OTL logfile created on: 27/01/2012 10:43:43 PM - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Owner\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.90 Gb Total Physical Memory | 2.39 Gb Available Physical Memory | 61.30% Memory free
7.98 Gb Paging File | 6.25 Gb Available in Paging File | 78.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.97 Gb Total Space | 59.72 Gb Free Space | 20.88% Space Free | Partition Type: NTFS
Drive D: | 12.12 Gb Total Space | 1.94 Gb Free Space | 16.01% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe ()
PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
PRC - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - C:\Program Files (x86)\Driver Fetch\2.1.0.0\DriverFetch.exe ()
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Windows\trlrm\RMHSvc.exe (Trlokom, Inc.)
PRC - C:\Program Files (x86)\UltimateZip\uzqkst.exe (SWE von Schleusen)
PRC - C:\Program Files (x86)\SMINST\BLService.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8f3b3ab45e3e5fa61aa6cbfe2a8b61af\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\b304c1f9341d141746ec101b5bf202cf\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\b304c1f9341d141746ec101b5bf202cf\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\b6da684a4289bb2053ab12bbb773e808\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\231b0b42eff55de5c7d7debe555c16b7\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e070ca981473e64c0de7fd01cb019b5f\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2b4cd4567a7ed7d9ecd8e43352a66dd\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd2c727bcef2e019eb96c1145f423701\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe ()
MOD - C:\Program Files (x86)\Hotspot Shield\bin\lang\gui-eng.dll ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\DriverFetch.exe ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\scheduler.dll ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\restore.dll ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\cpuid.dll ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\_ssl.pyd ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\unicodedata.pyd ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\aggdraw.pyd ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\_imaging.pyd ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\_hashlib.pyd ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\_socket.pyd ()
MOD - C:\Program Files (x86)\Driver Fetch\2.1.0.0\_multiprocessing.pyd ()
MOD - C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\ECLibrary.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
========== Win32 Services (SafeList) ==========
SRV:
64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (IDT, Inc.)
SRV:
64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (Andrea Electronics Corporation)
SRV:
64bit: - (hpsrv) -- C:\Windows\SysNative\Hpservice.exe (Hewlett-Packard Corporation)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:
64bit: - (AgereModemAudio) -- C:\Windows\SysNative\agr64svc.exe (Agere Systems)
SRV - (Norton Internet Security) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe (Symantec Corporation)
SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (hshld) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (trlokom_rmhsvc) -- C:\Windows\trlrm\RMHSvc.exe (Trlokom, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Recovery Service for Windows) -- C:\Program Files (x86)\SMINST\BLService.exe ()
SRV - (TVCapSvc) TV Background Capture Service (TVBCS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
SRV - (TVSched) TV Task Scheduler (TVTS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
========== Driver Services (SafeList) ==========
DRV:
64bit: - (ccHP) -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\ccHPx64.sys (Symantec Corporation)
DRV:
64bit: - (SYMTDI) -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\SYMTDI.SYS (Symantec Corporation)
DRV:
64bit: - (HssDrv) -- C:\Windows\SysNative\DRIVERS\HssDrv.sys (AnchorFree Inc.)
DRV:
64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:
64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:
64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys (AnchorFree Inc)
DRV:
64bit: - (Sockblkd) -- C:\Program Files\Extegrity\Exam4\Sockblkd.sys (DataWizard Technologies, Inc.)
DRV:
64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SYMEFA64.SYS (Symantec Corporation)
DRV:
64bit: - (SymIM) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV:
64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\SRTSP64.SYS (Symantec Corporation)
DRV:
64bit: - (BHDrvx64) -- C:\Windows\SysNative\Drivers\NISx64\1008030.006\BHDrvx64.sys (Symantec Corporation)
DRV:
64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NISx64\1008030.006\SRTSPX64.SYS (Symantec Corporation)
DRV:
64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:
64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:
64bit: - (SSPORT) -- C:\Windows\SysNative\Drivers\SSPORT.sys (Samsung Electronics)
DRV:
64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )
DRV:
64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:
64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.)
DRV:
64bit: - (AgereSoftModem) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys (Agere Systems)
DRV:
64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation)
DRV:
64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.)
DRV:
64bit: - (enecir) -- C:\Windows\SysNative\DRIVERS\enecir.sys (ENE TECHNOLOGY INC.)
DRV:
64bit: - (IntcHdmiAddService) Intel(R) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:
64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV:
64bit: - (hpdskflt) -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV:
64bit: - (Accelerometer) -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys (Hewlett-Packard Corporation)
DRV:
64bit: - (NETw3v64) Intel(R) -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys (Intel Corporation)
DRV:
64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:
64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:
64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110821.003\EX64.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20110821.003\ENG64.SYS (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20110819.030\IDSviA64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (trlkprot) -- C:\Windows\SysWOW64\drivers\trlkprot.sys (Trlokom Inc.)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (Cyberlink Corp.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3007394&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.ca"
FF - prefs.js..extensions.enabledItems:
afurladvisor@anchorfree.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems:
cacaoweb@cacaoweb.org:1.0.15
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems:
webmaster@keep-tube.com:1.2
FF - prefs.js..extensions.enabledItems: {167d9323-f7cc-48f5-948a-6f012831a69f}:3.6.0.10
FF - prefs.js..extensions.enabledItems: {a02c0c70-605c-11da-8cd6-0800200c9a66}:4.22
FF - prefs.js..network.proxy.http: "125.5.6.7.7.7"
FF - prefs.js..network.proxy.http_port: 8231
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Owner\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/10/12 10:12:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/23 04:36:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/19 12:19:32 | 000,000,000 | ---D | M]
[2011/10/31 11:32:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2012/01/27 00:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\vwn68ar1.default\extensions
[2011/08/26 22:24:15 | 000,000,000 | ---D | M] (WhiteSmoke Bar Community Toolbar) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\vwn68ar1.default\extensions\{167d9323-f7cc-48f5-948a-6f012831a69f}
[2010/04/28 08:47:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\vwn68ar1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/28 08:47:22 | 000,000,000 | ---D | M] (PimpZilla) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\vwn68ar1.default\extensions\{a02c0c70-605c-11da-8cd6-0800200c9a66}
[2011/03/03 13:33:57 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\vwn68ar1.default\extensions\cacaoweb@cacaoweb.org
[2010/06/25 19:38:16 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\vwn68ar1.default\extensions\radiobar@toolbar
[2011/03/29 22:30:59 | 000,000,000 | ---D | M] (Keep Tube Downloader) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\vwn68ar1.default\extensions\webmaster@keep-tube.com
[2011/07/27 10:46:34 | 000,000,931 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\vwn68ar1.default\searchplugins\conduit.xml
[2011/10/31 11:32:09 | 000,002,520 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\vwn68ar1.default\searchplugins\SearchResults.xml
[2012/01/27 22:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/09 19:58:53 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/07/27 13:06:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/06/28 22:44:23 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
[2011/10/12 10:12:00 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN
[2012/01/27 22:33:02 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\IPSFFPLGN
[2010/07/27 13:06:41 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/31 11:32:09 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
========== Chrome ==========
CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = http://www.searchqu.com/web?src=crb&appid=119&systemid=406&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
O1 HOSTS File: ([2012/01/25 11:15:12 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Trlokom IE Toolbar) - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files (x86)\SpyWall\TrlIETool.dll (Trlokom, Inc.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Trlokom IE Toolbar) - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files (x86)\SpyWall\TrlIETool.dll (Trlokom, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000\..\Toolbar\WebBrowser: (Trlokom IE Toolbar) - {C5AF4D9B-0B55-4BAC-9486-218EA2C6BC3E} - C:\Program Files (x86)\SpyWall\TrlIETool.dll (Trlokom, Inc.)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:
64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Driver Fetch] C:\Program Files (x86)\Driver Fetch\2.1.0.0\DriverFetch.exe ()
O4 - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000..\Run: [cdloader] C:\Users\Owner\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UltimateZip Quick Start.lnk = C:\Program Files (x86)\UltimateZip\uzqkst.exe (SWE von Schleusen)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon: AllowMultipleTSSessions = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-3984993148-1309757251-1189783091-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED73AC6B-7A58-4C36-B3E3-399653F0B91C}: DhcpNameServer = 192.168.0.1
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\symres - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/25 07:49:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Help
[2012/01/24 22:50:38 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/24 15:21:14 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/01/23 21:13:28 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/23 21:13:27 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/23 14:57:22 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/01/23 14:39:57 | 000,000,000 | ---D | C] -- C:\ERDNT
[2012/01/23 14:39:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\erunt
[2012/01/23 04:21:53 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/23 04:21:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/23 04:21:53 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/23 04:21:47 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/23 04:21:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/23 04:20:41 | 004,388,468 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/01/22 12:00:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/01/22 11:59:16 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
[2012/01/19 10:56:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2012/01/19 10:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/19 10:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/19 10:56:09 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/01/19 10:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/01/19 10:55:00 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Owner\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/19 10:40:06 | 004,713,472 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/01/12 23:38:17 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2012/01/12 23:37:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\backup
[2012/01/12 23:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2012/01/12 23:35:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2012/01/12 23:35:28 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Owner\Documents\erunt-setup.exe
[2012/01/12 13:11:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/01/12 13:11:24 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/01/12 13:11:24 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/01/12 13:11:24 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/01/12 13:11:24 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/12 13:11:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/01/12 13:11:23 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/01/12 13:11:23 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/01/12 13:11:23 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/01/12 13:11:23 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/01/12 13:11:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/01/12 13:11:23 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/01/12 13:11:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/01/12 13:11:23 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/01/12 13:11:23 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/01/12 13:11:23 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/01/12 13:11:23 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/01/12 13:11:22 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/12 13:11:22 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/01/12 13:11:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/01/12 13:11:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/01/12 13:11:22 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/01/12 13:11:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/01/12 13:11:22 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/01/12 13:11:22 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2012/01/12 13:11:22 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/01/12 13:11:22 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/01/12 13:11:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/01/12 13:11:22 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/01/12 13:11:21 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/01/12 13:11:21 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/01/12 13:11:21 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/01/12 13:11:21 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/01/12 13:11:15 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/01/12 13:11:15 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/12 13:11:15 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/01/12 13:11:15 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/01/12 13:11:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/01/12 13:11:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/01/12 13:11:15 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/01/12 13:11:15 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2012/01/12 13:11:15 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/01/12 13:11:15 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/01/12 13:11:15 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/01/12 13:11:15 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/01/12 13:11:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/01/12 13:11:14 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/01/12 13:11:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/01/12 13:11:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/01/12 13:11:14 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/01/12 13:11:13 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/01/12 13:11:13 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/01/12 13:11:13 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/01/12 13:11:13 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/01/12 13:11:13 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/01/12 13:11:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/01/12 13:11:13 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/01/12 13:11:13 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/01/12 13:11:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/01/12 13:11:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/01/12 13:11:12 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/01/12 13:11:12 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/01/12 13:11:12 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/01/12 13:11:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/01/12 13:11:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/01/12 13:11:12 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/01/12 13:11:12 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/01/12 13:11:12 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/01/12 13:11:12 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/01/12 13:11:12 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/01/12 13:11:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/01/12 13:11:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/01/12 13:11:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/01/12 13:11:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/01/10 21:15:53 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/10 21:15:53 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/10 21:15:53 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/10 21:15:53 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/10 21:15:48 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/10 21:15:46 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2012/01/10 21:15:46 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcicda.dll
[2012/01/10 21:15:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciwave.dll
[2012/01/10 21:15:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciseq.dll
[2012/01/10 21:15:46 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciseq.dll
[2012/01/10 21:15:43 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/01/10 21:15:42 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/10 21:15:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2011/12/30 14:17:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[1 C:\Users\Owner\AppData\Local\*.tmp files -> C:\Users\Owner\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/27 22:34:11 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/27 22:33:02 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 22:33:02 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 22:32:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/27 22:32:46 | 4193,472,512 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/27 22:24:03 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/27 01:21:46 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2012/01/27 01:14:14 | 000,000,549 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.zip
[2012/01/26 14:16:37 | 000,080,384 | ---- | M] () -- C:\Users\Owner\Desktop\MBRCheck.exe
[2012/01/26 14:16:20 | 000,165,376 | ---- | M] () -- C:\Users\Owner\Desktop\SystemLook_x64.exe
[2012/01/25 20:25:00 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/01/25 11:15:12 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/01/24 15:21:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/01/23 14:38:48 | 000,513,320 | ---- | M] () -- C:\Users\Owner\Desktop\erunt.zip
[2012/01/23 04:20:46 | 004,388,468 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2012/01/23 00:10:50 | 001,655,273 | ---- | M] () -- C:\Users\Owner\Documents\Resume- Advocates LLP January 23, 2012.pdf
[2012/01/22 11:59:17 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
[2012/01/20 18:08:53 | 000,458,240 | ---- | M] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2012/01/20 16:50:08 | 001,655,284 | ---- | M] () -- C:\Users\Owner\Documents\Resume- Advocates LLP January 20, 2012.pdf
[2012/01/20 12:43:56 | 001,720,072 | ---- | M] () -- C:\Users\Owner\Documents\Resume- Freelance Legal Writer.pdf
[2012/01/19 10:56:11 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/19 10:55:00 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Owner\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/19 10:53:24 | 000,000,512 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/01/19 10:40:27 | 004,713,472 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2012/01/17 19:47:44 | 000,032,819 | ---- | M] () -- C:\Users\Owner\Documents\Jay Z.jpg
[2012/01/15 14:03:43 | 000,012,782 | -HS- | M] () -- C:\ProgramData\775r1r7n5385
[2012/01/15 14:03:42 | 000,012,782 | -HS- | M] () -- C:\Users\Owner\AppData\Local\775r1r7n5385
[2012/01/12 23:38:17 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2012/01/12 23:35:56 | 000,000,723 | ---- | M] () -- C:\Users\Owner\Desktop\NTREGOPT.lnk
[2012/01/12 23:35:56 | 000,000,704 | ---- | M] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2012/01/12 23:35:29 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Owner\Documents\erunt-setup.exe
[2012/01/12 23:10:40 | 082,885,256 | ---- | M] () -- C:\Users\Owner\Documents\avira_free_antivirus_en.exe
[2012/01/12 13:22:20 | 000,000,036 | RH-- | M] () -- C:\Windows\sued.dat
[2012/01/12 13:16:57 | 000,000,899 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/12 13:11:39 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2012/01/12 13:11:39 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2012/01/12 13:11:39 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2012/01/12 13:11:39 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2012/01/12 13:11:24 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/01/12 13:11:24 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/01/12 13:11:24 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/01/12 13:11:24 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/01/12 13:11:24 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/01/12 13:11:24 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/01/12 13:11:23 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/01/12 13:11:23 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/01/12 13:11:23 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/01/12 13:11:23 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/01/12 13:11:23 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/01/12 13:11:23 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/01/12 13:11:23 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/01/12 13:11:23 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/01/12 13:11:23 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/01/12 13:11:23 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/01/12 13:11:23 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/01/12 13:11:23 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/01/12 13:11:22 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/01/12 13:11:22 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/01/12 13:11:22 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/01/12 13:11:22 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/01/12 13:11:22 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/01/12 13:11:22 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/01/12 13:11:22 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/01/12 13:11:22 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2012/01/12 13:11:22 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/01/12 13:11:22 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/01/12 13:11:22 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/01/12 13:11:22 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/01/12 13:11:21 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/01/12 13:11:21 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/01/12 13:11:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/01/12 13:11:21 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/01/12 13:11:15 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/01/12 13:11:15 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/01/12 13:11:15 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/01/12 13:11:15 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/01/12 13:11:15 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/01/12 13:11:15 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/01/12 13:11:15 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/01/12 13:11:15 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2012/01/12 13:11:15 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/01/12 13:11:15 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/01/12 13:11:15 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/01/12 13:11:15 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/01/12 13:11:14 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/01/12 13:11:14 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/01/12 13:11:14 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/01/12 13:11:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/01/12 13:11:14 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/01/12 13:11:13 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/01/12 13:11:13 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/01/12 13:11:13 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/01/12 13:11:13 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/01/12 13:11:13 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/01/12 13:11:13 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/01/12 13:11:13 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/01/12 13:11:13 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/01/12 13:11:13 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/01/12 13:11:13 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/01/12 13:11:12 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/01/12 13:11:12 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/01/12 13:11:12 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/01/12 13:11:12 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/01/12 13:11:12 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/01/12 13:11:12 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/01/12 13:11:12 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/01/12 13:11:12 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/01/12 13:11:12 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/01/12 13:11:12 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/01/12 13:11:12 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/01/12 13:11:12 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/01/12 13:11:12 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/01/12 13:11:12 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/01/12 13:11:11 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/01/11 15:05:54 | 001,531,192 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/01/11 15:05:54 | 000,673,028 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/01/11 15:05:54 | 000,604,832 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/01/11 15:05:54 | 000,128,126 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/01/11 15:05:54 | 000,110,516 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/01/08 02:24:08 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Fetch.job
[2012/01/04 11:06:03 | 000,043,892 | ---- | M] () -- C:\Users\Owner\Desktop\20120106.htm
[2011/12/30 14:18:50 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[1 C:\Users\Owner\AppData\Local\*.tmp files -> C:\Users\Owner\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/27 01:14:14 | 000,000,549 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.zip
[2012/01/26 14:16:37 | 000,080,384 | ---- | C] () -- C:\Users\Owner\Desktop\MBRCheck.exe
[2012/01/26 14:16:19 | 000,165,376 | ---- | C] () -- C:\Users\Owner\Desktop\SystemLook_x64.exe
[2012/01/23 14:38:47 | 000,513,320 | ---- | C] () -- C:\Users\Owner\Desktop\erunt.zip
[2012/01/23 04:21:53 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/23 04:21:53 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/23 04:21:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/23 04:21:53 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/23 04:21:53 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/23 00:10:44 | 001,655,273 | ---- | C] () -- C:\Users\Owner\Documents\Resume- Advocates LLP January 23, 2012.pdf
[2012/01/20 18:08:52 | 000,458,240 | ---- | C] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2012/01/20 16:50:04 | 001,655,284 | ---- | C] () -- C:\Users\Owner\Documents\Resume- Advocates LLP January 20, 2012.pdf
[2012/01/20 12:43:48 | 001,720,072 | ---- | C] () -- C:\Users\Owner\Documents\Resume- Freelance Legal Writer.pdf
[2012/01/19 10:56:11 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/19 10:53:24 | 000,000,512 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.dat
[2012/01/17 19:47:44 | 000,032,819 | ---- | C] () -- C:\Users\Owner\Documents\Jay Z.jpg
[2012/01/12 23:35:56 | 000,000,723 | ---- | C] () -- C:\Users\Owner\Desktop\NTREGOPT.lnk
[2012/01/12 23:35:56 | 000,000,704 | ---- | C] () -- C:\Users\Owner\Desktop\ERUNT.lnk
[2012/01/12 23:09:54 | 082,885,256 | ---- | C] () -- C:\Users\Owner\Documents\avira_free_antivirus_en.exe
[2012/01/12 13:16:57 | 000,000,899 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/12 13:11:23 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/01/12 13:11:12 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/01/12 12:48:58 | 000,012,782 | -HS- | C] () -- C:\Users\Owner\AppData\Local\775r1r7n5385
[2012/01/12 12:48:58 | 000,012,782 | -HS- | C] () -- C:\ProgramData\775r1r7n5385
[2012/01/04 11:06:02 | 000,043,892 | ---- | C] () -- C:\Users\Owner\Desktop\20120106.htm
[2011/12/30 14:17:54 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/12/30 14:17:53 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/08/28 02:31:41 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/08/28 02:31:41 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/10/20 19:22:26 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2010/08/25 19:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 19:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 19:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/12/17 17:35:11 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009/12/17 17:35:11 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/12/17 17:35:06 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/11/30 15:45:37 | 000,000,036 | RH-- | C] () -- C:\Windows\sued.dat
[2009/11/28 00:51:28 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\prvlcl.dat
[2009/11/24 19:00:23 | 000,001,056 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2009/10/05 15:15:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/08/22 22:19:33 | 000,026,112 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/22 16:43:36 | 000,023,604 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png
[2009/08/22 11:31:52 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/08/22 11:31:35 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/22 11:31:18 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2008/11/03 20:18:57 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/08/14 05:17:20 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== Alternate Data Streams ==========
@Alternate Data Stream - 20 bytes -> C:\Windows\SysWow64\ABLED:CACAOWEB
< End of report >