Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desktop Freezes at Welcome Page


  • Please log in to reply
9 replies to this topic

#1 eiger

eiger

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester, England
  • Local time:09:20 PM

Posted 16 March 2011 - 04:14 PM

I am running
Dell Inc.

OptiPlex 210L
Service Tag 2YWFF2J
Express Service Code 6463881739
Processor Intel® Celeron® CPU 2.80GHz
Processor Speed 2.73 GHz
Memory (RAM) 2048 MB
Operating System Microsoft Windows XP Professional
Operating System Version 5.1.2600

When I turn on the computer it generally freezes at the Welcome Page, I then pull out the power cable for 10 seconds and plug it back in, it can take a few attempts before it comes on properly . Recently when I turned it on and a blue windows screen came up saying that WINDOWS was checking the hard drives (1 x 40gig and 1 x 500gig) for? (can't remember). When finally turned on a box appears saying that Adaware has unexpectedly been closed.
I generally use Google Chrome but if I use Internet Explorer it re-directs me to what appears to be a Polish website.
Can you help?

Eiger

BC AdBot (Login to Remove)

 


#2 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:05:20 PM

Posted 26 March 2011 - 02:34 AM

Hello and :welcome: to BleepingComputer.

Let's see what we're dealing with here.

Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4
  • Before we begin, you should disable any anti-malware software you have installed so it does not interfere with RKill running. This is because some anti-malware software mistakenly detects RKill as malicious. Please refer to this page if you are not sure how to disable your security software.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply
***************************************************

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link

IMPORTANT!!! - when you save the file, rename it to something random, such as bubbles.exe This must be done before beginning the download!

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from http://data.mbamupdates.com/tools/mbam-rules.exe'>here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

~Blade


In your next reply, please include the following:
Malwarebytes Log

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#3 eiger

eiger
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester, England
  • Local time:09:20 PM

Posted 26 March 2011 - 07:35 AM

Hello and thanks Blade Zephon,

RKill worked.

MBAM, couldn't (or didn't know how to) rename the file.

here is the log.

Thanks,
eiger


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6173

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

26/03/2011 12:27:23
mbam-log-2011-03-26 (12-27-23).txt

Scan type: Quick scan
Objects scanned: 172015
Time elapsed: 19 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:05:20 PM

Posted 26 March 2011 - 07:12 PM

Hello.

Let's cross check those results with another scan.

Download TFC by OldTimer to your desktop.
(TFC only cleans temp folders. It will not clean URL history, prefetch, or cookies).
Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job.
Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean

NOTE:
It's normal after running TFC that the PC will be slower to boot the first time.

TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.


***************************************************

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (uncheck all others):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen and exit the program.
  • Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode". When logging in, log in under the account that you normally use; do NOT log in under the account titled "Admin" or "Administrator" unless this account is the one used normally.

Scan with SUPERAntiSpyware as follows:
  • Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

~Blade


In your next reply, please include the following:
SUPERAntiSpyware Log
How is the computer running now?

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#5 eiger

eiger
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester, England
  • Local time:09:20 PM

Posted 27 March 2011 - 01:37 PM

Hello Blade,
The TFC seems to have speeded up the start up quite a bit. I have turned the computer on and off six times and it has not hung at the WELCOME screen. Word documents are still slow to open and even slower to close (Office 2003 & windows XP).
On start up a box appears with the following (been there for a long time):

RUNDLL
Error loading C:\WINDOWS\osilexexe.dll.
The specified folder could not be found.

Here is the SuperAntispyware log



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/27/2011 at 05:45 PM

Application Version : 4.50.1002

Core Rules Database Version : 6683
Trace Rules Database Version: 4495

Scan type : Complete Scan
Total Scan Time : 05:04:28

Memory items scanned : 287
Memory threats detected : 0
Registry items scanned : 8403
Registry threats detected : 8
File items scanned : 93652
File threats detected : 264

Trojan.Agent/Gen-Backdoor
HKLM\System\ControlSet001\Services\Serial
C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
HKLM\System\ControlSet001\Enum\Root\LEGACY_Serial
HKLM\System\ControlSet002\Services\Serial
HKLM\System\ControlSet002\Enum\Root\LEGACY_Serial
HKLM\System\ControlSet003\Services\Serial
HKLM\System\ControlSet003\Enum\Root\LEGACY_Serial
HKLM\System\CurrentControlSet\Services\Serial
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_Serial

Adware.Tracking Cookie
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@content.yieldmanager[3].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@ads.footymad[2].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@ads.lzjl[2].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@accountservices.betfair[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@invitemedia[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@myroitracking[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@adserver.adtechus[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@clicksor[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@ads.telegraph.co[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@media6degrees[2].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@www.burstnet[2].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@solution.weborama[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@ads.adk2[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@www.googleadservices[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@content.yieldmanager[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@yadro[2].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@atdmt[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@ad.yieldmanager[1].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@adply.plymedia[2].txt
C:\Documents and Settings\Hassan PC\Cookies\hassan_pc@statcounter[1].txt
.atdmt.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.surveymonkey.122.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
counters.gigya.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adserver.adtechus.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.trinitymirror.112.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ehg-mgnlimited.hitbox.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ru4.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
user.lucidmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.xiti.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.imrworldwide.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.bs.serving-sys.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.content.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
fr.sitestat.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
fr.sitestat.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.dmtracker.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ar.atwola.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yieldmanager.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
track.tmpservice.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad1.emediate.dk [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionpro.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.www.burstnet.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.247realmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.solution.weborama.fr [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.apmebf.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.hit.stat.pl [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
flagcounter.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
tracking.dc-storm.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad1.emediate.dk [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.premiumtv.122.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.microsoftsto.112.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.uk.doubleclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.uk.doubleclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adxpose.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ehg-twi.hitbox.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mm.chitika.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.riverisland.122.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.audience2media.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.audience2media.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.audience2media.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ads.audience2media.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findamasters.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findamasters.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
in.getclicky.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
uk.sitestat.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
uk.sitestat.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.findamasters.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.findamasters.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.findamasters.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kantarmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.kantarmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.sublimemedia.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.yadro.ru [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.e-2dj6aek4ajc5oho.stats.esomniture.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.paypal.112.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.stats.paypal.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.e-2dj6wjmyejdpkfo.stats.esomniture.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.e-2dj6wbk4qidjiko.stats.esomniture.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.legolas-media.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
tracking.dc-storm.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.casalemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.men.122.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
tracking.dc-storm.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
tracking.dc-storm.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.smartadserver.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
www.googleadservices.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
statse.webtrendslive.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ehg-twi.hitbox.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.doubleclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.adsvelocity.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.adsvelocity.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.adsvelocity.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
media.adsvelocity.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.myroitracking.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adviva.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clicksor.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clicksor.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.clicksor.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.interclick.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.questionmarket.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tacoda.at.atwola.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.at.atwola.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediabrandsww.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tradedoubler.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.fastclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adbrite.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adtech.de [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.uk.at.atwola.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.technoratimedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.atdmt.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.2o7.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
webstats.wthosting.co.uk [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
webstats.wthosting.co.uk [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.uk.at.atwola.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.uk.at.atwola.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
tracker.roitesting.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.tribalfusion.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.xm.xtendmedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.hitbox.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ehg-twi.hitbox.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.ehg-twi.hitbox.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.hitbox.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.serving-sys.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.pro-market.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
accountservices.betfair.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.specificclick.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.mediaplex.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.adviva.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.advertising.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.revsci.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.media6degrees.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.statcounter.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.collective-media.net [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
.invitemedia.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]
ad.yieldmanager.com [ C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies ]

Thanks a lot
eiger

#6 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:05:20 PM

Posted 29 March 2011 - 02:59 AM

Hello.

We can deal with that startup entry. . . but I'll need to use a more powerful tool. I'm shifting this topic to the specialized Malware Logs forum so that we can do that.

  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Check the boxes beside LOP Check and Purity Check.
  • Push the Posted Image button.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and paste them into the body of your next reply.

~Blade


In your next reply, please include the following:
OTL.txt
Extras.txt

Edited by Blade Zephon, 29 March 2011 - 02:59 AM.

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#7 eiger

eiger
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester, England
  • Local time:09:20 PM

Posted 29 March 2011 - 04:59 AM

Hello Blade,

Below are the two files.
I watched the scan and it seemed to only check the C drive but I have another drive (500gb) which I added a long time ago (nearly 2 years) as the C drive was only 40gb.


OTL logfile created on: 29/03/2011 10:48:26 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Hassan PC\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 16.07 Gb Free Space | 43.18% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 431.63 Gb Free Space | 92.67% Space Free | Partition Type: NTFS

Computer Name: GORDON | User Name: Hassan PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Processes (SafeList) ==========

PRC - [2011/03/29 10:04:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hassan PC\My Documents\Downloads\OTL (2).exe
PRC - [2011/03/27 08:50:42 | 001,010,232 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011/03/25 09:03:18 | 001,405,384 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/03/25 09:03:18 | 000,939,848 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/03/11 10:44:02 | 000,425,176 | ---- | M] (Auslogics) -- E:\Program Files\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe
PRC - [2011/02/16 16:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/11/13 17:20:14 | 000,329,096 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/10/23 10:57:41 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/10/03 23:43:16 | 001,266,920 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2010/10/03 23:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/01 21:23:58 | 000,146,360 | ---- | M] (Panasonic Corporation) -- E:\Program Files\AutoStartupService.exe
PRC - [2009/07/26 18:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/02/10 08:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/26 17:33:00 | 000,135,168 | ---- | M] (Vimicro Corporation) -- C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
PRC - [2007/06/15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe
PRC - [2007/05/17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2007/04/10 22:46:52 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2007/03/21 19:50:10 | 000,163,840 | ---- | M] (Syntek Ltd.) -- C:\WINDOWS\STK02N\STK02NM.exe
PRC - [2007/03/14 20:49:02 | 000,125,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2007/03/14 20:48:50 | 001,816,768 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2007/03/14 20:48:40 | 000,031,424 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2007/01/10 17:27:38 | 001,160,792 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2006/11/21 18:38:40 | 000,169,576 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2006/11/21 18:38:32 | 000,192,104 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2006/11/21 18:38:28 | 000,052,840 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2006/06/29 04:52:38 | 000,049,152 | ---- | M] () -- c:\dell\E-Center\GTB2.exe
PRC - [2006/03/30 10:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2006/03/23 01:13:46 | 001,591,808 | ---- | M] (YourWare Solutions ™) -- C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
PRC - [2005/05/17 19:00:58 | 000,278,528 | ---- | M] (Dell) -- C:\Program Files\DELL\Dell Laser MFP 1600n\NetworkScan\DNSCST.exe
PRC - [2004/11/26 12:43:34 | 000,090,112 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\Autodetector\Monitor.exe
PRC - [2004/10/27 15:44:06 | 000,057,344 | ---- | M] () -- C:\Program Files\DELL\Dell Laser MFP 1600n\PSU\ScanToPc.exe


========== Modules (SafeList) ==========

MOD - [2011/03/29 10:04:47 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hassan PC\My Documents\Downloads\OTL (2).exe
MOD - [2011/03/09 17:54:14 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/10/03 23:43:42 | 000,431,336 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll
MOD - [2008/05/13 18:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MOD - [2008/04/14 01:12:51 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2007/03/26 19:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/03/25 09:03:18 | 001,405,384 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/02/16 16:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/03 23:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/02/10 08:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/06/15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007/05/17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2007/03/14 20:48:56 | 000,116,416 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2007/03/14 20:48:50 | 001,816,768 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2007/03/14 20:48:40 | 000,031,424 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2007/02/12 18:23:10 | 000,214,672 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2007/01/10 17:27:38 | 001,160,792 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2006/11/21 18:38:40 | 000,169,576 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2006/11/21 18:38:32 | 000,192,104 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2006/09/02 17:36:33 | 002,528,960 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE -- (LiveUpdate)
SRV - [2006/03/30 10:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)


========== Driver Services (SafeList) ==========

DRV - [2011/03/25 09:03:19 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/03/25 09:03:18 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/02/28 20:28:17 | 000,055,224 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\23945\RapportCerberus_23945.sys -- (RapportCerberus_23945)
DRV - [2010/12/22 10:40:08 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010/12/17 10:00:00 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110325.002\navex15.sys -- (NAVEX15)
DRV - [2010/12/17 10:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110325.002\naveng.sys -- (NAVENG)
DRV - [2010/10/03 23:43:44 | 000,169,320 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2010/10/03 23:43:44 | 000,059,240 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2010/08/19 08:31:54 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/28 09:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/26 01:09:35 | 000,390,528 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\RapportBuka.sys -- (RapportBuka)
DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/02 12:20:54 | 000,122,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EuDisk.sys -- (EuDisk)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/23 16:54:45 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2009/07/23 16:54:45 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2009/03/11 14:13:10 | 000,252,032 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC)
DRV - [2008/11/27 13:33:56 | 000,110,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/07/01 11:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC)
DRV - [2007/12/10 14:22:22 | 000,110,120 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017unic.sys -- (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM)
DRV - [2007/12/10 14:22:22 | 000,100,648 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017obex.sys -- (s3017obex)
DRV - [2007/12/10 14:22:20 | 000,104,616 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mgmt.sys -- (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM)
DRV - [2007/12/10 14:22:20 | 000,025,512 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017nd5.sys -- (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS)
DRV - [2007/12/10 14:22:18 | 000,110,632 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mdm.sys -- (s3017mdm)
DRV - [2007/12/10 14:22:18 | 000,015,016 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mdfl.sys -- (s3017mdfl)
DRV - [2007/12/10 14:22:14 | 000,083,880 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017bus.sys -- (s3017bus) Sony Ericsson Device 3017 driver (WDM)
DRV - [2007/04/10 22:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2007/02/12 18:22:40 | 000,196,752 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/02/12 18:22:36 | 000,024,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/01/10 17:27:26 | 000,390,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/09/06 15:41:20 | 000,337,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2006/09/06 15:41:20 | 000,054,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2006/03/01 09:22:23 | 000,010,373 | R--- | M] (Motic China Gruop Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MC1001200130012001B\cmiusb.sys -- (CMIUSB)
DRV - [2006/02/20 19:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2005/08/16 23:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2004/06/26 14:22:00 | 000,004,736 | ---- | M] (RDV Soft) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vncdrv.sys -- (vncdrv)
DRV - [2003/11/17 14:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk-rel&channel=uk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk-rel&channel=uk


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk-rel&channel=uk
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk-rel&channel=uk
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk-rel&channel=uk
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.co.uk/ig/dell?hl=en&client=dell-usuk-rel&channel=uk
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522



IE - HKU\S-1-5-21-1123044038-334074209-50764575-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk-rel&channel=uk
IE - HKU\S-1-5-21-1123044038-334074209-50764575-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
IE - HKU\S-1-5-21-1123044038-334074209-50764575-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-1123044038-334074209-50764575-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1123044038-334074209-50764575-1008\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1123044038-334074209-50764575-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1123044038-334074209-50764575-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

FF - HKLM\software\mozilla\Firefox\extensions\\{D6A29695-8657-4111-BF4D-4709C6311982}: C:\Documents and Settings\Hassan PC\Local Settings\Application Data\{D6A29695-8657-4111-BF4D-4709C6311982} [2010/10/22 19:13:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/03/21 19:45:43 | 000,000,000 | ---D | M]

[2009/03/27 11:41:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hassan PC\Application Data\Mozilla\Extensions
[2009/03/27 11:41:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hassan PC\Application Data\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-1123044038-334074209-50764575-1008\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKU\S-1-5-21-1123044038-334074209-50764575-1008\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DellNSCST] C:\Program Files\Dell\Dell Laser MFP 1600n\NetworkScan\DNSCST.exe (Dell)
O4 - HKLM..\Run: [ECenter] c:\dell\E-Center\gtb.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nyorani] File not found
O4 - HKLM..\Run: [P3000x_S2P] C:\Program Files\DELL\Dell Laser MFP 1600n\PSU\ScanToPc.exe ()
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\Autodetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\.DEFAULT..\Run: [gveqjvae] File not found
O4 - HKU\.DEFAULT..\Run: [nwtpxnur] File not found
O4 - HKU\S-1-5-18..\Run: [gveqjvae] File not found
O4 - HKU\S-1-5-18..\Run: [nwtpxnur] File not found
O4 - HKU\S-1-5-21-1123044038-334074209-50764575-1008..\Run: [FreeRAM XP] C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe (YourWare Solutions ™)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 4.0 HD Edition.lnk = E:\Program Files\AutoStartupService.exe (Panasonic Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\STK02N 2.0 PNP Monitor.lnk = C:\WINDOWS\STK02N\STK02NM.exe (Syntek Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123044038-334074209-50764575-1008\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1123044038-334074209-50764575-1008\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-1123044038-334074209-50764575-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123044038-334074209-50764575-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: &Translate English Word - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Translate Page into English - C:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1123044038-334074209-50764575-1008\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228405079531 (MUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0a5494ed-bc7f-11dd-9ef4-0016769747f7}\Shell\AutoRun\command - "" = WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 360 Days ==========

[2011/03/27 19:50:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Auslogics
[2011/03/27 12:24:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\SUPERAntiSpyware.com
[2011/03/27 12:18:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/03/26 13:43:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{8790345A-AF70-4319-B9E7-AAA25C6DCD42}
[2011/03/26 13:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/03/26 13:43:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/03/26 13:05:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/26 13:05:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/26 13:05:32 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/26 13:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/21 19:40:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011/03/21 19:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2011/03/21 13:59:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Start Menu\Programs\SportPlayer 5
[2011/03/11 01:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Firefly Studios
[2011/03/01 11:19:50 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/03/01 11:19:50 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/03/01 11:19:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/03/01 11:19:50 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/02/28 14:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\My Documents\Renewal successful_files
[2011/02/20 15:22:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2011/02/12 13:50:12 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/01/18 21:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Xoeng
[2011/01/18 21:27:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Xivy
[2011/01/16 15:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Tiovn
[2011/01/16 15:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Raaxt
[2010/12/22 10:40:09 | 000,027,632 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\seehcri.sys
[2010/12/20 15:19:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\P5
[2010/12/20 15:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Betfair Poker
[2010/12/20 15:18:58 | 000,000,000 | ---D | C] -- C:\Betfair
[2010/12/12 17:06:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\vShare
[2010/12/12 17:06:42 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[2010/12/07 15:37:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/12/07 15:36:26 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010/12/06 14:38:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2010/12/06 14:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/11/15 15:25:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\WinPatrol
[2010/11/15 15:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
[2010/11/15 15:25:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2010/11/15 15:25:02 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2010/11/14 22:58:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Ulead Systems
[2010/11/14 22:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ulead Systems
[2010/11/14 22:42:21 | 000,101,520 | ---- | C] (Syntek Ltd.) -- C:\WINDOWS\System32\drivers\STK02NW2.sys
[2010/11/14 22:42:21 | 000,033,728 | ---- | C] (Syntek Ltd.) -- C:\WINDOWS\System32\drivers\STK02NW1.sys
[2010/11/14 22:42:20 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\STK02NP.ax
[2010/11/14 22:42:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\STK02N
[2010/11/14 22:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ulead Photo Explorer 8.6
[2010/11/14 22:41:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windows media
[2010/11/14 22:40:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Media
[2010/11/14 22:40:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2010/11/14 22:39:34 | 000,024,576 | ---- | C] (Ulead Systems, Inc.) -- C:\WINDOWS\System32\UleadPhotoExplorer85_Res.dll
[2010/11/14 22:39:34 | 000,024,576 | ---- | C] (Ulead Systems, Inc.) -- C:\WINDOWS\System32\Ulead Photo Explorer 86.scr
[2010/11/14 22:39:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ulead Systems
[2010/11/14 22:37:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2010/10/29 20:54:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Start Menu\Programs\MicroCapture
[2010/10/29 20:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\MicroCapture
[2010/10/29 20:54:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\microcapture
[2010/10/29 20:52:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Digital microscope
[2010/10/29 20:52:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\VMUVC
[2010/10/29 20:51:35 | 000,252,032 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\drivers\VMUVC.sys
[2010/10/29 20:51:35 | 000,073,728 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\exvmuvc.ax
[2010/10/29 20:51:34 | 000,188,416 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\vvftUVC.ax
[2010/10/29 20:51:32 | 000,516,096 | ---- | C] (vimicro) -- C:\WINDOWS\System32\VMUVC.ax
[2010/10/29 20:51:32 | 000,398,720 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\drivers\vvftUVC.sys
[2010/10/29 20:51:32 | 000,098,304 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\VMCtrl.ax
[2010/10/29 20:51:32 | 000,094,208 | ---- | C] (Vimicro Cooperation) -- C:\WINDOWS\System32\VvFtCtrl.dll
[2010/10/29 20:51:32 | 000,011,776 | ---- | C] (Vimicro Corporation) -- C:\WINDOWS\System32\VMUVC.dll
[2010/10/29 20:51:17 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DIFxAPI.dll
[2010/10/29 20:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\Vimicro Corporation
[2010/10/29 20:49:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\InstallShield
[2010/10/29 09:57:09 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2010/10/29 09:57:09 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010/10/25 14:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Registry Mechanic
[2010/10/22 19:13:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\{D6A29695-8657-4111-BF4D-4709C6311982}
[2010/10/07 13:23:02 | 000,107,808 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe
[2010/10/07 13:23:02 | 000,091,424 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll
[2010/10/06 13:09:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2010/10/03 23:43:44 | 000,059,240 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2010/10/02 20:17:46 | 000,339,968 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\RapportBuka.dll
[2010/09/09 15:09:52 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/09/08 12:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010/09/08 12:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010/09/06 11:40:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Auslogics
[2010/09/06 11:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\CBS Interactive
[2010/09/05 22:43:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/09/05 20:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\My Documents\Reflect
[2010/09/05 20:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2010/09/05 20:16:44 | 000,020,616 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\WINDOWS\System32\drivers\eufs.sys
[2010/09/05 20:16:29 | 000,014,216 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\WINDOWS\System32\drivers\eudskacs.sys
[2010/09/05 20:16:28 | 000,026,248 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\WINDOWS\System32\drivers\eubakup.sys
[2010/09/05 20:16:27 | 000,122,504 | ---- | C] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\WINDOWS\System32\drivers\EuDisk.sys
[2010/09/05 20:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\EASEUS
[2010/09/05 16:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/03 22:03:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Sunbelt Software
[2010/09/03 22:02:27 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\~0
[2010/08/31 15:34:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Fuly
[2010/08/31 15:34:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Faxyun
[2010/08/31 15:34:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Asysg
[2010/08/31 15:34:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Aqisq
[2010/08/31 15:08:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\ytlwymmuo
[2010/08/31 14:51:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/08/31 14:50:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/08/30 01:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/08/30 01:20:46 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/08/29 14:09:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/08/15 23:48:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/08/15 23:48:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010/08/15 20:41:57 | 000,132,096 | ---- | C] (Electronic Arts) -- C:\WINDOWS\System32\eaexec.exe
[2010/08/15 20:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bullfrog
[2010/08/11 13:54:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Temp
[2010/08/07 04:05:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Guadyd
[2010/07/17 07:27:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Ikof
[2010/07/14 19:37:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Connect
[2010/07/12 21:05:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2010/07/12 21:05:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
[2010/07/07 20:08:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/07/07 20:08:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/07/07 20:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/07/01 13:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/06/30 23:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\ISL
[2010/06/30 22:52:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SILKYPIX Developer Studio 3.0 SE
[2010/06/30 22:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\ISL
[2010/06/30 22:51:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010/06/30 22:48:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Software Suite
[2010/06/30 22:48:37 | 000,018,688 | ---- | C] (Arcsoft, Inc.) -- C:\WINDOWS\System32\drivers\afc.sys
[2010/06/30 22:46:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2010/06/30 22:46:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Panasonic
[2010/06/30 22:45:29 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICSDK2.dll
[2010/06/30 22:45:29 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EpPicPrt.dll
[2010/06/30 22:45:29 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICEntry.dll
[2010/06/30 22:45:29 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICSDK.dll
[2010/06/30 22:45:28 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EPPicMgr.dll
[2010/06/30 22:41:37 | 000,033,408 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys
[2010/06/30 22:41:36 | 000,145,504 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
[2010/06/30 22:41:36 | 000,059,488 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\System32\GenSvcInst.exe
[2010/06/30 22:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010/06/30 22:36:56 | 000,000,000 | ---D | C] -- C:\Program Files\Panasonic
[2010/06/30 22:36:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Panasonic
[2010/06/09 22:19:43 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010/06/09 09:34:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2010/06/08 22:08:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/06/08 22:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2010/06/08 22:05:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Canon
[2010/06/08 22:03:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2010/06/08 22:03:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Canon Easy-PhotoPrint EX
[2010/06/08 21:32:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2010/06/08 21:32:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010/06/08 21:19:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MP990 series User Registration
[2010/06/08 21:18:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\ArcSoft
[2010/06/08 21:18:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\ArcSoft
[2010/06/08 21:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2010/06/08 21:18:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft PhotoStudio 6
[2010/06/08 21:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2010/06/08 21:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2010/06/08 21:16:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CD-LabelPrint
[2010/06/08 21:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MP990 series Manual
[2010/06/08 21:10:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MP990 series
[2010/06/08 21:10:30 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010/06/08 21:10:12 | 000,353,792 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPPM.DLL
[2010/06/08 21:10:12 | 000,137,216 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPUI.DLL
[2010/06/08 21:10:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING
[2010/06/08 21:10:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CHM
[2010/06/08 20:57:53 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2010/06/08 20:57:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/06/08 20:57:21 | 000,178,176 | R--- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMIUA3.DLL
[2010/06/08 20:57:12 | 000,272,384 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMA3.DLL
[2010/06/08 20:54:17 | 000,090,112 | R--- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNC990O.dll
[2010/06/08 20:54:10 | 001,310,720 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC990C.dll
[2010/06/08 20:54:10 | 000,303,104 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC990L.dll
[2010/06/08 20:54:10 | 000,110,592 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC990I.dll
[2010/06/08 20:54:10 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC990U.dll
[2010/06/08 20:54:09 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2010/05/31 23:36:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Stellarium
[2010/05/19 17:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/05/18 15:59:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Zyysg
[2010/05/17 01:47:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Biifo
[2010/05/13 00:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\FullTiltPoker
[2010/05/13 00:45:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Full Tilt Poker
[2010/05/13 00:45:02 | 000,000,000 | ---D | C] -- C:\Program Files\Full Tilt Poker
[2010/05/10 21:25:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\My Documents\Pamela Call Recordings
[2010/05/09 21:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Elluminate
[2010/04/30 12:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Ibbau
[2010/04/29 22:47:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/04/29 22:46:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/04/27 14:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\Windows Live Writer
[2010/04/27 14:48:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Windows Live Writer
[2010/04/27 00:25:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/04/27 00:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/26 19:31:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/04/26 03:21:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Atputo
[2010/04/23 00:59:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010/04/23 00:59:03 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010/04/23 00:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/04/23 00:57:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/23 00:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/04/17 00:04:40 | 000,306,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
[2010/04/16 11:58:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2010/04/16 11:56:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iS3
[2010/04/16 11:56:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2010/04/16 06:02:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hassan PC\Application Data\Malwarebytes
[2010/04/16 05:59:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

========== Files - Modified Within 360 Days ==========

[2011/03/29 10:34:17 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/03/29 10:04:47 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/29 09:55:37 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/03/29 09:49:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/29 09:45:03 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cac691bf3c2c4.job
[2011/03/29 09:45:03 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\Auslogics Disk Defrag Disk Defrag Start On Hassan PC Logon.job
[2011/03/29 09:44:41 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/27 19:50:57 | 000,000,745 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Desktop\Auslogics Disk Defrag.lnk
[2011/03/27 12:18:30 | 000,001,678 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/03/26 13:43:47 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/03/26 13:43:47 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/03/26 13:05:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 09:03:19 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/03/24 10:17:16 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/03/21 13:59:26 | 000,000,602 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Desktop\SportPlayer 5 Simulcast Edition.lnk
[2011/03/19 22:58:27 | 000,000,071 | ---- | M] () -- C:\WINDOWS\Pex.INI
[2011/03/06 17:44:58 | 000,001,857 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2011/02/28 14:02:29 | 000,014,040 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Renewal successful.htm
[2011/02/02 22:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/02/02 22:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/02/02 22:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/02/02 22:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/02/02 20:19:39 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/12/22 10:49:59 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2010/12/22 10:42:48 | 000,000,898 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Desktop\Update Service.lnk
[2010/12/22 10:40:08 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\seehcri.sys
[2010/12/21 15:51:21 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/20 19:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 19:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 15:18:59 | 000,001,377 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Betfair Poker.lnk
[2010/12/20 15:18:59 | 000,001,357 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Betfair Poker.lnk
[2010/12/06 14:38:10 | 000,001,484 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/11/30 20:23:15 | 000,064,008 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\108441BonsaiGarden.jpgcopy.jpg
[2010/11/14 22:42:19 | 000,001,303 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\STK02N 2.0 PNP Monitor.lnk
[2010/11/14 22:42:03 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Ulead Photo Explorer 8.6.lnk
[2010/11/14 22:42:02 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ulead Photo Explorer 8.6.lnk
[2010/11/03 11:15:21 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/10/29 20:54:23 | 000,000,748 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Desktop\MicroCapture.lnk
[2010/10/29 20:54:23 | 000,000,028 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\settings.ini
[2010/10/24 13:25:18 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Wpefinexilaheti.dat
[2010/10/24 13:25:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Rkepuqizevaxi.bin
[2010/10/07 17:35:04 | 000,622,752 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Desktop\nps28.tmp.pdf
[2010/10/07 13:23:02 | 000,107,808 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe
[2010/10/07 13:23:02 | 000,091,424 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll
[2010/10/03 23:43:44 | 000,059,240 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[2010/10/02 20:17:46 | 000,339,968 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\RapportBuka.dll
[2010/10/01 13:58:30 | 000,000,971 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Desktop\ZoomBrowser EX.lnk
[2010/09/28 16:44:52 | 004,184,352 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2010/09/27 19:48:43 | 000,028,824 | ---- | M] () -- C:\img2-001.raw
[2010/09/08 12:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010/09/08 12:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010/09/06 11:40:54 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/08/31 18:39:50 | 000,002,577 | ---- | M] () -- C:\WINDOWS\lsrslt.ini
[2010/08/31 14:36:59 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/09 19:22:46 | 000,132,461 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 10.png
[2010/07/27 15:46:29 | 000,002,077 | ---- | M] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.lnk
[2010/07/13 19:47:42 | 000,000,145 | ---- | M] () -- C:\WINDOWS\StarryNight.ini
[2010/07/12 21:05:15 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/07/04 16:49:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\PhEdit.INI
[2010/06/30 22:45:38 | 000,000,623 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 4.0 HD Edition.lnk
[2010/06/30 22:41:58 | 000,000,577 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PHOTOfunSTUDIO 4.0 HD Edition.lnk
[2010/05/25 22:40:20 | 000,118,044 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 20.png
[2010/05/21 21:53:00 | 000,138,940 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 140.png
[2010/05/21 21:52:40 | 000,131,377 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 141.png
[2010/05/21 21:52:25 | 000,145,554 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 139.png
[2010/05/21 00:09:13 | 000,027,894 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 19.png
[2010/05/21 00:09:07 | 000,027,635 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 18.png
[2010/05/20 21:22:15 | 000,143,952 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 16.png
[2010/05/12 20:14:13 | 000,125,904 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 15.png
[2010/05/09 22:33:06 | 000,030,598 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 13.png
[2010/04/30 13:34:37 | 000,607,803 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Final Report 2.pdf
[2010/04/23 00:55:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/17 00:04:40 | 000,306,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WLXPGSS.SCR
[2010/04/16 12:02:32 | 000,001,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010/04/12 23:47:48 | 000,029,837 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 8.png
[2010/04/12 01:38:55 | 000,028,325 | ---- | M] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 6.png

========== Files Created - No Company Name ==========

[2011/03/27 20:10:28 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\Auslogics Disk Defrag Disk Defrag Start On Hassan PC Logon.job
[2011/03/27 19:50:57 | 000,000,745 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Desktop\Auslogics Disk Defrag.lnk
[2011/03/27 12:18:30 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/03/26 13:43:47 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/03/26 13:43:47 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/03/26 13:05:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/21 13:59:26 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Desktop\SportPlayer 5 Simulcast Edition.lnk
[2011/03/06 17:44:58 | 000,001,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2011/02/28 14:02:28 | 000,014,040 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Renewal successful.htm
[2010/12/22 10:49:59 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2010/12/22 10:42:48 | 000,000,898 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Desktop\Update Service.lnk
[2010/12/21 15:51:21 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/12/20 15:18:59 | 000,001,377 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Betfair Poker.lnk
[2010/12/20 15:18:59 | 000,001,357 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Betfair Poker.lnk
[2010/12/06 14:38:10 | 000,001,484 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/11/30 20:23:36 | 000,064,008 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\108441BonsaiGarden.jpgcopy.jpg
[2010/11/14 23:03:55 | 000,000,071 | ---- | C] () -- C:\WINDOWS\Pex.INI
[2010/11/14 22:42:17 | 000,001,303 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\STK02N 2.0 PNP Monitor.lnk
[2010/11/14 22:42:03 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Ulead Photo Explorer 8.6.lnk
[2010/11/14 22:42:02 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ulead Photo Explorer 8.6.lnk
[2010/10/29 20:54:23 | 000,000,748 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Desktop\MicroCapture.lnk
[2010/10/29 20:54:23 | 000,000,028 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\settings.ini
[2010/10/09 21:28:03 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2010/10/09 21:28:03 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/10/07 17:35:04 | 000,622,752 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Desktop\nps28.tmp.pdf
[2010/10/01 13:58:30 | 000,000,971 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Desktop\ZoomBrowser EX.lnk
[2010/09/06 11:40:55 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/09/06 11:40:55 | 000,000,623 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\PHOTOfunSTUDIO 4.0 HD Edition.lnk
[2010/08/31 18:39:50 | 000,002,577 | ---- | C] () -- C:\WINDOWS\lsrslt.ini
[2010/08/29 14:10:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/29 12:52:59 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Wpefinexilaheti.dat
[2010/08/29 12:52:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Rkepuqizevaxi.bin
[2010/08/15 20:41:58 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ealtest.exe
[2010/08/09 19:22:45 | 000,132,461 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 10.png
[2010/07/26 22:25:33 | 000,002,077 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.lnk
[2010/07/26 22:25:33 | 000,002,065 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Start Menu\Programs\Google.lnk
[2010/07/04 16:49:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhEdit.INI
[2010/06/30 22:45:29 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/06/30 22:45:29 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/06/30 22:45:29 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2010/06/30 22:45:29 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2010/06/30 22:45:29 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/06/30 22:45:28 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/06/30 22:45:28 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/06/30 22:45:28 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/06/30 22:45:28 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/06/30 22:45:28 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/06/30 22:45:28 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/06/30 22:45:28 | 000,013,732 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_EN.cfg
[2010/06/30 22:45:28 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/06/30 22:45:28 | 000,006,442 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_IT.cfg
[2010/06/30 22:45:28 | 000,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_PT.cfg
[2010/06/30 22:45:28 | 000,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_BP.cfg
[2010/06/30 22:45:28 | 000,006,335 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_GE.cfg
[2010/06/30 22:45:28 | 000,006,195 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_FR.cfg
[2010/06/30 22:45:28 | 000,006,195 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_CF.cfg
[2010/06/30 22:45:28 | 000,006,122 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_DU.cfg
[2010/06/30 22:45:28 | 000,006,103 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_ES.cfg
[2010/06/30 22:45:28 | 000,005,817 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_KO.cfg
[2010/06/30 22:45:28 | 000,005,436 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_SC.cfg
[2010/06/30 22:45:28 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/06/30 22:45:28 | 000,002,889 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_RU.cfg
[2010/06/30 22:45:28 | 000,002,426 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_TC.cfg
[2010/06/30 22:45:28 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2010/06/30 22:45:28 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/06/30 22:45:28 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/06/30 22:45:28 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/06/30 22:45:28 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/06/30 22:45:28 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/06/30 22:41:58 | 000,000,577 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PHOTOfunSTUDIO 4.0 HD Edition.lnk
[2010/06/08 20:54:11 | 000,059,232 | ---- | C] () -- C:\WINDOWS\System32\CNC990W.DAT
[2010/06/08 20:54:10 | 000,016,128 | ---- | C] () -- C:\WINDOWS\System32\CNC1740D.TBL
[2010/05/25 22:40:04 | 000,118,044 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 20.png
[2010/05/21 21:52:43 | 000,138,940 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 140.png
[2010/05/21 21:52:28 | 000,131,377 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 141.png
[2010/05/21 21:52:13 | 000,145,554 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 139.png
[2010/05/21 00:09:09 | 000,027,894 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 19.png
[2010/05/21 00:09:04 | 000,027,635 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 18.png
[2010/05/20 21:22:02 | 000,143,952 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 16.png
[2010/05/12 20:13:56 | 000,125,904 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 15.png
[2010/05/09 22:33:05 | 000,030,598 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 13.png
[2010/04/30 13:34:37 | 000,607,803 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Final Report 2.pdf
[2010/04/29 22:47:28 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat_com.lnk
[2010/04/25 20:36:20 | 000,000,679 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Scrabble ®.lnk
[2010/04/16 11:59:22 | 000,001,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\kgpcpy.cfg
[2010/04/12 23:47:43 | 000,029,837 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 8.png
[2010/04/12 01:38:51 | 000,028,325 | ---- | C] () -- C:\Documents and Settings\Hassan PC\My Documents\Video call snapshot 6.png
[2010/03/27 23:24:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\StarryNight.ini
[2010/01/04 12:33:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009/12/30 15:36:37 | 000,000,734 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009/10/16 17:37:36 | 000,049,776 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/28 16:23:56 | 000,349,978 | ---- | C] () -- C:\Program Files\msrdp.cab
[2009/09/22 12:11:01 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/09/21 19:39:35 | 000,024,576 | ---- | C] () -- C:\WINDOWS\SvcCon.exe
[2009/09/18 16:04:29 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/06/16 13:18:19 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\Hassan PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/31 11:09:28 | 000,000,119 | ---- | C] () -- C:\WINDOWS\typing.INI
[2009/03/26 11:07:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll
[2009/03/26 11:03:28 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\libcurl.dll
[2009/03/26 11:03:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\libexpatw.dll
[2009/01/26 18:04:38 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/12/18 00:15:37 | 000,000,040 | ---- | C] () -- C:\WINDOWS\ujf635.bin
[2008/12/04 15:41:09 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\WIAEH.dll
[2008/12/04 15:41:09 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\WIAIPH.dll
[2008/12/04 15:41:09 | 000,053,315 | ---- | C] () -- C:\WINDOWS\System32\Sswiadrv.dll
[2008/12/04 15:41:09 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\WIASTIIO.dll
[2007/11/02 13:21:13 | 000,001,298 | ---- | C] () -- C:\WINDOWS\saplogon_backup_1.ini
[2007/11/02 13:21:13 | 000,000,048 | ---- | C] () -- C:\WINDOWS\sapmsg.ini
[2007/11/02 13:21:13 | 000,000,025 | ---- | C] () -- C:\WINDOWS\sapini_backup.ini
[2007/05/31 11:17:41 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/05/11 14:58:54 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TransCom.dll
[2007/04/23 17:24:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2007/01/08 16:26:22 | 000,000,260 | ---- | C] () -- C:\WINDOWS\hpqcopy.INI
[2006/11/03 12:03:57 | 000,000,082 | ---- | C] () -- C:\WINDOWS\SGREP32.INI
[2006/09/12 12:10:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\sagefolderbrowser.dll
[2006/09/12 12:09:29 | 001,253,376 | ---- | C] () -- C:\WINDOWS\System32\SGREP32.DLL
[2006/09/12 12:09:29 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\SGLIST32.DLL
[2006/09/12 12:09:29 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\SGTOOL32.DLL
[2006/09/12 12:09:29 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\SGCDLG32.DLL
[2006/09/12 12:09:29 | 000,229,376 | ---- | C] () -- C:\WINDOWS\System32\SGLCH32.DLL
[2006/09/12 12:09:29 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\SGTBAR32.DLL
[2006/09/12 12:09:29 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SGHELP32.DLL
[2006/09/12 12:09:29 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\SGINTL32.DLL
[2006/09/12 12:09:29 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SGCOM32.DLL
[2006/09/12 12:09:29 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\SGDT32.DLL
[2006/09/12 12:09:29 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SGAppBar.dll
[2006/09/12 12:09:29 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\SG3D32.DLL
[2006/09/12 12:09:29 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\Sgstat32.dll
[2006/09/12 12:09:04 | 000,002,158 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2006/09/12 12:06:32 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\vtssm32.dll
[2006/09/12 12:04:30 | 000,000,756 | ---- | C] () -- C:\WINDOWS\SVN4WIN.INI
[2006/09/12 11:57:57 | 000,000,686 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/08/22 11:40:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/22 11:17:25 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/08/22 11:15:38 | 000,000,473 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/11 17:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 17:19:30 | 000,002,048 | ---- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/11 17:12:14 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/11 17:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 17:07:24 | 000,004,311 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/11 17:06:43 | 000,228,000 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/11 17:00:30 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/11 17:00:28 | 000,445,702 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/11 17:00:28 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/11 17:00:28 | 000,072,924 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/11 17:00:28 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/11 17:00:27 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/11 17:00:26 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/11 17:00:24 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/11 17:00:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/11 17:00:19 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/11 17:00:12 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/11 17:00:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/03/25 12:09:04 | 000,022,457 | ---- | C] () -- C:\Program Files\default.htm
[2003/02/24 16:52:16 | 000,004,134 | ---- | C] () -- C:\Program Files\setup.inf
[2003/02/21 18:49:40 | 000,010,853 | ---- | C] () -- C:\Program Files\readme.htm
[2003/02/21 18:49:40 | 000,009,644 | ---- | C] () -- C:\Program Files\win2000l.gif
[2003/02/21 18:49:40 | 000,002,085 | ---- | C] () -- C:\Program Files\bluebarv.gif
[2003/02/21 18:49:40 | 000,002,022 | ---- | C] () -- C:\Program Files\bluebarh.gif
[2003/02/21 18:49:40 | 000,001,958 | ---- | C] () -- C:\Program Files\win2000r.gif
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/06/08 20:57:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/07/14 19:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJ
[2010/06/08 22:08:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2010/06/08 22:03:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX
[2010/06/09 09:34:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJMyPrinter
[2011/03/03 19:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2010/06/09 22:19:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2010/06/08 21:32:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJSolutionMenu
[2010/11/15 15:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2010/09/05 20:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2010/06/30 22:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2009/09/21 19:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/04/21 10:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2010/04/16 11:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2009/07/23 16:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/04/27 14:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2010/10/25 14:10:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/10/28 22:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2010/11/14 22:39:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2007/05/11 10:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VBO_MandFields_INS
[2010/04/23 00:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/12 23:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/03/26 13:43:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8790345A-AF70-4319-B9E7-AAA25C6DCD42}
[2010/01/05 22:29:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
[2011/03/26 13:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\~0
[2010/02/25 11:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Trusteer
[2010/08/31 15:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Aqisq
[2010/08/31 15:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Asysg
[2010/08/30 23:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Atputo
[2010/09/06 11:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Auslogics
[2010/05/17 01:47:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Biifo
[2009/09/21 19:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Blitware
[2010/08/31 22:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Bufiuk
[2010/06/08 22:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Canon
[2010/09/15 13:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\CBS Interactive
[2010/04/29 22:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/09 21:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Elluminate
[2010/08/31 15:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Emzio
[2010/08/31 15:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Faxyun
[2010/10/29 23:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Fiofxi
[2010/08/31 15:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Fuly
[2010/09/07 12:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Guadyd
[2010/09/13 22:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Gygi
[2010/08/31 22:27:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Ibbau
[2010/09/04 15:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Ikof
[2010/04/27 14:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\IObit
[2009/07/23 17:10:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Leadertech
[2010/09/03 20:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Olog
[2010/09/27 12:56:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Omwy
[2010/09/04 15:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Opozr
[2011/01/16 15:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Raaxt
[2010/10/25 14:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Registry Mechanic
[2009/03/08 11:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\SecondLife
[2009/12/04 17:25:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\SmartDraw
[2010/08/31 23:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Sony
[2009/11/20 22:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\SpinTop
[2009/05/16 21:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Sports Interactive
[2010/05/31 23:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Stellarium
[2011/01/27 12:20:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Tiovn
[2009/10/28 22:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Trusteer
[2010/02/02 11:51:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\TypingMaster7
[2010/09/07 15:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Uhycge
[2010/11/14 22:58:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Ulead Systems
[2010/09/07 17:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Utma
[2010/12/12 17:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\vShare
[2010/09/13 19:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Vuimni
[2010/09/03 17:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Vupo
[2010/04/27 14:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Windows Live Writer
[2010/11/15 15:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\WinPatrol
[2010/09/07 17:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Wyqa
[2011/01/18 21:27:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Xivy
[2011/01/27 12:20:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Xoeng
[2009/07/25 09:02:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Xuinr
[2010/08/31 14:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Zefyu
[2010/08/31 15:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hassan PC\Application Data\Zyysg
[2009/12/28 01:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Trusteer
[2011/03/29 09:55:37 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011/03/29 09:45:03 | 000,000,420 | ---- | M] () -- C:\WINDOWS\Tasks\Auslogics Disk Defrag Disk Defrag Start On Hassan PC Logon.job
[2010/01/31 03:22:00 | 000,000,454 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 155 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:084B0270
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 29/03/2011 10:48:26 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Hassan PC\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.21 Gb Total Space | 16.07 Gb Free Space | 43.18% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 431.63 Gb Free Space | 92.67% Space Free | Partition Type: NTFS

Computer Name: GORDON | User Name: Hassan PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1123044038-334074209-50764575-1008\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ORL\VNC\WinVNC.exe" = C:\Program Files\ORL\VNC\WinVNC.exe:*:Enabled:VNC server for Win32
"C:\Program Files\SAP\FrontEnd\SAPgui\saplogon.exe" = C:\Program Files\SAP\FrontEnd\SAPgui\saplogon.exe:*:Enabled:SAP Logon for Windows
"C:\Program Files\SAP\SAP Business One\SAP Business One.exe" = C:\Program Files\SAP\SAP Business One\SAP Business One.exe:*:Enabled:SAP Business One
"C:\Program Files\Microsoft Office Communicator\communicator.exe" = C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Microsoft Office Communicator 2007 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office Communicator\communicator.exe" = C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Microsoft Office Communicator 2007 -- (Microsoft Corporation)
"C:\Program Files\DELL\Dell Laser MFP 1600n\NetworkScan\DNSCST.exe" = C:\Program Files\DELL\Dell Laser MFP 1600n\NetworkScan\DNSCST.exe:*:Enabled:DNSCST Module -- (Dell)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe" = C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- ()
"D:\EasySetupAssistant\TD-W8960N\fscommand\EasySetupAssistant.exe" = D:\EasySetupAssistant\TD-W8960N\fscommand\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{025C3792-E9C6-432A-92C1-661F99D021CA}" = Ulead Photo Explorer 8.6
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP990_series" = Canon MP990 series MP Drivers
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 24
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{381D847E-7E56-4E82-B261-F799E0F40EB4}" = PHOTOfunSTUDIO 4.0 HD Edition
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{497A1721-088F-41EF-8876-B43C9DA5528B}" = ArcSoft Software Suite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{50E125D1-88E5-48CE-80AE-98EC9698E639}" = Symantec AntiVirus
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{71A51A91-E7D3-11DB-A386-005056C00008}" = Digital microscope
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{83E222CC-223F-BE8C-0C77-0CEBDC2F9B57}" = Acrobat.com
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2F25F71-D920-4288-A548-54CD253DEF14}" = SILKYPIX Developer Studio 3.0 SE
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}" = Stronghold
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}" = STK02N 2.0
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E5BA0430-919F-46DD-B656-0796F8A5ADFF}" = Microsoft Office Communicator 2007
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB3B43A2-CA2A-11D5-A718-0050DAE02D76}" = SAPsetup System Update
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Betfair Poker_is1" = Betfair Poker
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MP990 series User Registration" = Canon MP990 series User Registration
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CSCLIB" = Canon Camera Support Core Library
"Dell Laser MFP 1600n" = Dell Laser MFP 1600n Software Uninstall
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro
"EOS Utility" = Canon Utilities EOS Utility
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Indeo® software" = Indeo® software
"InstallShield_{B2F25F71-D920-4288-A548-54CD253DEF14}" = SILKYPIX Developer Studio 3.0 SE
"LiveUpdate" = LiveUpdate 3.1 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MicroCapture" = MicroCapture 2.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MSNINST" = MSN
"Network Play System" = EA AutoPatch
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PhotoStitch" = Canon Utilities PhotoStitch
"PokerStars" = PokerStars
"Populous: The Beginning" = Populous: The Beginning
"PROSet" = Intel® PRO Network Connections Drivers
"Rapport_msi" = Rapport
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Scrabble ®" = Scrabble ®
"SopCast" = SopCast 3.0.3
"Starry Night Enthusiast 4.5" = Starry Night Enthusiast 4.5
"TsActiveXClient" = Remote Desktop Web Connection
"Update Service" = Sony Ericsson Update Service
"Veetle TV" = Veetle TV 0.9.18
"vShare" = vShare Plugin
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1123044038-334074209-50764575-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Thanks,
eiger

#8 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:05:20 PM

Posted 31 March 2011 - 12:31 PM

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    O4 - HKLM..\Run: [Nyorani] File not found
    O4 - HKU\.DEFAULT..\Run: [gveqjvae] File not found
    O4 - HKU\.DEFAULT..\Run: [nwtpxnur] File not found
    O4 - HKU\S-1-5-18..\Run: [gveqjvae] File not found
    O4 - HKU\S-1-5-18..\Run: [nwtpxnur] File not found
    
    :commands
    [reboot]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click Posted Image.
  • A report will open. Copy and Paste that report in your next reply.

~Blade


In your next reply, please include the following:
OTL Report
How's the computer running now?

Edited by Blade Zephon, 31 March 2011 - 12:32 PM.

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#9 eiger

eiger
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manchester, England
  • Local time:09:20 PM

Posted 01 April 2011 - 05:01 AM

Hello Blade,

The RUNDLL box has now disappeared and the start-up is much quicker. Pictures come up much more quickly but Word documents are still very slow. Internet Explorer and Google Chrome are still slow to load.
Following is the log;

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Nyorani not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\gveqjvae not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\nwtpxnur not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\gveqjvae not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\nwtpxnur not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.22.3 log created on 04012011_101223

Thanks,
eiger

#10 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,702 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:05:20 PM

Posted 04 April 2011 - 12:56 PM

Hi eiger.

If the RUNDLL box is not there anymore then there's no further evidence of malware on the machine. The slowness you're experiencing is not likely due to infection. I suggest trying some steps in the following guide: Slow Computer?. Obviously, since we've eliminated malware as a cause the first set of suggestions do not apply.

  • Please double click on the Posted Image icon on your desktop.
  • Click the large button marked "Cleanup"
***************************************************

Your machine appears to be clean!

***************************************************

I highly recommend that you read through the below set of very helpful suggestions and implement them; they will help protect you from reinfectionI recommend you regularly visit the Windows Update Site!
  • Lots of Hacking/Trojans use the methods found (plugged by the updates) that have not been stopped by people not updating.
  • By updating your machine, you have one less headache! Posted Image
  • Update ALL Critical updates and any other Windows updates for services/programs that you use.
  • If you wish, you can also use automatic updates. This is a good thing to have if you want to be up-to-date all the time, but can also be a bit of an annoyance due to its handling and the sizes of the updates. If you wish to turn on automatic updates then you will find here is a nice little article about turning on automatic updates.
  • Note that it will download them for you, but you still have to actually click install.
  • If you do not want to have automatic updates turned on, or are on dial-up, you can always download updates seperately at: http://windowsupdate.microsoft.com.
It is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.

For a nice list of freeware programs in all categories, please have a look at this thread with freeware products that are regarded as useful by the users of this forum: Commonly Used Freeware Replacements.

Another recommendation, is to download HostsMan. It safeguards you with a regularly updated Hosts-file that blocks dangerous sites from opening. This adds another bit of safety while surfing the Internet. For installlation and setting up, follow these steps:
  • Double-click the Downloaded installer and install the tool to a location of your choice
  • Via the Startmenu, navigate to HostsMan and run the program.[list=a]
  • Click "Hosts" in the menu
  • Click "Manage Updates" in the submenu
  • Out of the choices available, select at least one of them (I have MVPS Host as my main one)
  • Click "Add Update." After that you will only need to click on the Update button to retrieve updates:
  • Click the X to exit the program.
Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:

Simple and easy ways to keep your computer safe and secure on the Internet

Glad I was able to help and if there any other problems related to your computer please feel free to post them in the appropriate forum. Though we help people with spyware and viruses here at BC, we also help people with other computer problems! Do not forget to tell your friends about us!

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users