OTL logfile created on: 11/15/2013 11:34:08 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Family02\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.88 Mb Total Physical Memory | 335.95 Mb Available Physical Memory | 33.14% Memory free
2.39 Gb Paging File | 1.61 Gb Available in Paging File | 67.61% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 142.05 Gb Total Space | 114.54 Gb Free Space | 80.64% Space Free | Partition Type: NTFS
Computer Name: FAMILY2 | User Name: Family02 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Family02\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files\Nero\Nero8\InCD\NBHGui.exe (Nero AG)
PRC - C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe (Nero AG)
PRC - C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe (Nero AG)
PRC - C:\Program Files\Nero\Nero8\InCD\InCD.exe (Nero AG)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\defs\13111501\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Documents and Settings\Family02\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Program Files\Launch Manager\PowerUtl.dll ()
========== Services (SafeList) ==========
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (vsmon) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
SRV - (npggsvc) -- C:\WINDOWS\system32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (NeroRegInCDSrv) -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe (Nero AG)
SRV - (InCDsrv) -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe (Nero AG)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (USBCCID) -- system32\DRIVERS\Rts5161ccid.sys File not found
DRV - (Rts516xIR) -- system32\DRIVERS\Rts516xIR.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (M3000Srv) -- System32\Drivers\M3000KNT.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (int15.sys) -- c:\acernb\int15.sys File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOCUME~1\Family02\LOCALS~1\Temp\catchme.sys File not found
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswsp.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (ISWKL) -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (L1c) -- C:\WINDOWS\system32\drivers\l1c51x86.sys (Atheros Communications, Inc.)
DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RSUSBSTOR) -- C:\WINDOWS\system32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (incdrm) -- C:\WINDOWS\system32\drivers\InCDRm.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDPass.sys (Nero AG)
DRV - (InCDRec) -- C:\WINDOWS\system32\drivers\InCDrec.sys (Nero AG)
DRV - (InCDfs) -- C:\WINDOWS\system32\drivers\InCDfs.sys (Nero AG)
DRV - (DritekPortIO) -- C:\Program Files\Launch Manager\DPortIO.sys (Dritek System Inc.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = ${SEARCH_URL_IE7}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes,DefaultScope = {5C5360F5-5F2D-4E4A-84B1-ABD053DB35A9}
IE - HKCU\..\SearchScopes\{5C5360F5-5F2D-4E4A-84B1-ABD053DB35A9}: "URL" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2013/05/21 15:13:25 | 000,000,000 | ---D | M]
[2013/05/21 15:07:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Java Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: surf And kEep = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bmgfpanainokpogcjoccgkjgfdeicfnh\2.19\
CHR - Extension: Google Search = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AT_Delbuck = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\neghaibmbjedngldjldidfoobmkkfkle\2\
CHR - Extension: Google Wallet = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Family02\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/11/15 19:36:55 | 000,449,863 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15468 more lines...
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.11\bh\zonealarm.dll (Check Point Software Technologies LTD)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No CLSID value found.
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.8.11.11\zonealarmTlbr.dll (Check Point Software Technologies LTD)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero8\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Prolific2571_OneButton] C:\Program Files\Prolific\EZ-DUB Finder\OneBtn.exe (Prolific)
O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero8\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E03A340A-BB63-4B53-8549-27096FD9F9E9}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Family02\My Documents\My Pictures\untitled.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Family02\My Documents\My Pictures\untitled.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/12 00:07:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2013/11/15 23:32:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Family02\Desktop\OTL.exe
[2013/11/15 00:38:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinterSoft
[2013/11/15 00:38:31 | 000,000,000 | ---D | C] -- C:\Program Files\ss helper
[2013/11/15 00:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\2be28682f132259f
[2013/11/15 00:15:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/11/09 19:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/11/09 19:25:11 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/11/09 19:25:11 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/11/09 19:24:45 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/11/09 19:24:45 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/11/09 19:24:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/11/09 19:24:44 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/11/09 19:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/10/28 20:15:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Family02\Application Data\AVAST Software
[2013/10/28 20:09:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/11/15 23:35:00 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2387590086-3402799377-1653462319-1005UA.job
[2013/11/15 23:32:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Family02\Desktop\OTL.exe
[2013/11/15 23:32:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/15 23:12:05 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/15 22:25:01 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/11/15 22:19:20 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/15 22:19:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/15 22:19:04 | 1063,198,720 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/15 21:35:05 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2387590086-3402799377-1653462319-1005Core.job
[2013/11/15 19:36:55 | 000,449,863 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/11/14 23:06:43 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\Family02\random.dat
[2013/11/14 23:06:38 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\Family02\jagexappletviewer.preferences
[2013/11/14 22:54:09 | 000,000,064 | ---- | M] () -- C:\Documents and Settings\Family02\jagex_cl_runescape_LIVE.dat
[2013/11/14 17:59:44 | 000,002,313 | ---- | M] () -- C:\Documents and Settings\Family02\Desktop\Google Chrome.lnk
[2013/11/14 12:28:04 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\Family02\.recently-used.xbel
[2013/11/14 11:33:29 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/11/09 19:24:25 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/11/09 19:24:19 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/11/09 19:24:18 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/11/09 19:24:18 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/11/09 19:24:18 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/11/08 13:28:28 | 000,403,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2013/11/06 20:54:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/05 17:44:09 | 000,483,288 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/05 17:44:09 | 000,080,908 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/29 10:59:45 | 000,122,351 | ---- | M] () -- C:\Documents and Settings\Family02\My Documents\genVpokedex.ods_1.ods
[2013/10/29 10:26:13 | 000,000,141 | -H-- | M] () -- C:\Documents and Settings\Family02\My Documents\.~lock.genVpokedex.ods#
[2013/10/28 20:09:24 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/10/28 20:06:50 | 000,774,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/10/28 20:06:50 | 000,178,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/10/28 20:06:50 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/10/28 20:06:50 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/10/28 20:06:50 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/10/28 20:06:50 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/10/28 20:06:50 | 000,035,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/10/28 20:06:49 | 000,269,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/10/28 20:06:49 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/10/28 20:00:32 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/11/14 12:28:04 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\Family02\.recently-used.xbel
[2013/10/29 11:11:53 | 000,122,351 | ---- | C] () -- C:\Documents and Settings\Family02\My Documents\genVpokedex.ods_1.ods
[2013/10/29 10:26:13 | 000,000,141 | -H-- | C] () -- C:\Documents and Settings\Family02\My Documents\.~lock.genVpokedex.ods#
[2013/05/15 19:16:49 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\Family02\.gtk-bookmarks
[2013/05/04 13:23:52 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/04 13:23:52 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/02/22 14:15:41 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\Family02\jagex_cl_oldschool_LIVE.dat
[2013/01/28 20:38:45 | 000,000,066 | ---- | C] () -- C:\Documents and Settings\Family02\jagex_cl_speccollect_LIVE.dat
[2012/06/26 10:42:11 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Family02\jagex_cl_runescape_LIVE_BETA.dat
[2012/06/26 10:38:07 | 000,000,065 | ---- | C] () -- C:\Documents and Settings\Family02\jagex_cl_runescape_LIVE1.dat
[2012/06/20 23:29:43 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\Family02\jagex_cl_runescape_LIVE.dat
[2012/06/20 23:24:13 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Family02\jagexappletviewer.preferences
[2011/11/02 00:52:48 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Family02\random.dat
[2009/12/26 15:39:40 | 000,000,340 | ---- | C] () -- C:\Documents and Settings\Family02\Application Data\wklnhst.dat
[2009/10/09 19:15:49 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Family02\Application Data\default.pls
[2009/09/09 13:24:18 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Family02\.rnd
========== ZeroAccess Check ==========
[2009/03/12 00:11:17 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 07:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/11/15 00:36:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2be28682f132259f
[2009/03/12 01:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acer GameZone Console
[2013/10/28 20:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/02/20 16:56:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/11/13 16:23:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CheckPoint
[2009/03/12 01:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2013/11/15 00:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2010/08/25 10:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/09/08 18:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009/10/08 19:15:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SimCity Societies
[2013/11/15 00:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinterSoft
[2013/11/15 00:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\.minecraft
[2013/05/18 18:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\.sea
[2009/03/12 01:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\Acer
[2009/03/12 01:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\Acer GameZone Console
[2013/10/28 20:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\AVAST Software
[2013/06/03 22:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\Check Point Software Technologies LTD
[2012/07/30 17:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\CheckPoint
[2013/07/05 17:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\Curse Advertising
[2013/05/23 18:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\ftblauncher
[2013/07/27 20:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\gtk-2.0
[2010/09/27 11:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\MilkShape 3D 1.x.x
[2009/09/24 15:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\OpenOffice.org
[2012/06/30 20:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\Oracle
[2009/03/12 01:27:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\Super-Cow
[2010/07/25 08:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\SystemRequirementsLab
[2011/03/16 15:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Family02\Application Data\Template
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.EX_ >
[2008/04/14 07:00:00 | 000,356,615 | ---- | M] () MD5=D7B59A7EC9CB1429FDCEC84A22228555 -- C:\i386\EXPLORER.EX_
< MD5 for: EXPLORER.EXE >
[2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: EXPLORER.SC_ >
[2008/04/14 07:00:00 | 000,000,181 | ---- | M] () MD5=BC5B38879C56DFBC05C8B5C43AC4D739 -- C:\i386\EXPLORER.SC_
< MD5 for: EXPLORER.SCF >
[2008/04/14 07:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\WINDOWS\explorer.scf
< MD5 for: IEXPLORE.CH_ >
[2008/04/14 07:00:00 | 000,199,077 | ---- | M] () MD5=1D662719AB9BB40BA7526B3973D3F626 -- C:\i386\IEXPLORE.CH_
< MD5 for: IEXPLORE.CHM >
[2009/02/21 00:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D -- C:\WINDOWS\Help\iexplore.chm
[2008/04/14 07:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE -- C:\WINDOWS\ie7\iexplore.chm
[2006/09/01 11:43:50 | 000,503,758 | ---- | M] () MD5=652E46500C149D1DC948BF9CEA8C4933 -- C:\WINDOWS\ie8\iexplore.chm
< MD5 for: IEXPLORE.EX_ >
[2008/04/14 07:00:00 | 000,037,887 | ---- | M] () MD5=2B46169148FFD81CAE84572CD32BDF86 -- C:\i386\IEXPLORE.EX_
< MD5 for: IEXPLORE.EXE >
[2009/06/29 02:25:31 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=02E2754D3E566C11A4934825920C47DD -- C:\WINDOWS\$hf_mig$\KB972260-IE7\SP3QFE\iexplore.exe
[2010/12/20 06:25:27 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=091D358EFC9D22901BD879EF37F0DAC4 -- C:\WINDOWS\ie7updates\KB2497640-IE7\iexplore.exe
[2012/04/22 01:40:38 | 000,634,488 | ---- | M] (Microsoft Corporation) MD5=0A39EEAD063CCDFF36AC9F0B8F800956 -- C:\WINDOWS\ie7updates\KB2722913-IE7\iexplore.exe
[2012/07/03 05:57:55 | 000,634,488 | ---- | M] (Microsoft Corporation) MD5=0F06AE8613FE66FF4C02A0C27D0DC7EF -- C:\WINDOWS\ie7updates\KB2744842-IE7\iexplore.exe
[2013/02/21 17:55:09 | 000,643,184 | ---- | M] (Microsoft Corporation) MD5=186E5B46F7DCEB473E2548E20F071934 -- C:\WINDOWS\ie7updates\KB2829530-IE7\iexplore.exe
[2011/12/16 06:00:16 | 000,634,680 | ---- | M] (Microsoft Corporation) MD5=1C206B8FEEC6882B7F7F479E95D2BDD9 -- C:\WINDOWS\ie7updates\KB2675157-IE7\iexplore.exe
[2011/10/31 05:32:32 | 000,634,504 | ---- | M] (Microsoft Corporation) MD5=1C5DA2D9EA2A59D0D5C116FA3A5A21AA -- C:\WINDOWS\$hf_mig$\KB2618444-IE7\SP3QFE\iexplore.exe
[2010/06/17 10:12:57 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=203E897F843D56496E2CC101DFF6CE34 -- C:\WINDOWS\ie7updates\KB2360131-IE7\iexplore.exe
[2011/10/31 05:46:00 | 000,634,504 | ---- | M] (Microsoft Corporation) MD5=2E34CF22B5862AB02786F0819B9FD819 -- C:\WINDOWS\ie7updates\KB2647516-IE7\iexplore.exe
[2012/08/26 01:40:35 | 000,634,504 | ---- | M] (Microsoft Corporation) MD5=326B5461CCD7DB0CD6B126ADEB28667A -- C:\WINDOWS\ERDNT\cache\iexplore.exe
[2012/08/26 01:40:35 | 000,634,504 | ---- | M] (Microsoft Corporation) MD5=326B5461CCD7DB0CD6B126ADEB28667A -- C:\WINDOWS\ie7updates\KB2761465-IE7\iexplore.exe
[2009/08/27 00:18:42 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=332EC7562F3AA7364F2D4231C56DA986 -- C:\WINDOWS\$hf_mig$\KB974455-IE7\SP3QFE\iexplore.exe
[2010/03/03 16:48:04 | 003,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) MD5=3C0B27E96A095D9D4494EF9E531C1E45 -- C:\Documents and Settings\Family02\Desktop\iexplore.exe
[2010/03/03 16:47:45 | 003,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) MD5=3C0B27E96A095D9D4494EF9E531C1E45 -- C:\Documents and Settings\Family02\My Documents\Downloads\iexplore.exe
[2009/06/29 03:35:10 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=3CFC56F73D494FC1AA2B6E981DF15ACD -- C:\WINDOWS\ie7updates\KB974455-IE7\iexplore.exe
[2011/04/21 05:34:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=3E23DBEBE1020D52C63235E4189FAC03 -- C:\WINDOWS\$hf_mig$\KB2530548-IE7\SP3QFE\iexplore.exe
[2009/10/28 01:54:16 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=4F9B04D546C23A295F3F0AE015BE51DB -- C:\WINDOWS\ie7updates\KB978207-IE7\iexplore.exe
[2012/02/29 06:01:00 | 000,634,680 | ---- | M] (Microsoft Corporation) MD5=50BA6A230D743A4D33BFFA2FA1113055 -- C:\WINDOWS\ie7updates\KB2699988-IE7\iexplore.exe
[2009/12/18 08:05:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=53C291F3B01EECECBD7FD358EA3ACC94 -- C:\WINDOWS\ie7updates\KB980182-IE7\iexplore.exe
[2008/04/14 07:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ie7\iexplore.exe
[2012/07/03 05:35:40 | 000,634,488 | ---- | M] (Microsoft Corporation) MD5=5A120ED9A6327241A69241A3D854AB21 -- C:\WINDOWS\$hf_mig$\KB2722913-IE7\SP3QFE\iexplore.exe
[2011/08/17 06:01:37 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=6A1D755C68C10863C598C78A597FA7C3 -- C:\WINDOWS\ie7updates\KB2618444-IE7\iexplore.exe
[2010/10/18 06:07:43 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=72D1F43C4146D312B0DB6AB98C21340E -- C:\WINDOWS\ie7updates\KB2482017-IE7\iexplore.exe
[2013/02/21 17:34:23 | 000,643,184 | ---- | M] (Microsoft Corporation) MD5=7AF7B81E7EB68875961BE10AFFE25EBA -- C:\WINDOWS\$hf_mig$\KB2817183-IE7\SP3QFE\iexplore.exe
[2009/10/28 01:54:21 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=80675329E0FD54F016C4F8A83C616349 -- C:\WINDOWS\$hf_mig$\KB976325-IE7\SP3QFE\iexplore.exe
[2013/02/03 17:34:14 | 000,643,104 | ---- | M] (Microsoft Corporation) MD5=81C0465919B6D37A11BEE1F699150EF9 -- C:\WINDOWS\$hf_mig$\KB2809289-IE7\SP3QFE\iexplore.exe
[2012/12/21 03:00:56 | 000,643,120 | ---- | M] (Microsoft Corporation) MD5=8C468BEF81657CB0522115EC08C1A685 -- C:\WINDOWS\$hf_mig$\KB2792100-IE7\SP3QFE\iexplore.exe
[2013/04/04 17:34:40 | 000,643,200 | ---- | M] (Microsoft Corporation) MD5=924CBA24D6762ECFB163A192811BB00D -- C:\WINDOWS\ie8\iexplore.exe
[2013/02/04 00:59:20 | 000,643,104 | ---- | M] (Microsoft Corporation) MD5=96B6F270F134261DFD48EBF041B1E5E1 -- C:\WINDOWS\ie7updates\KB2817183-IE7\iexplore.exe
[2011/06/20 06:29:11 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=993F33696EF219C306BF9BBA34D85073 -- C:\WINDOWS\ie7updates\KB2586448-IE7\iexplore.exe
[2010/06/17 09:45:15 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B0BC6DC9C9277250C5C8F7B7A48A02CC -- C:\WINDOWS\$hf_mig$\KB2183461-IE7\SP3QFE\iexplore.exe
[2010/04/16 06:08:29 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B24A4E23A2FEDB6976EB04D334AD82B2 -- C:\WINDOWS\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\iexplore.exe
[2010/02/23 00:20:02 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B5116340B84824DDD0A641E36B126194 -- C:\WINDOWS\ie7updates\KB982381-IE7\iexplore.exe
[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe
[2011/04/21 05:58:25 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B6E13F9C120C776A89D783E26D6C15C5 -- C:\WINDOWS\ie7updates\KB2559049-IE7\iexplore.exe
[2010/12/20 05:49:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=B74CBEBA34E3CAA2CCACC87FEE8A16C0 -- C:\WINDOWS\$hf_mig$\KB2482017-IE7\SP3QFE\iexplore.exe
[2012/12/21 03:25:35 | 000,643,120 | ---- | M] (Microsoft Corporation) MD5=C3DDC05C898F19D35A4A2B5F707CA916 -- C:\WINDOWS\ie7updates\KB2809289-IE7\iexplore.exe
[2010/04/16 06:43:25 | 000,634,656 | ---- | M] (Microsoft Corporation) MD5=C4BA5E36FB57F547117305BF1E0FE454 -- C:\WINDOWS\ie7updates\KB2183461-IE7\iexplore.exe
[2010/02/23 00:19:59 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=C8DDA4028065D5CE39CBE7A156B72AB9 -- C:\WINDOWS\$hf_mig$\KB980182-IE7\SP3QFE\iexplore.exe
[2011/08/17 05:34:43 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=CB0AFAF9E5C5FE70EC7087E71275DD33 -- C:\WINDOWS\$hf_mig$\KB2586448-IE7\SP3QFE\iexplore.exe
[2012/04/22 01:32:36 | 000,634,488 | ---- | M] (Microsoft Corporation) MD5=CE2379FC341C65CAD88FF8264A791AB5 -- C:\WINDOWS\$hf_mig$\KB2699988-IE7\SP3QFE\iexplore.exe
[2012/10/31 17:34:30 | 000,643,104 | ---- | M] (Microsoft Corporation) MD5=CE4C28454C062C30489D4B82FDB515F3 -- C:\WINDOWS\$hf_mig$\KB2761465-IE7\SP3QFE\iexplore.exe
[2009/12/18 02:00:27 | 000,634,632 | ---- | M] (Microsoft Corporation) MD5=D19E56D5930C37CF211867DF450C372A -- C:\WINDOWS\$hf_mig$\KB978207-IE7\SP3QFE\iexplore.exe
[2010/10/18 05:36:30 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=DA6E1F0F1932B62DD2F6ED05541C555C -- C:\WINDOWS\$hf_mig$\KB2416400-IE7\SP3QFE\iexplore.exe
[2011/12/16 05:35:06 | 000,634,680 | ---- | M] (Microsoft Corporation) MD5=DB9D9A73FACB0B11992201D670D73E16 -- C:\WINDOWS\$hf_mig$\KB2647516-IE7\SP3QFE\iexplore.exe
[2011/06/20 05:38:09 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=DE0F15DD275A36C3E67DC1E36F958F3A -- C:\WINDOWS\$hf_mig$\KB2559049-IE7\SP3QFE\iexplore.exe
[2007/08/13 21:43:56 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=DE49B348A18369B4626FBA1D49B07FB4 -- C:\WINDOWS\ie7updates\KB972260-IE7\iexplore.exe
[2012/02/29 05:34:48 | 000,634,680 | ---- | M] (Microsoft Corporation) MD5=DF642AABFDACE36E3B4329091A07DE87 -- C:\WINDOWS\$hf_mig$\KB2675157-IE7\SP3QFE\iexplore.exe
[2011/02/14 06:36:55 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E3CC8CCF21BFDC954255BB17083FB9F0 -- C:\WINDOWS\$hf_mig$\KB2497640-IE7\SP3QFE\iexplore.exe
[2011/02/14 07:17:08 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E4A798DFDE7FE6E79F23548F0EF0F844 -- C:\WINDOWS\ie7updates\KB2530548-IE7\iexplore.exe
[2010/08/25 06:30:33 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=E5412ED9E07C42C20C48D3FF71E6B1E8 -- C:\WINDOWS\ie7updates\KB2416400-IE7\iexplore.exe
[2010/08/25 06:07:58 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F047BEB9771E45A05F425499A30F9BBA -- C:\WINDOWS\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[2009/08/27 00:18:44 | 000,634,648 | ---- | M] (Microsoft Corporation) MD5=F232BA9F39BC0F722672C7E79E68EBEA -- C:\WINDOWS\ie7updates\KB976325-IE7\iexplore.exe
[2012/08/26 01:32:43 | 000,634,504 | ---- | M] (Microsoft Corporation) MD5=F516E1F811AC01F5DA1D486051069A7C -- C:\WINDOWS\$hf_mig$\KB2744842-IE7\SP3QFE\iexplore.exe
[2012/10/31 18:07:10 | 000,643,104 | ---- | M] (Microsoft Corporation) MD5=F77E696991FED3B92E09AC0CE91E9BCA -- C:\WINDOWS\ie7updates\KB2792100-IE7\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui
[2007/08/13 21:43:36 | 000,573,440 | ---- | M] (Microsoft Corporation) MD5=B58D8A1C7EE0E922EC7D2616DA136FC3 -- C:\WINDOWS\ie8\iexplore.exe.mui
< MD5 for: IEXPLORE.HL_ >
[2008/04/14 07:00:00 | 000,059,881 | ---- | M] () MD5=D23388C8D5D82D4D1C3B0B6A256E3CB7 -- C:\i386\IEXPLORE.HL_
< MD5 for: IEXPLORE.HLP >
[2008/04/14 07:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 -- C:\WINDOWS\Help\iexplore.hlp
< MD5 for: SERVICES >
[2008/04/14 07:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
< MD5 for: SERVICES._ >
[2008/04/14 07:00:00 | 000,001,989 | ---- | M] () MD5=29BB3BBBE3D49156A42BFB3DD000F554 -- C:\i386\SERVICES._
< MD5 for: SERVICES.CFG >
[2013/09/03 08:53:56 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 11:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.EX_ >
[2008/04/14 07:00:00 | 000,049,959 | ---- | M] () MD5=EE4885163C0C0729A3C5F1416A6E5F48 -- C:\i386\SERVICES.EX_
< MD5 for: SERVICES.EXE >
[2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 07:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
< MD5 for: SERVICES.LNK >
[2009/03/12 00:07:50 | 000,001,602 | ---- | M] () MD5=17B0BE12B5109BAD87FB4CDD199F1AF3 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
< MD5 for: SERVICES.MS_ >
[2008/04/14 07:00:00 | 000,003,649 | ---- | M] () MD5=64E9F61D2ED093C361862DE36433B5E1 -- C:\i386\SERVICES.MS_
< MD5 for: SERVICES.MSC >
[2008/04/14 07:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
< MD5 for: SERVICES.RDB >
[2009/08/19 10:24:20 | 000,262,144 | ---- | M] () MD5=00D8C85E07B0D69A27816B54E56EF85B -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
[2009/08/19 10:23:28 | 005,472,256 | ---- | M] () MD5=81CCB59A28A03DB55807B883CB679027 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb
< MD5 for: SERVICES.SBS >
[2013/07/16 12:21:30 | 000,034,818 | ---- | M] () MD5=E2ACBC77020C8D5CE97CA61D0D859A44 -- C:\Program Files\Spybot - Search & Destroy\Includes\Services.sbs
< MD5 for: WINLOGON.EX_ >
[2008/04/14 07:00:00 | 000,265,069 | ---- | M] () MD5=063EF1A46C58A731F78AE5AF47070D65 -- C:\i386\WINLOGON.EX_
< MD5 for: WINLOGON.EXE >
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 07:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/14 07:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 07:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< %SYSTEMDRIVE%\*.* >
[2009/03/12 00:07:49 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/06/19 11:55:33 | 000,000,281 | ---- | M] () -- C:\Boot.bak
[2011/03/15 13:59:27 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/03 22:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2012/09/25 16:43:11 | 000,013,220 | ---- | M] () -- C:\ComboFix.txt
[2009/03/12 00:07:49 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013/11/15 22:19:04 | 1063,198,720 | -HS- | M] () -- C:\hiberfil.sys
[2009/03/12 00:07:49 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/02/18 04:26:30 | 000,002,016 | ---- | M] () -- C:\MOD01SET0J00P2000K.enc
[2008/08/06 20:16:21 | 000,002,488 | ---- | M] () -- C:\MOD01WOS02ENP20001.enc
[2009/03/12 00:07:49 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 07:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 07:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/11/15 22:19:02 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2009/09/08 17:59:36 | 000,000,204 | ---- | M] () -- C:\Plugins
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/03/12 00:07:26 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/10/21 20:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD97.DLL
[2007/10/21 20:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP97.DLL
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 21:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2013/10/28 20:06:49 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2009/09/09 05:10:53 | 000,001,682 | -H-- | M] () -- C:\Documents and Settings\Family02\Application Data\Microsoft\LastFlashConfig.WFC
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is ACER
Volume Serial Number is D0B8-A469
Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
10/10/2013 06:30 PM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
10/10/2013 06:30 PM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
10/10/2013 06:20 PM <JUNCTION> v4.0_4.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
3 Dir(s) 122,925,264,896 bytes free
< %systemroot%\System32\config\*.sav >
[2009/03/11 16:02:31 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/03/11 16:02:31 | 001,064,960 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/03/11 16:02:31 | 000,901,120 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/03/12 00:07:50 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/09/09 03:36:35 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Family02\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2009/03/12 00:10:30 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Family02\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2010/03/05 10:29:30 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Family02\Desktop\ATF-Cleaner.exe
[2010/03/03 16:48:04 | 003,550,592 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Family02\Desktop\iexplore.exe
[2013/08/11 18:44:03 | 000,367,332 | ---- | M] (
http://magiclauncher.com) -- C:\Documents and Settings\Family02\Desktop\MagicLauncher_1.1.7.exe
[2013/11/15 23:32:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Family02\Desktop\OTL.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-11-14 16:33:48
< End of report >