OTL logfile created on: 1/10/2010 9:41:57 AM - Run 3
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Users\Dianne\Desktop\virus
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 70.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.46 Gb Total Space | 528.08 Gb Free Space | 76.93% Space Free | Partition Type: NTFS
Drive D: | 12.18 Gb Total Space | 1.66 Gb Free Space | 13.65% Space Free | Partition Type: NTFS
Drive E: | 4.38 Gb Total Space | 4.17 Gb Free Space | 95.18% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DIANNE-PC
Current User Name: Dianne
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2010/01/02 03:33:53 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Dianne\Desktop\virus\OTL.exe
PRC - [2009/12/21 21:43:51 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/12/07 12:11:17 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/11/24 15:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/10/29 06:54:44 | 01,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
PRC - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/03/17 13:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/03 17:21:18 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/11/03 17:21:16 | 00,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/07/03 11:44:58 | 00,972,080 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
PRC - [2008/05/19 12:13:20 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\ASTSRV.EXE
PRC - [2008/03/25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008/03/25 19:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008/03/25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2007/05/29 14:19:06 | 00,198,240 | ---- | M] () -- c:\hp\HPEZBTN\HPBtnSrv.exe
PRC - [2007/04/18 07:01:34 | 00,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2006/12/10 21:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
PRC - [2005/02/02 08:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\hp\KBD\kbd.exe
========== Modules (SafeList) ========== MOD - [2010/01/02 03:33:53 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Dianne\Desktop\virus\OTL.exe
MOD - [2009/12/08 13:12:24 | 00,014,544 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV:
64bit: - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV:
64bit: - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV:
64bit: - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV:
64bit: - [2009/09/24 17:26:26 | 01,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:
64bit: - [2009/09/16 10:23:32 | 00,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:
64bit: - [2009/09/16 09:15:32 | 00,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV:
64bit: - [2009/04/03 11:46:52 | 00,072,192 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysNative\nlsInterface.exe -- (nlsInterface)
SRV:
64bit: - [2008/01/20 18:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/12/08 14:25:28 | 00,110,312 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/03/29 20:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/03/17 13:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/03 17:21:18 | 00,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/09/17 18:28:04 | 00,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008/06/02 14:09:18 | 00,094,208 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008/05/19 12:13:20 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\ASTSRV.EXE -- (ASTSRV)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 19:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/05/29 14:19:06 | 00,198,240 | ---- | M] () [Auto | Running] -- c:\hp\HPEZBTN\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2006/11/02 05:34:14 | 00,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/01 22:35:15 | 00,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/01 22:35:15 | 00,055,846 | ---- | M] () [On_Demand | Running] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2009/11/24 15:50:25 | 00,089,680 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2009/11/24 15:50:05 | 00,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk)
DRV:
64bit: - [2009/11/24 15:49:56 | 00,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2009/11/24 15:49:10 | 00,053,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:
64bit: - [2009/11/24 15:49:00 | 00,027,216 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:
64bit: - [2009/09/16 09:22:40 | 00,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:
64bit: - [2009/09/16 09:22:40 | 00,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:
64bit: - [2009/09/16 09:22:40 | 00,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:
64bit: - [2009/09/16 09:15:38 | 00,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:
64bit: - [2009/07/16 11:32:26 | 00,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP)
DRV:
64bit: - [2009/06/18 16:04:20 | 00,040,464 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:
64bit: - [2009/02/26 18:46:34 | 10,276,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2009/01/07 21:18:07 | 00,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:
64bit: - [2008/12/03 21:20:24 | 01,686,528 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:
64bit: - [2008/11/03 17:10:08 | 00,406,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:
64bit: - [2008/06/09 14:36:56 | 00,459,776 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr28x.sys -- (netr28x)
DRV:
64bit: - [2008/02/14 06:56:14 | 00,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV - [2009/06/18 16:04:20 | 00,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)
DRV - [2006/09/18 13:36:40 | 00,003,066 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 13:35:23 | 00,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2001/11/21 14:26:49 | 00,060,160 | R--- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\TPkd.sys -- (TPkd)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndtIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndtIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndtIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://www.yahoo.com/"FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:8.6.7.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.5
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.4
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.1
FF - prefs.js..extensions.enabledItems: info@djzig.com:1.0.7
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2009/12/25 22:13:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/01/07 03:53:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/12/21 21:43:54 | 00,000,000 | ---D | M]
[2008/12/04 22:17:37 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Extensions
[2010/01/09 23:09:51 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions
[2009/03/18 18:06:36 | 00,000,000 | ---D | M] (Screengrab) -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2008/12/22 14:57:58 | 00,000,000 | ---D | M] (Aquatint Black Gloss) -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2010/01/08 10:04:57 | 00,000,000 | ---D | M] (MR Tech Toolkit) -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
[2009/07/03 05:15:15 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/01/09 11:43:28 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\fsonlinescanner@f-secure.com
[2009/08/14 06:43:55 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions
[2009/08/14 06:43:57 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\chatzilla
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\Console2
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\downthemall
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\emusic
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\fullerscreen
[2009/08/14 06:43:57 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\sage
[2009/08/14 06:43:57 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\toolkit
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\webdeveloper
[2009/08/14 06:43:57 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\mozapps\extensions
[2010/01/09 23:09:51 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
O1 HOSTS File: (356660 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12235 more lines...
O2:
64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:
64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (no name) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:
64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:
64bit: - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8:
64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8:
64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:
64bit: - ..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273}
http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab (F-Secure Online Scanner Launcher)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Value error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/01/09 09:57:08 | 00,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010/01/08 18:08:27 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/07 16:50:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/01/07 03:49:29 | 00,000,000 | ---D | C] -- C:\Program Files\Web Publish
[2010/01/02 09:32:05 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\GooredFix Backups
[2010/01/02 02:00:29 | 00,000,000 | ---D | C] -- C:\Users\Dianne\AppData\Roaming\Malwarebytes
[2010/01/02 02:00:25 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/01/02 02:00:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/02 02:00:21 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/01/02 02:00:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/12/31 03:59:22 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\logs
[2009/12/30 22:30:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/12/30 22:10:45 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\virus
[2009/12/28 01:18:27 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\fonts3
[2009/12/26 16:15:19 | 00,072,192 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlsInterface.exe
[2009/12/26 16:15:18 | 00,057,344 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\ASTSRV.EXE
[2009/12/26 10:16:33 | 00,000,000 | ---D | C] -- C:\Users\Dianne\AppData\Roaming\AMPSoft
[2009/12/26 10:15:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AMP Font Viewer
[2009/12/26 01:35:14 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\fonts2
[2009/12/25 21:31:20 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\fonts
[2009/12/25 14:07:13 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Documents\iclone3
[2009/12/23 21:28:22 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Documents\Ask and Record Toolbar
========== Files - Modified Within 30 Days ========== [2010/01/10 09:41:23 | 06,029,312 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat
[2010/01/10 09:39:43 | 00,025,399 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010/01/10 09:39:17 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/10 05:41:03 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/10 05:41:03 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/09 21:46:23 | 00,789,862 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/01/09 21:46:23 | 00,663,486 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/01/09 21:46:23 | 00,128,906 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/01/09 21:41:07 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/09 21:39:35 | 00,524,288 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TMContainer00000000000000000001.regtrans-ms
[2010/01/09 21:39:35 | 00,065,536 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TM.blf
[2010/01/09 21:39:27 | 03,081,153 | -H-- | M] () -- C:\Users\Dianne\AppData\Local\IconCache.db
[2010/01/09 00:12:47 | 00,000,726 | ---- | M] () -- C:\Users\Dianne\Desktop\rapidsharedownload - Shortcut.lnk
[2010/01/07 19:13:49 | 00,156,672 | ---- | M] (Radioactive) -- C:\Windows\SysWow64\rmc_fixasf.exe
[2010/01/07 19:13:48 | 00,237,568 | ---- | M] () -- C:\Windows\SysWow64\rmc_rtspdl.dll
[2010/01/07 19:13:45 | 00,323,584 | ---- | M] (Stefan Toengi) -- C:\Windows\SysWow64\AUDIOGENIE2.DLL
[2010/01/07 16:50:48 | 00,001,751 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/01/07 03:53:23 | 00,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/01/06 22:04:01 | 00,000,338 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDianne.job
[2010/01/02 02:00:27 | 00,000,810 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/01 05:47:30 | 00,001,548 | ---- | M] () -- C:\Users\Dianne\Desktop\free memory.lnk
[2010/01/01 01:06:17 | 01,248,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/12/31 08:25:13 | 00,462,008 | ---- | M] () -- C:\Users\Dianne\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/30 22:30:34 | 00,001,890 | ---- | M] () -- C:\Users\Dianne\Desktop\HijackThis.lnk
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/12/30 14:55:06 | 00,022,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/12/28 01:21:01 | 00,038,400 | ---- | M] () -- C:\Users\Dianne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/26 23:10:57 | 00,002,631 | ---- | M] () -- C:\Users\Public\Desktop\Jasc Paint Shop Pro 9.lnk
[2009/12/26 13:30:55 | 00,002,317 | ---- | M] () -- C:\Users\Public\Desktop\The Print Shop 23.lnk
[2009/12/26 10:15:35 | 00,000,867 | ---- | M] () -- C:\Users\Dianne\Desktop\AMP Font Viewer.lnk
[2009/12/23 22:18:20 | 00,524,288 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TMContainer00000000000000000002.regtrans-ms
[2009/12/23 22:15:35 | 00,524,288 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{d75b311b-a5e6-11de-a718-fc7711a05749}.TMContainer00000000000000000001.regtrans-ms
[2009/12/23 22:15:35 | 00,065,536 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{d75b311b-a5e6-11de-a718-fc7711a05749}.TM.blf
========== Files Created - No Company Name ========== [2010/01/09 00:12:47 | 00,000,726 | ---- | C] () -- C:\Users\Dianne\Desktop\rapidsharedownload - Shortcut.lnk
[2010/01/07 16:50:48 | 00,001,751 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/01/07 03:53:23 | 00,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/01/02 02:00:27 | 00,000,810 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/01 05:46:30 | 00,001,548 | ---- | C] () -- C:\Users\Dianne\Desktop\free memory.lnk
[2009/12/30 22:30:34 | 00,001,890 | ---- | C] () -- C:\Users\Dianne\Desktop\HijackThis.lnk
[2009/12/27 19:06:39 | 00,373,248 | ---- | C] () -- C:\Windows\EyeCand3.INI
[2009/12/26 10:15:35 | 00,000,867 | ---- | C] () -- C:\Users\Dianne\Desktop\AMP Font Viewer.lnk
[2009/12/23 22:18:20 | 00,524,288 | -HS- | C] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TMContainer00000000000000000002.regtrans-ms
[2009/12/23 22:18:20 | 00,524,288 | -HS- | C] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TMContainer00000000000000000001.regtrans-ms
[2009/12/23 22:18:20 | 00,065,536 | -HS- | C] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TM.blf
[2009/12/23 21:44:34 | 00,001,822 | ---- | C] () -- C:\Users\Public\Desktop\Replay Media Catcher.lnk
[2009/12/23 21:44:34 | 00,001,801 | ---- | C] () -- C:\Users\Public\Desktop\Flash Video Player.lnk
[2009/09/29 09:39:57 | 00,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/09/18 04:26:27 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/18 04:25:29 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/08/13 06:08:18 | 00,237,568 | ---- | C] () -- C:\Windows\SysWow64\rmc_rtspdl.dll
[2009/03/04 15:43:38 | 00,086,016 | ---- | C] () -- C:\Windows\SysWow64\BinCoder.dll
[2009/03/01 09:49:54 | 00,374,196 | ---- | C] () -- C:\Users\Dianne\AppData\Local\dd_vcredistMSI5E55.txt
[2009/03/01 09:46:03 | 00,012,994 | ---- | C] () -- C:\Users\Dianne\AppData\Local\dd_vcredistUI5E55.txt
[2009/02/17 00:51:18 | 00,084,480 | ---- | C] () -- C:\Users\Dianne\AppData\Roaming\RapidShare Plus.exe
[2008/12/22 13:04:25 | 00,786,440 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/12/16 15:44:29 | 00,038,400 | ---- | C] () -- C:\Users\Dianne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/06 08:37:32 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/11/06 08:34:00 | 00,000,416 | ---- | C] () -- C:\Windows\SysWow64\dtu100.dll.manifest
[2008/11/06 08:34:00 | 00,000,416 | ---- | C] () -- C:\Windows\SysWow64\dpl100.dll.manifest
[2008/11/06 08:33:02 | 00,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2008/08/08 00:06:35 | 00,002,566 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/08/07 23:43:58 | 00,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/08/07 23:43:58 | 00,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/01/20 18:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
========== Alternate Data Streams ========== @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:A9662AE0
< End of report >
OTL logfile created on: 1/10/2010 9:41:57 AM - Run 3
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Users\Dianne\Desktop\virus
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 70.00% Memory free
16.00 Gb Paging File | 14.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.46 Gb Total Space | 528.08 Gb Free Space | 76.93% Space Free | Partition Type: NTFS
Drive D: | 12.18 Gb Total Space | 1.66 Gb Free Space | 13.65% Space Free | Partition Type: NTFS
Drive E: | 4.38 Gb Total Space | 4.17 Gb Free Space | 95.18% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DIANNE-PC
Current User Name: Dianne
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ========== PRC - [2010/01/02 03:33:53 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Dianne\Desktop\virus\OTL.exe
PRC - [2009/12/21 21:43:51 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/12/07 12:11:17 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/11/24 15:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/10/29 06:54:44 | 01,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
PRC - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe
PRC - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/03/17 13:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/03 17:21:18 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/11/03 17:21:16 | 00,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/07/03 11:44:58 | 00,972,080 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
PRC - [2008/05/19 12:13:20 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\ASTSRV.EXE
PRC - [2008/03/25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008/03/25 19:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008/03/25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2007/05/29 14:19:06 | 00,198,240 | ---- | M] () -- c:\hp\HPEZBTN\HPBtnSrv.exe
PRC - [2007/04/18 07:01:34 | 00,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2006/12/10 21:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
PRC - [2005/02/02 08:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\hp\KBD\kbd.exe
========== Modules (SafeList) ========== MOD - [2010/01/02 03:33:53 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Dianne\Desktop\virus\OTL.exe
MOD - [2009/12/08 13:12:24 | 00,014,544 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV:
64bit: - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV:
64bit: - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV:
64bit: - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV:
64bit: - [2009/09/24 17:26:26 | 01,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:
64bit: - [2009/09/16 10:23:32 | 00,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:
64bit: - [2009/09/16 09:15:32 | 00,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV:
64bit: - [2009/04/03 11:46:52 | 00,072,192 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysNative\nlsInterface.exe -- (nlsInterface)
SRV:
64bit: - [2008/01/20 18:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/12/08 14:25:28 | 00,110,312 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/03/29 20:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/03/17 13:25:40 | 00,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/03 17:21:18 | 00,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/09/17 18:28:04 | 00,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008/06/02 14:09:18 | 00,094,208 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008/05/19 12:13:20 | 00,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\ASTSRV.EXE -- (ASTSRV)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 19:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/05/29 14:19:06 | 00,198,240 | ---- | M] () [Auto | Running] -- c:\hp\HPEZBTN\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2006/11/02 05:34:14 | 00,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/01 22:35:15 | 00,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/01 22:35:15 | 00,055,846 | ---- | M] () [On_Demand | Running] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2009/11/24 15:50:25 | 00,089,680 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2009/11/24 15:50:05 | 00,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk)
DRV:
64bit: - [2009/11/24 15:49:56 | 00,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2009/11/24 15:49:10 | 00,053,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:
64bit: - [2009/11/24 15:49:00 | 00,027,216 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:
64bit: - [2009/09/16 09:22:40 | 00,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:
64bit: - [2009/09/16 09:22:40 | 00,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:
64bit: - [2009/09/16 09:22:40 | 00,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:
64bit: - [2009/09/16 09:15:38 | 00,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:
64bit: - [2009/07/16 11:32:26 | 00,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP)
DRV:
64bit: - [2009/06/18 16:04:20 | 00,040,464 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:
64bit: - [2009/02/26 18:46:34 | 10,276,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2009/01/07 21:18:07 | 00,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:
64bit: - [2008/12/03 21:20:24 | 01,686,528 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:
64bit: - [2008/11/03 17:10:08 | 00,406,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:
64bit: - [2008/06/09 14:36:56 | 00,459,776 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr28x.sys -- (netr28x)
DRV:
64bit: - [2008/02/14 06:56:14 | 00,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV - [2009/06/18 16:04:20 | 00,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)
DRV - [2006/09/18 13:36:40 | 00,003,066 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 13:35:23 | 00,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2001/11/21 14:26:49 | 00,060,160 | R--- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\TPkd.sys -- (TPkd)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndtIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndtIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndtIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://www.yahoo.com/"FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:8.6.7.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.5
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.4
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.1
FF - prefs.js..extensions.enabledItems: info@djzig.com:1.0.7
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2009/12/25 22:13:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/01/07 03:53:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/12/21 21:43:54 | 00,000,000 | ---D | M]
[2008/12/04 22:17:37 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Extensions
[2010/01/09 23:09:51 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions
[2009/03/18 18:06:36 | 00,000,000 | ---D | M] (Screengrab) -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2008/12/22 14:57:58 | 00,000,000 | ---D | M] (Aquatint Black Gloss) -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2010/01/08 10:04:57 | 00,000,000 | ---D | M] (MR Tech Toolkit) -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
[2009/07/03 05:15:15 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/01/09 11:43:28 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\fsonlinescanner@f-secure.com
[2009/08/14 06:43:55 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions
[2009/08/14 06:43:57 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\chatzilla
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\Console2
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\downthemall
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\emusic
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\fullerscreen
[2009/08/14 06:43:57 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\sage
[2009/08/14 06:43:57 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\toolkit
[2009/08/14 06:43:56 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\global\extensions\webdeveloper
[2009/08/14 06:43:57 | 00,000,000 | ---D | M] -- C:\Users\Dianne\AppData\Roaming\Mozilla\Firefox\Profiles\z9llk360.default\extensions\info@djzig.com\chrome\mozapps\extensions
[2010/01/09 23:09:51 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
O1 HOSTS File: (356660 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12235 more lines...
O2:
64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:
64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (no name) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:
64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files (x86)\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:
64bit: - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8:
64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8:
64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:
64bit: - ..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273}
http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab (F-Secure Online Scanner Launcher)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:
64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Value error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/01/09 09:57:08 | 00,000,000 | ---D | C] -- C:\ProgramData\F-Secure
[2010/01/08 18:08:27 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/01/07 16:50:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010/01/07 03:49:29 | 00,000,000 | ---D | C] -- C:\Program Files\Web Publish
[2010/01/02 09:32:05 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\GooredFix Backups
[2010/01/02 02:00:29 | 00,000,000 | ---D | C] -- C:\Users\Dianne\AppData\Roaming\Malwarebytes
[2010/01/02 02:00:25 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/01/02 02:00:23 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/02 02:00:21 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/01/02 02:00:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/12/31 03:59:22 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\logs
[2009/12/30 22:30:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/12/30 22:10:45 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\virus
[2009/12/28 01:18:27 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\fonts3
[2009/12/26 16:15:19 | 00,072,192 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlsInterface.exe
[2009/12/26 16:15:18 | 00,057,344 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\ASTSRV.EXE
[2009/12/26 10:16:33 | 00,000,000 | ---D | C] -- C:\Users\Dianne\AppData\Roaming\AMPSoft
[2009/12/26 10:15:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AMP Font Viewer
[2009/12/26 01:35:14 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\fonts2
[2009/12/25 21:31:20 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Desktop\fonts
[2009/12/25 14:07:13 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Documents\iclone3
[2009/12/23 21:28:22 | 00,000,000 | ---D | C] -- C:\Users\Dianne\Documents\Ask and Record Toolbar
========== Files - Modified Within 30 Days ========== [2010/01/10 09:41:23 | 06,029,312 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat
[2010/01/10 09:39:43 | 00,025,399 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010/01/10 09:39:17 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/10 05:41:03 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/10 05:41:03 | 00,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/09 21:46:23 | 00,789,862 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/01/09 21:46:23 | 00,663,486 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/01/09 21:46:23 | 00,128,906 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/01/09 21:41:07 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/09 21:39:35 | 00,524,288 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TMContainer00000000000000000001.regtrans-ms
[2010/01/09 21:39:35 | 00,065,536 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TM.blf
[2010/01/09 21:39:27 | 03,081,153 | -H-- | M] () -- C:\Users\Dianne\AppData\Local\IconCache.db
[2010/01/09 00:12:47 | 00,000,726 | ---- | M] () -- C:\Users\Dianne\Desktop\rapidsharedownload - Shortcut.lnk
[2010/01/07 19:13:49 | 00,156,672 | ---- | M] (Radioactive) -- C:\Windows\SysWow64\rmc_fixasf.exe
[2010/01/07 19:13:48 | 00,237,568 | ---- | M] () -- C:\Windows\SysWow64\rmc_rtspdl.dll
[2010/01/07 19:13:45 | 00,323,584 | ---- | M] (Stefan Toengi) -- C:\Windows\SysWow64\AUDIOGENIE2.DLL
[2010/01/07 16:50:48 | 00,001,751 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/01/07 03:53:23 | 00,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/01/06 22:04:01 | 00,000,338 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDianne.job
[2010/01/02 02:00:27 | 00,000,810 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/01 05:47:30 | 00,001,548 | ---- | M] () -- C:\Users\Dianne\Desktop\free memory.lnk
[2010/01/01 01:06:17 | 01,248,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/12/31 08:25:13 | 00,462,008 | ---- | M] () -- C:\Users\Dianne\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/30 22:30:34 | 00,001,890 | ---- | M] () -- C:\Users\Dianne\Desktop\HijackThis.lnk
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/12/30 14:55:06 | 00,022,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/12/28 01:21:01 | 00,038,400 | ---- | M] () -- C:\Users\Dianne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/26 23:10:57 | 00,002,631 | ---- | M] () -- C:\Users\Public\Desktop\Jasc Paint Shop Pro 9.lnk
[2009/12/26 13:30:55 | 00,002,317 | ---- | M] () -- C:\Users\Public\Desktop\The Print Shop 23.lnk
[2009/12/26 10:15:35 | 00,000,867 | ---- | M] () -- C:\Users\Dianne\Desktop\AMP Font Viewer.lnk
[2009/12/23 22:18:20 | 00,524,288 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TMContainer00000000000000000002.regtrans-ms
[2009/12/23 22:15:35 | 00,524,288 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{d75b311b-a5e6-11de-a718-fc7711a05749}.TMContainer00000000000000000001.regtrans-ms
[2009/12/23 22:15:35 | 00,065,536 | -HS- | M] () -- C:\Users\Dianne\ntuser.dat{d75b311b-a5e6-11de-a718-fc7711a05749}.TM.blf
========== Files Created - No Company Name ========== [2010/01/09 00:12:47 | 00,000,726 | ---- | C] () -- C:\Users\Dianne\Desktop\rapidsharedownload - Shortcut.lnk
[2010/01/07 16:50:48 | 00,001,751 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/01/07 03:53:23 | 00,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/01/02 02:00:27 | 00,000,810 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/01 05:46:30 | 00,001,548 | ---- | C] () -- C:\Users\Dianne\Desktop\free memory.lnk
[2009/12/30 22:30:34 | 00,001,890 | ---- | C] () -- C:\Users\Dianne\Desktop\HijackThis.lnk
[2009/12/27 19:06:39 | 00,373,248 | ---- | C] () -- C:\Windows\EyeCand3.INI
[2009/12/26 10:15:35 | 00,000,867 | ---- | C] () -- C:\Users\Dianne\Desktop\AMP Font Viewer.lnk
[2009/12/23 22:18:20 | 00,524,288 | -HS- | C] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TMContainer00000000000000000002.regtrans-ms
[2009/12/23 22:18:20 | 00,524,288 | -HS- | C] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TMContainer00000000000000000001.regtrans-ms
[2009/12/23 22:18:20 | 00,065,536 | -HS- | C] () -- C:\Users\Dianne\ntuser.dat{5d165855-f051-11de-abeb-d492714b380f}.TM.blf
[2009/12/23 21:44:34 | 00,001,822 | ---- | C] () -- C:\Users\Public\Desktop\Replay Media Catcher.lnk
[2009/12/23 21:44:34 | 00,001,801 | ---- | C] () -- C:\Users\Public\Desktop\Flash Video Player.lnk
[2009/09/29 09:39:57 | 00,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/09/18 04:26:27 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/18 04:25:29 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/08/13 06:08:18 | 00,237,568 | ---- | C] () -- C:\Windows\SysWow64\rmc_rtspdl.dll
[2009/03/04 15:43:38 | 00,086,016 | ---- | C] () -- C:\Windows\SysWow64\BinCoder.dll
[2009/03/01 09:49:54 | 00,374,196 | ---- | C] () -- C:\Users\Dianne\AppData\Local\dd_vcredistMSI5E55.txt
[2009/03/01 09:46:03 | 00,012,994 | ---- | C] () -- C:\Users\Dianne\AppData\Local\dd_vcredistUI5E55.txt
[2009/02/17 00:51:18 | 00,084,480 | ---- | C] () -- C:\Users\Dianne\AppData\Roaming\RapidShare Plus.exe
[2008/12/22 13:04:25 | 00,786,440 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008/12/16 15:44:29 | 00,038,400 | ---- | C] () -- C:\Users\Dianne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/06 08:37:32 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/11/06 08:34:00 | 00,000,416 | ---- | C] () -- C:\Windows\SysWow64\dtu100.dll.manifest
[2008/11/06 08:34:00 | 00,000,416 | ---- | C] () -- C:\Windows\SysWow64\dpl100.dll.manifest
[2008/11/06 08:33:02 | 00,012,288 | ---- | C] () -- C:\Windows\SysWow64\DivXWMPExtType.dll
[2008/08/08 00:06:35 | 00,002,566 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/08/07 23:43:58 | 00,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/08/07 23:43:58 | 00,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/01/20 18:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
========== Alternate Data Streams ========== @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:A9662AE0
< End of report >