C-Dilla) -- %systemroot%\system32\ONSIO.dll File not found
SRV - (CdaD10BA) -- %systemroot%\system32\ctac32k.dll File not found
SRV - (ccevtmgr) -- %systemroot%\system32\btkrnl.dll File not found
SRV - (BrUsbSer) -- %systemroot%\system32\olapserver.dll File not found
SRV - (belmonitorservice) -- %systemroot%\system32\z800mdm.dll File not found
SRV - (ATKGFNEXSrv) -- %systemroot%\system32\AIRPLUS.dll File not found
SRV - (arkbcfltr) -- %systemroot%\system32\mirrorv3.dll File not found
SRV - (ar5211) -- %systemroot%\system32\arhidfltr.dll File not found
SRV - (amdk7) -- %systemroot%\system32\niorbk.dll File not found
SRV - (alertservice) -- %systemroot%\system32\sp_clamsrv.dll File not found
SRV - (alcxsens) -- %systemroot%\system32\dbmang.dll File not found
SRV - (adsexpb) -- %systemroot%\system32\idsvc.dll File not found
SRV - (adaptecstoragemanageragent) -- %systemroot%\system32\ccproxy.dll File not found
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (FaxTalk FaxCenter Pro 8) -- C:\Program Files\FaxTalk\FTmsgsvc.exe (Thought Communications, Inc.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (SdReadSpool) -- C:\Program Files\SolidDocuments\SolidPDFCreator\SPC\SolidPdfService.exe (Solid Documents, LLC)
SRV - (nicconfigsvc) -- C:\WINDOWS\system32\simptcp.dll (Microsoft Corporation)
SRV - (wfxsvc) -- C:\WINDOWS\system32\WFXSVC.EXE (Symantec Corporation)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (redbook) -- system32\DRIVERS\redbook.sys File not found
DRV - (PCIDump) -- File not found
DRV - (ham50) -- system32\DRIVERS\IntelH51.sys File not found
DRV - (catchme) -- C:\DOCUME~1\DRMICH~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (BANTExt) -- C:\WINDOWS\System32\Drivers\BANTExt.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\WINDOWS\system32\drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (RapportCerberus_34302) -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys ()
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (RapportIaso) -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys (Trusteer Ltd.)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys ()
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (CLBStor) -- C:\WINDOWS\System32\drivers\CLBStor.sys (Cyberlink Co.,Ltd.)
DRV - (CLBUDF) -- C:\WINDOWS\System32\drivers\CLBUDF.sys (CyberLink Corporation.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - ({95808DC4-FA4A-4c74-92FE-5B863F82066B}) -- C:\Program Files\CyberLink\PowerDVD\000.fcl (Cyberlink Corp.)
DRV - (Changer) -- C:\WINDOWS\System32\drivers\changer.sys (Microsoft Corporation)
DRV - (lbrtfdc) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys (Toshiba Corp.)
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.prestel.co.uk/church/oosj/osj.htm
IE - HKCU\..\SearchScopes,DefaultScope = {7E8B17A6-0BA8-4A61-9FB7-E2F5D8151A6E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7E8B17A6-0BA8-4A61-9FB7-E2F5D8151A6E}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{9F1DD16A-D24B-4BE4-9B4D-14C8B2F5CD65}: "URL" = http://search.avg.com/?d=4dc3cee9&i=23&tp=chrome&q={searchTerms}&lng={language}&nt=1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91: C:\Program Files\NOS\bin\np_gp.dll File not found
FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin: C:\Program Files\Musicnotes\npsibelius.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG2012\Firefox\ [2012/02/01 11:12:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/02/01 11:12:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012/03/05 20:43:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012/03/05 20:43:35 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Musicnotes (Enabled) = C:\Program Files\Musicnotes\npmusicn.dll
CHR - plugin: ScorchPlugin (Enabled) = C:\Program Files\Musicnotes\npsibelius.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google Search = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Search = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: Gmail = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

Hosts file not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [FaxTalk FaxCenter Pro 8] C:\Program Files\FaxTalk\FTClCtrl.exe (Thought Communications, Inc.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] nwiz.exe /install File not found
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [WFXSwtch] C:\PROGRA~1\winfax\WFXSWTCH.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinFaxAppPortStarter] C:\WINDOWS\System32\WFXSNT40.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MagicFormation.lnk = C:\Program Files\Magic Formation\MagicFormation.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk = C:\WINDOWS\Installer\{91110409-6000-11D3-8CFE-0150048383C9}\outicon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Backward &Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cac&hed Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Si&milar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Translate into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1272219582312 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/micr...?1272219964125 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/sof...iveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Windows\Win7.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Windows\Win7.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {A213B520-C6C2-11d0-AF9D-008029E1027E} - C:\Program Files\winfax\WFXSEH32.DLL (Symantec Corporation)
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files\Qualcomm\Eudora\EuShlExt.dll (Qualcomm Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/24 18:11:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /k:F *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/24 22:05:07 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dr Michael Foster\Desktop\OTL.exe
[2012/04/24 16:32:34 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012/04/24 13:06:07 | 000,092,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mqac.svs
[2012/04/24 10:17:34 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/04/24 10:13:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/04/24 10:13:41 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/04/24 10:13:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/04/24 09:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dr Michael Foster\Start Menu\Programs\CyberLink BD Solution
[2012/04/24 09:51:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Dr Michael Foster\Recent
[2012/04/24 09:23:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/04/24 08:58:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/24 08:50:07 | 004,470,025 | R--- | C] (Swearware) -- C:\Documents and Settings\Dr Michael Foster\Desktop\ComboFix.exe
[2012/04/22 20:35:54 | 002,072,624 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Dr Michael Foster\My Files\tdsskiller.exe
[2012/04/22 20:27:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/04/22 13:34:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dr Michael Foster\Start Menu\Programs\Google Chrome
[2012/04/22 08:14:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dr Michael Foster\Desktop\Tools
[2012/04/21 09:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Malwarebytes
[2012/04/21 09:26:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/21 09:26:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/04/21 09:26:18 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/04/21 09:26:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/04/21 09:25:42 | 000,000,000 | ---D | C] -- C:\Malwarebytes
[2012/04/20 15:55:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dr Michael Foster\Start Menu\Programs\SpyHunter
[2012/04/20 15:55:39 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012/04/20 15:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012/04/20 15:51:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/04/20 15:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dr Michael Foster\Application Data\TestApp
[2012/04/20 15:20:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2012/04/20 15:19:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/04/20 15:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\B7E8587A4FE3ECF660BFD1C8D151FC4E
[2012/04/04 16:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\Copy of WinFax
[2012/04/04 15:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\winfax
[2012/04/03 08:25:03 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/24 22:09:10 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/24 21:58:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/24 21:38:10 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1177238915-839522115-1003UA.job
[2012/04/24 20:41:00 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
[2012/04/24 18:39:27 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk
[2012/04/24 18:39:22 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/24 18:39:22 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
[2012/04/24 18:39:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/24 12:07:41 | 000,518,144 | R--- | M] () -- C:\WINDOWS\SWREG.exe
[2012/04/24 10:17:39 | 000,000,444 | RHS- | M] () -- C:\boot.ini
[2012/04/24 09:51:39 | 000,000,328 | ---- | M] () -- C:\Boot.bak
[2012/04/24 09:38:58 | 096,117,289 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/04/24 09:34:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/23 16:59:51 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\MBR.dat
[2012/04/23 13:38:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1177238915-839522115-1003Core.job
[2012/04/22 20:35:54 | 002,072,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Dr Michael Foster\My Files\tdsskiller.exe
[2012/04/22 18:01:13 | 000,280,844 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/04/22 13:34:09 | 000,002,372 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\Desktop\Google Chrome.lnk
[2012/04/22 13:34:09 | 000,002,350 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/21 16:47:55 | 000,006,764 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\attach.zip
[2012/04/21 14:12:10 | 004,470,025 | R--- | M] (Swearware) -- C:\Documents and Settings\Dr Michael Foster\Desktop\ComboFix.exe
[2012/04/21 14:10:42 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dr Michael Foster\Desktop\OTL.exe
[2012/04/21 09:26:23 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/20 18:49:56 | 000,001,034 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\Desktop\NokiaUtils.lnk
[2012/04/20 15:57:46 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MS Office Outlook.lnk
[2012/04/20 15:55:43 | 000,001,997 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\Desktop\SpyHunter.lnk
[2012/04/20 15:51:46 | 000,000,725 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\Desktop\sdsetup_aff.exe.lnk
[2012/04/18 20:22:30 | 000,218,311 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\cemmguidance.pdf
[2012/04/17 19:29:25 | 000,002,337 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Streetmap.co.uk.url
[2012/04/17 10:07:29 | 007,438,896 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\08 - Evacuee2.mp3
[2012/04/17 10:07:16 | 000,008,663 | -HS- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\Folder.jpg
[2012/04/17 10:07:16 | 000,002,348 | -HS- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\AlbumArtSmall.jpg
[2012/04/16 17:46:01 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\doxillionShakeIcon.job
[2012/04/13 18:58:09 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/04/13 18:58:09 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/04/13 08:02:28 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/04/10 17:56:26 | 001,254,622 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\LittleYellowBook.pdf
[2012/04/09 01:31:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/04/07 16:04:44 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\Desktop\BT Home Hub Manager - Home.url
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/04/04 15:18:09 | 000,000,041 | ---- | M] () -- C:\WINDOWS\WFXDEL.BAT
[2012/04/04 13:51:10 | 000,003,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SAYNOTO0870.url
[2012/04/04 10:59:40 | 000,167,156 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\Fold-shapes.pdf
[2012/04/02 11:38:49 | 000,000,688 | ---- | M] () -- C:\WINDOWS\CDPHOTO.INI
[2012/04/01 14:13:34 | 000,038,674 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\phosphine.pdf
[2012/03/27 17:52:47 | 000,044,466 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\DIY Eucharist.pdf
[2012/03/26 15:32:32 | 001,539,897 | ---- | M] () -- C:\Documents and Settings\Dr Michael Foster\My Files\13Letters of Paul.pdf
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/24 10:17:39 | 000,000,328 | ---- | C] () -- C:\Boot.bak
[2012/04/24 10:17:36 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/04/24 10:13:41 | 000,518,144 | R--- | C] () -- C:\WINDOWS\SWREG.exe
[2012/04/24 10:13:41 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/04/24 10:13:41 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/04/24 10:13:41 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/04/24 10:13:41 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/04/24 10:13:41 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/04/22 13:34:09 | 000,002,372 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\Desktop\Google Chrome.lnk
[2012/04/22 13:34:09 | 000,002,350 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/04/22 13:33:08 | 000,001,026 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1177238915-839522115-1003UA.job
[2012/04/22 13:33:07 | 000,000,974 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1177238915-839522115-1003Core.job
[2012/04/22 09:58:06 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\MBR.dat
[2012/04/21 16:47:55 | 000,006,764 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\attach.zip
[2012/04/21 09:26:23 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/20 15:55:43 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\Desktop\SpyHunter.lnk
[2012/04/20 15:51:46 | 000,000,725 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\Desktop\sdsetup_aff.exe.lnk
[2012/04/18 20:22:30 | 000,218,311 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\cemmguidance.pdf
[2012/04/17 10:07:21 | 007,438,896 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\08 - Evacuee2.mp3
[2012/04/17 10:07:16 | 000,008,663 | -HS- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\Folder.jpg
[2012/04/17 10:07:16 | 000,002,348 | -HS- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\AlbumArtSmall.jpg
[2012/04/10 17:56:26 | 001,254,622 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\LittleYellowBook.pdf
[2012/04/04 10:59:40 | 000,167,156 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\Fold-shapes.pdf
[2012/04/03 08:25:04 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/02 11:32:33 | 000,197,561 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\S-ILoveToHearTheStory-PipeLC-48-CAM(1).mp3
[2012/04/02 11:31:50 | 000,038,674 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\phosphine.pdf
[2012/03/29 17:46:16 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\doxillionShakeIcon.job
[2012/03/27 17:52:43 | 000,044,466 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\DIY Eucharist.pdf
[2012/03/26 15:32:31 | 001,539,897 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\My Files\13Letters of Paul.pdf
[2012/02/15 11:32:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/12/15 08:29:18 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2010/12/15 08:29:16 | 001,018,748 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2010/10/27 10:46:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2010/09/07 07:12:44 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010/08/01 16:54:09 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dvdSanta.INI
[2010/08/01 16:48:21 | 001,216,512 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/08/01 16:48:21 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2010/08/01 16:48:21 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/08/01 16:48:21 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2010/08/01 16:48:21 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2010/08/01 16:48:21 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2010/06/14 19:40:05 | 001,107,192 | ---- | C] () -- C:\WINDOWS\Xwmba500.dll
[2010/06/14 19:40:05 | 000,260,440 | ---- | C] () -- C:\WINDOWS\Xwmhb500.dll
[2010/06/14 19:40:05 | 000,174,352 | ---- | C] () -- C:\WINDOWS\Xwmte500.dll
[2010/06/14 19:40:05 | 000,000,061 | ---- | C] () -- C:\WINDOWS\PHAssist.ini
[2010/06/01 15:16:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WTNSETUP.INI
[2010/06/01 15:10:00 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\DCCWFP32.DLL
[2010/06/01 15:10:00 | 000,000,250 | ---- | C] () -- C:\WINDOWS\WINFAX.INI
[2010/06/01 15:09:59 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[2010/05/31 21:48:38 | 000,021,248 | ---- | C] () -- C:\WINDOWS\System32\solidlocalmon.dll
[2010/05/31 21:48:38 | 000,013,568 | ---- | C] () -- C:\WINDOWS\System32\solidlocalui.dll
[2010/05/26 12:30:18 | 000,002,220 | ---- | C] () -- C:\WINDOWS\GWSFILTR.INI
[2010/05/26 12:27:06 | 000,000,041 | ---- | C] () -- C:\WINDOWS\gwspcam.ini
[2010/05/26 12:27:04 | 000,212,992 | ---- | C] () -- C:\WINDOWS\ALCHUNIN.EXE
[2010/05/26 12:26:46 | 000,007,806 | R--- | C] () -- C:\WINDOWS\gwspro.ini
[2010/05/06 10:47:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/05/05 22:28:28 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/05/05 22:28:27 | 000,035,840 | ---- | C] () -- C:\Documents and Settings\Dr Michael Foster\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/30 08:30:38 | 000,000,688 | ---- | C] () -- C:\WINDOWS\CDPHOTO.INI
[2010/04/30 08:30:38 | 000,000,193 | ---- | C] () -- C:\WINDOWS\EFICOLOR.INI
[2010/04/29 07:49:10 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\ippsra611.dll
[2010/04/29 07:49:10 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\ippcv11.dll
[2010/04/29 07:49:10 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ippsr11.dll
[2010/04/29 07:49:10 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2010/04/29 07:48:23 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2010/04/29 07:43:54 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010/04/28 16:14:51 | 000,000,059 | ---- | C] () -- C:\WINDOWS\FSaver.ini
[2010/04/28 16:14:50 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Aubade.ini
[2010/04/27 15:49:30 | 000,000,043 | ---- | C] () -- C:\WINDOWS\IMASTER.INI
[2010/04/27 14:29:14 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\JGFR400.DLL
[2010/04/26 22:48:01 | 000,000,812 | ---- | C] () -- C:\WINDOWS\unins001.dat
[2010/04/26 22:47:52 | 000,000,812 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2010/04/26 22:42:10 | 000,000,829 | ---- | C] () -- C:\WINDOWS\System32\unins000.dat

========== LOP Check ==========

[2011/10/20 07:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2012/04/24 07:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2010/10/20 08:29:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2012/04/20 15:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\B7E8587A4FE3ECF660BFD1C8D151FC4E
[2011/05/11 11:40:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/03/05 20:30:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/05/08 07:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki
[2012/04/24 09:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/09/14 15:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2010/05/01 15:41:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2012/03/05 20:43:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012/03/14 09:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011/10/17 08:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010/04/29 07:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/05/31 21:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SolidDocuments
[2011/12/07 17:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Thought Communications
[2010/07/20 16:45:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2011/08/14 19:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/08/11 23:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Amazon
[2011/07/14 08:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\AVG
[2011/10/20 07:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\AVG2012
[2011/06/20 12:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\BitTorrent
[2010/06/29 06:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Canon
[2011/04/16 23:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\FontCreator
[2011/06/15 14:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Helios
[2012/04/18 19:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Mp3tag
[2010/05/01 15:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\NCH Swift Sound
[2010/05/11 11:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\NewSoft
[2012/03/14 09:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Nokia
[2012/03/14 09:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Nokia Suite
[2010/06/07 09:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\OfficeRecovery
[2010/07/06 14:39:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\OpenOffice.org
[2011/12/02 08:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\PC Suite
[2010/07/06 22:47:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Recolored
[2010/04/29 07:43:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\ScanSoft
[2012/04/14 14:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\SolidDocuments
[2011/06/20 22:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Spotify
[2012/04/20 15:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\TestApp
[2010/07/20 16:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Trusteer
[2010/06/17 06:58:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\Uniblue
[2011/06/16 17:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dr Michael Foster\Application Data\uTorrent
[2012/04/24 18:39:22 | 000,000,616 | -H-- | M] () -- C:\WINDOWS\Tasks\ConfigExec.job
[2012/04/24 20:41:00 | 000,000,580 | -H-- | M] () -- C:\WINDOWS\Tasks\DataUpload.job
[2011/11/11 09:10:13 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\debutDowngrade.job
[2011/11/11 09:10:14 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\debutShakeIcon.job
[2012/04/16 17:46:01 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\doxillionShakeIcon.job
[2012/04/09 01:31:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2012/01/20 15:41:01 | 000,000,308 | ---- | M] () -- C:\WINDOWS\Tasks\pixillionShakeIcon.job
[2011/11/11 09:10:16 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\prismShakeIcon.job
[2011/11/11 09:10:16 | 000,000,304 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 184 bytes -> C:\Documents and Settings\Dr Michael Foster\My Files\FromHeavenYouCame-Kendrick.mid:SummaryInformation
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\Dr Michael Foster\My Files\FromHeavenYouCame-Kendrick.mid:DocumentSummaryInformation

< End of report >

Thread: IDP & Crypt AQLW Trojan DDS Log pasted.

Thread Tools

Display

Threaded View

Scan results

Posting Permissions