Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HijackThis Log - PC is slow even after deleting temp files

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: HijackThis Log - OTL.txt

Unread postby jorgechm » February 7th, 2011, 9:22 pm

OTL.txt
OTL logfile created on: 2/7/2011 7:14:24 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Jorge\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 620.00 Mb Available Physical Memory | 61.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 104.36 Gb Free Space | 70.02% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 145.26 Gb Free Space | 97.47% Space Free | Partition Type: NTFS

Computer Name: JORGE_DESKTOP | User Name: Jorge | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/07 19:13:59 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTL.exe
PRC - [2011/01/14 13:11:17 | 000,223,912 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/09/29 07:37:22 | 000,142,336 | ---- | M] () -- C:\Program Files\ADrive Desktop\ADrive Desktop.exe
PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/20 11:46:28 | 000,055,016 | ---- | M] (Xobni Corporation) -- C:\Program Files\Xobni\XobniService.exe
PRC - [2010/04/05 16:03:36 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/19 10:26:54 | 000,455,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 12:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/12/18 21:34:36 | 000,868,352 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2006/11/13 12:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 12:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/09/11 19:59:28 | 000,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2006/09/11 19:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006/09/11 19:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006/04/13 16:14:26 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2005/08/07 14:38:30 | 000,253,952 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2004/12/14 01:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe


========== Modules (SafeList) ==========

MOD - [2011/02/07 19:13:59 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 18:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2007/04/19 13:21:40 | 000,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/09/01 14:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/20 11:46:28 | 000,055,016 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files\Xobni\XobniService.exe -- (XobniService)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/19 10:26:54 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2006/09/11 19:59:28 | 000,172,032 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2006/09/11 19:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006/09/11 19:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006/04/13 16:14:26 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2005/08/07 14:38:30 | 000,253,952 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/01/10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/07/20 04:38:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/07/20 04:38:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010/07/20 04:38:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/04/26 20:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/04/26 20:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/04/26 20:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2009/08/16 10:57:00 | 007,729,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/12/04 16:10:30 | 000,016,640 | R--- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/01/16 09:09:06 | 000,293,888 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006/05/03 10:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/04/24 17:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/03/22 14:24:02 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/22 14:24:00 | 000,052,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/03/22 14:23:50 | 000,109,568 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvtcp.sys -- (NVTCP)
DRV - [2006/03/17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/08/22 05:42:27 | 000,011,264 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005/06/09 14:10:58 | 000,023,040 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2004/10/27 15:21:36 | 000,138,240 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/05/17 07:04:16 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://members.har.com/indexr.cfm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Comcast Search"
FF - prefs.js..browser.startup.homepage: "https://members.har.com/indexr.cfm"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {4E77EDAD-9566-4089-88D1-C81498CEE770}:3.5
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/29 11:39:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/13 08:34:56 | 000,000,000 | ---D | M]

[2010/05/07 14:59:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jorge\Application Data\Mozilla\Extensions
[2011/02/04 18:49:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jorge\Application Data\Mozilla\Firefox\Profiles\wq9yghgh.default\extensions
[2010/10/25 16:08:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jorge\Application Data\Mozilla\Firefox\Profiles\wq9yghgh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/25 16:07:10 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Jorge\Application Data\Mozilla\Firefox\Profiles\wq9yghgh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/02/02 09:44:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/26 05:11:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/22 13:14:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/02 09:44:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JORGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WQ9YGHGH.DEFAULT\EXTENSIONS\{4E77EDAD-9566-4089-88D1-C81498CEE770}
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/02/02 09:44:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/12/01 10:50:26 | 000,004,946 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\comcast.xml

O1 HOSTS File: ([2011/02/05 10:28:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [HPWQTOOLBOX] C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe ()
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\Jorge\Start Menu\Programs\Startup\ADrive Desktop.lnk = C:\Program Files\ADrive Desktop\ADrive Desktop.exe ()
O4 - Startup: C:\Documents and Settings\Jorge\Start Menu\Programs\Startup\OggSync.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: byreferralonly.com ([myclients] https in Trusted sites)
O15 - HKCU\..Trusted Domains: byreferralonly.com ([myphoneleads] https in Trusted sites)
O15 - HKCU\..Trusted Domains: byreferralonly.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: craigslist.org ([accounts] https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([local] * in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([maps] * in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([picassaweb] http in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: har.com ([members] https in Trusted sites)
O15 - HKCU\..Trusted Domains: har.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([qbo] https in Trusted sites)
O15 - HKCU\..Trusted Domains: linkedin.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mydailyflyer.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: realtor.org ([secure] https in Trusted sites)
O15 - HKCU\..Trusted Domains: statemortgageregistry.com ([www] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/12 15:39:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/24 12:29:55 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: Msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: vidc.3IV2 - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx Technologies Pty. Ltd.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()

========== Files/Folders - Created Within 30 Days ==========

[2011/02/07 19:13:02 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTL.exe
[2011/02/05 10:21:37 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/02/05 10:15:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/02/05 10:15:47 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/02/05 10:15:47 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/02/05 10:15:47 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/02/05 10:15:38 | 000,000,000 | ---D | C] -- C:\zzz
[2011/02/05 10:15:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/02/04 19:02:45 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/02/04 19:01:27 | 000,519,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTM.exe
[2011/02/04 18:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\comcasttb
[2011/02/04 16:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\ePASS
[2011/02/04 15:11:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/02/04 12:54:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/02/04 09:51:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/02/04 09:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\Avira
[2011/02/04 09:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/02/04 09:43:44 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/02/04 09:43:43 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/02/04 09:43:43 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/02/04 09:43:43 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/02/04 09:43:43 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/02/04 09:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/02/04 09:43:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/02/04 09:06:32 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\TFC.exe
[2011/02/02 18:15:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/02/02 09:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/01/30 15:42:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
[2011/01/30 15:41:49 | 000,121,576 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdm.sys
[2011/01/30 15:41:49 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdfl.sys
[2011/01/30 15:41:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcmnt.sys
[2011/01/30 15:41:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcm.sys
[2011/01/30 15:41:47 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwhnt.sys
[2011/01/30 15:41:47 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwh.sys
[2011/01/30 15:41:46 | 000,096,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadbus.sys
[2011/01/30 15:41:42 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdm.sys
[2011/01/30 15:41:42 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys
[2011/01/30 15:41:42 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcmnt.sys
[2011/01/30 15:41:42 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcm.sys
[2011/01/30 15:41:40 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdbus.sys
[2011/01/30 15:41:40 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwhnt.sys
[2011/01/30 15:41:40 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwh.sys
[2011/01/30 15:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2011/01/30 15:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2011/01/30 15:40:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\.svn
[2011/01/30 15:38:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2011/01/30 15:35:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/01/28 12:12:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\My Documents\pics
[2011/01/25 12:10:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\FileZilla
[2011/01/25 12:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2011/01/25 12:08:31 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/01/24 11:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/01/24 11:43:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Start Menu\Programs\HiJackThis
[2011/01/19 19:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Local Settings\Application Data\WinZip
[2011/01/19 19:30:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinZip
[2011/01/19 19:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2011/01/14 20:37:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\Serif
[2011/01/14 20:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Serif Applications
[2011/01/14 20:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Serif
[2011/01/12 21:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools
[2011/01/10 16:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ellie Mae Encompass360
[2010/07/22 18:13:52 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jorge\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/02/07 19:13:59 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTL.exe
[2011/02/07 19:09:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-842925246-725345543-1005UA.job
[2011/02/07 19:09:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-842925246-725345543-1005Core.job
[2011/02/07 18:55:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/06 19:55:05 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/05 16:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/05 10:28:57 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2011/02/05 10:28:46 | 000,249,324 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/02/05 10:28:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/05 10:28:26 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/05 10:28:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/05 10:21:41 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/02/04 19:01:33 | 000,519,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTM.exe
[2011/02/04 15:10:51 | 004,263,406 | R--- | M] () -- C:\Documents and Settings\Jorge\Desktop\zzz.exe
[2011/02/04 12:54:36 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/02/04 09:43:50 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/02/04 09:36:34 | 049,788,256 | ---- | M] () -- C:\Documents and Settings\Jorge\Desktop\avira_antivir_personal_en.exe
[2011/02/04 09:07:10 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\TFC.exe
[2011/02/02 18:25:28 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/02 18:17:29 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/01 09:54:20 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\Jorge\Desktop\EELWER REALTY ADS.doc
[2011/01/30 15:53:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/01/30 15:52:00 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies mini.lnk
[2011/01/30 15:48:41 | 000,446,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/30 15:42:05 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies mini.lnk
[2011/01/30 15:41:45 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/01/30 15:41:45 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/01/30 15:38:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2011/01/24 11:43:54 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Jorge\Desktop\HiJackThis.lnk
[2011/01/13 18:45:17 | 000,037,888 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2011/01/13 18:45:17 | 000,020,480 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2011/01/12 21:31:48 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/01/12 21:31:19 | 000,001,730 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011/01/11 16:07:10 | 000,140,288 | ---- | M] () -- C:\Documents and Settings\Jorge\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/10 16:08:11 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Encompass360.lnk
[2011/01/10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

========== Files Created - No Company Name ==========

[2011/02/05 10:21:41 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/02/05 10:21:38 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/02/05 10:15:47 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/02/05 10:15:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/02/05 10:15:47 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/02/05 10:15:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/02/05 10:15:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/02/04 15:00:19 | 004,263,406 | R--- | C] () -- C:\Documents and Settings\Jorge\Desktop\zzz.exe
[2011/02/04 09:43:50 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/02/04 09:36:33 | 049,788,256 | ---- | C] () -- C:\Documents and Settings\Jorge\Desktop\avira_antivir_personal_en.exe
[2011/02/01 09:54:20 | 000,054,784 | ---- | C] () -- C:\Documents and Settings\Jorge\Desktop\EELWER REALTY ADS.doc
[2011/01/30 15:53:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/01/30 15:42:05 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies mini.lnk
[2011/01/30 15:42:05 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies mini.lnk
[2011/01/30 15:41:19 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/01/30 15:38:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2011/01/24 11:43:54 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Jorge\Desktop\HiJackThis.lnk
[2011/01/14 22:06:54 | 000,002,393 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Serif PagePlus X5.lnk
[2011/01/12 21:31:19 | 000,002,435 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Publisher.lnk
[2011/01/12 21:31:19 | 000,001,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011/01/10 16:08:11 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Encompass360.lnk
[2010/11/14 13:43:41 | 000,172,338 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1993962763-842925246-725345543-1005-0.dat
[2010/11/10 05:16:55 | 000,172,338 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/10/25 16:22:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EngineExe.INI
[2010/10/25 16:22:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2010/10/13 08:56:37 | 000,000,094 | ---- | C] () -- C:\WINDOWS\family.ini
[2010/08/23 14:16:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Jorge\Local Settings\Application Data\fusioncache.dat
[2010/07/22 18:14:24 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\vso_ts_preview.xml
[2010/07/22 18:14:05 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\pcouffin.log
[2010/07/22 18:13:52 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\pcouffin.cat
[2010/07/22 18:13:52 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\pcouffin.inf
[2010/07/19 11:17:33 | 000,038,468 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\Comma Separated Values (DOS).ADR
[2010/07/14 17:10:29 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Aeditor.INI
[2010/07/14 17:09:51 | 000,000,520 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2010/06/24 02:22:29 | 000,244,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/25 13:04:53 | 000,000,025 | ---- | C] () -- C:\WINDOWS\WebEasy.INI
[2010/05/14 17:11:35 | 000,000,397 | ---- | C] () -- C:\WINDOWS\hpw9800k.ini
[2010/05/14 17:07:50 | 000,000,092 | ---- | C] () -- C:\WINDOWS\hpdj9800.ini
[2010/05/14 17:07:34 | 000,001,505 | ---- | C] () -- C:\WINDOWS\mariner.ini
[2010/04/22 07:33:53 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\$_hpcst$.hpc
[2010/04/08 19:21:47 | 000,229,376 | R--- | C] () -- C:\WINDOWS\System32\HPPCPR01.DLL
[2010/04/08 19:21:19 | 000,000,163 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2010/04/08 18:55:47 | 000,001,219 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/04/08 13:00:21 | 000,000,212 | ---- | C] () -- C:\Documents and Settings\Jorge\Local Settings\Application Data\xobni_installer_updater.log
[2010/04/05 21:00:13 | 000,000,087 | ---- | C] () -- C:\WINDOWS\dswplug.ini
[2010/04/05 21:00:09 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\mplaw7.dll
[2010/04/05 21:00:09 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\mplaa6.dll
[2010/04/05 21:00:09 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\mplam6.dll
[2010/04/05 21:00:09 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010/04/05 15:52:32 | 000,140,288 | ---- | C] () -- C:\Documents and Settings\Jorge\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/05 14:33:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/03/23 12:52:40 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2010/03/23 12:52:40 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2010/03/23 12:52:40 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2010/03/23 12:52:40 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2010/03/23 12:52:40 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2010/03/23 12:36:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2010/03/23 12:30:41 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2010/03/23 12:30:39 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2010/03/13 03:59:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/03/13 03:59:25 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2010/03/13 03:59:25 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2010/03/12 09:36:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/01/25 12:58:06 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/02/19 00:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2006/01/24 10:33:16 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ExpLoansFromGenesis.dll
[2005/08/02 02:35:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/08/02 02:35:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/08/02 02:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/08/02 02:35:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/08/02 02:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/08/02 02:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/04/25 15:22:46 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\DSWndinet.dll
[2005/04/25 15:22:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hhsaid.dll
[2003/11/12 09:16:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GNetParserX.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2001/03/28 11:37:14 | 000,000,033 | ---- | C] () -- C:\WINDOWS\hppcap.ini
[2000/02/17 13:57:02 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\GN32.DLL
[1999/10/13 14:59:48 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\GNS2KZIP.DLL

========== LOP Check ==========

[2010/10/22 13:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T(2)
[2010/06/17 15:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2010/10/22 13:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/06/03 08:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/04/25 19:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CitrixLogs
[2010/10/18 08:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/06/08 14:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010/04/05 15:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2010/08/21 09:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
[2010/12/15 14:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/10/22 13:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/06/08 14:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010/11/27 20:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrinterShare
[2011/01/30 15:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2010/06/08 14:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/10/23 11:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/05/24 19:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/04/05 20:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2011/01/19 19:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/08/04 18:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/06 09:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\ASAP Utilities
[2010/10/18 14:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\AT&T
[2011/01/05 11:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\ATT Connect
[2010/05/26 08:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Avanquest
[2010/10/18 09:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\AVG
[2010/10/23 13:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\CallingID
[2010/04/05 14:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\com.adrive.ADriveDesktop.9E1195EE779B0F966F518632F3A0F64E53222DC6.1
[2011/02/04 18:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\comcasttb
[2010/10/18 14:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\DBUpdater
[2010/11/15 08:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Dropbox
[2011/02/04 16:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\ePASS
[2011/01/28 15:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\FileZilla
[2010/06/20 19:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\GARMIN
[2010/10/13 08:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\HotSync
[2011/02/02 09:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\IPRental
[2010/10/25 08:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Mobile Action
[2010/06/08 14:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Nuance
[2010/08/04 16:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\OverDrive
[2011/01/14 22:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Serif
[2010/10/18 14:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Sierra Wireless
[2010/04/09 08:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Ulead Systems
[2010/07/22 18:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Vso
[2010/11/02 15:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\YouDataAIR.CDA5CEB063BC2A22C44BAA035F25F65FCCDA2208.1
[2010/06/08 14:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Zeon

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/08/16 12:32:29 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/03/12 15:39:36 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/03/23 12:52:58 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/02/05 10:21:41 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2011/02/05 10:32:59 | 000,019,581 | ---- | M] () -- C:\ComboFix.txt
[2010/03/12 15:39:36 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/04/06 07:04:07 | 000,000,043 | ---- | M] () -- C:\DSWndReg.log
[2010/05/29 15:40:15 | 000,000,000 | ---- | M] () -- C:\foo.txt
[2010/11/08 17:27:39 | 000,000,175 | ---- | M] () -- C:\huff_value.dat
[2010/03/12 15:39:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/05 15:52:29 | 000,001,015 | R--- | M] () -- C:\logFile.xsl
[2010/03/12 15:39:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/06/29 11:55:43 | 000,001,096 | ---- | M] () -- C:\net_save.dna
[2010/03/23 12:50:53 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/10/25 18:45:22 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/02/05 10:28:16 | 1610,612,736 | -HS- | M] () -- C:\pagefile.sys
[2010/05/27 14:44:23 | 000,006,144 | ---- | M] () -- C:\palm.grf


< MD5 for: EXPLORER.EXE >
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 00:56:50 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SFC.DLL >
[2008/04/13 18:12:05 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=96E1C926F22EE1BFBAE82901A35F6BF3 -- C:\WINDOWS\ERDNT\cache\sfc.dll
[2008/04/13 18:12:05 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=96E1C926F22EE1BFBAE82901A35F6BF3 -- C:\WINDOWS\ServicePackFiles\i386\sfc.dll
[2008/04/13 18:12:05 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=96E1C926F22EE1BFBAE82901A35F6BF3 -- C:\WINDOWS\system32\sfc.dll
[2004/08/04 00:56:46 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=E8A12A12EA9088B4327D49EDCA3ADD3E -- C:\WINDOWS\$NtServicePackUninstall$\sfc.dll

< MD5 for: USERINIT.EXE >
[2004/08/04 00:56:58 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 18:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 00:56:58 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 18:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< End of report >
jorgechm
Regular Member
 
Posts: 16
Joined: January 12th, 2011, 5:18 pm
Advertisement
Register to Remove

Re: HijackThis Log - PC is slow even after deleting temp fil

Unread postby jorgechm » February 7th, 2011, 9:27 pm

OTL Extras logfile created on: 2/7/2011 7:14:24 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Jorge\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 620.00 Mb Available Physical Memory | 61.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 104.36 Gb Free Space | 70.02% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 145.26 Gb Free Space | 97.47% Space Free | Partition Type: NTFS

Computer Name: JORGE_DESKTOP | User Name: Jorge | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"54420:TCP" = 54420:TCP:*:Enabled:IPRental Port
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe" = C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe:*:Enabled:Toolbox for HP Printing System for Windows -- (Hewlett-Packard Company)
"C:\Documents and Settings\Jorge\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Jorge\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\PrinterShare\paConsole.exe" = C:\Program Files\PrinterShare\paConsole.exe:*:Enabled:PrinterAnywhere Console -- (PrinterAnywhere)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12FE86D4-77FA-4FC7-8C23-A988E72FC5A5}" = hpp3390usg
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{17C9D682-B80A-4CBD-B492-498117342049}" = MUPF
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C90F3AA-BE5A-490D-A2C0-26F334D3CDFB}" = Encompass360
"{1DD670BE-C678-4D83-89D0-E7CF65D8DB98}" = hppManuals3390
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24739100-AD64-40C0-936C-03590B95C225}" = hppSendFax
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2AD738DC-FC24-4342-A2DA-BB6DCCF6B048}" = Jing
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{33E14464-2AEC-40DF-AD88-474F6B1FCF9B}" = Encompass360 NetBranch Installation Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35DC9F1E-5E88-4E69-A49A-9F4C2B33DDF3}" = Web Easy Professional
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{371C9583-5174-4CF8-B10D-D4C3AA7E8CD0}" = Serif PagePlus X5
"{37C5A56A-00EA-347B-B7A1-5628BED56702}" = Google Talk Plugin
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57DA304D-27B0-40D1-A796-92CEFF20FA32}" = hppIOFiles
"{5B32A23C-2BB0-4767-8150-F977E43E7E2A}" = hppscan3390
"{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}" = Snagit 10
"{601F1CA9-F8C4-462C-91AF-6FBAFE3A9F86}" = PrinterShare 2.3.04
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7642C5E3-0E6D-48E5-AE0B-A4878362711E}" = hppToolBoxFX
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{8038AEF9-EF53-4B55-97CA-CF3D8574C135}" = hpzTLBXFX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83E016DD-1566-457E-B65C-B531186CED56}" = hppfaxdrv3390
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BCD7AE7-F713-4D50-BAB9-7839B9386870}" = ImageShack Uploader 2.2.0
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{8FBDE446-66F7-4AD5-82D3-74E46D462425}" = Encompass360 NetBranch Installation Manager
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{92F0B809-0D52-48CF-9694-23E500DF6AA6}" = hppLJ3390
"{95140000-004E-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector 32-bit
"{95140000-007C-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Facebook 32-bit
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9651D2CF-B973-4F96-9D49-7D499000EC21}" = hppScanTo
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6806D86-BFF3-49CD-8E2B-87BB3507E53F}" = Web Easy Professional 8
"{A6E71574-2126-4E95-816E-32B2411C94BA}" = Ulead MediaStudio Pro 8.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-1033-0000-7760-000000000002}" = Adobe Acrobat 7.0 Professional
"{B1A5F607-19D1-1C1E-5873-A69255443101}" = YouData 5-Stack
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{BE10A93F-523E-A553-64F7-9AD4FF52A36A}" = ADrive Desktop
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C675C60B-0CB7-4108-B8CA-C3EC0706DEF0}" = Serif PagePlus Starter Edition
"{CA56FE36-091E-4914-A70A-93E3C09D3093}" = hppTooCool
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BC}" = WinZip 14.0
"{CDD4495B-0424-42F0-8D89-70D47E21BD69}" = AT&T Connect Participant Application v8.9.35
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE33EC58-5DFB-4560-9D33-1E7942E0554F}" = HP Deskjet 9800
"{CEF7211D-CE3A-44C4-B321-D84A2099AE94}" = Comcast Desktop Software (v1.2.0.9)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2169E0C-1C6A-4B83-BD30-9E8DADE1C391}" = hppFaxUtility
"{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}" = OverDrive Media Console
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{D8AC1EB5-E8B0-44A0-B113-899407188A2F}" = hppFonts
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EDE1736D-94BA-0200-0000-000000000000}" = Android Manager WiFi
"{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}" = Kies mini
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0F4DAC1-60DC-4D01-8BD9-DB8DA05A8A0F}" = 32 Bit HP BiDi Channel Components Installer
"{F7F23DFB-31E1-B7EC-7A6D-7668B595ADAE}" = FlipShare
"{FAACF484-848A-4BA8-9296-33E2F0C43EDC}" = Palm eKEY
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"Adobe Acrobat 7.0 Professional" = Adobe Acrobat 7.0 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"AltoMP3 Gold_is1" = AltoMP3 Gold 5.04
"ASAP Utilities_is1" = ASAP Utilities
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adrive.ADriveDesktop.9E1195EE779B0F966F518632F3A0F64E53222DC6.1" = ADrive Desktop
"FileZilla Client" = FileZilla Client 3.3.5.1
"Google Chrome" = Google Chrome
"hp Deskjet 9800 series" = HP Deskjet 9800 Series
"HP LaserJet 3050/3052/3055/3390/3392" = HP LaserJet 3050/3052/3055/3390/3392 4.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{3C3B2C97-0DAB-482F-9C95-6610827210E3}" = ASUS nVIDIA Driver
"InstallShield_{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}" = Kies mini
"InstallShield_{FAACF484-848A-4BA8-9296-33E2F0C43EDC}" = eKEY
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PDF Editor 2" = PDF Editor 2
"Samsung CLP-510 Series" = Samsung CLP-510 Series
"TimeMe Timer Stopwatch CL_is1" = TimeMe Timer Stopwatch CL 1.4.0
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XobniMain" = Xobni
"YouDataAIR.CDA5CEB063BC2A22C44BAA035F25F65FCCDA2208.1" = YouData 5-Stack

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.5.0.457

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/3/2011 5:18:38 AM | Computer Name = JORGE_DESKTOP | Source = AntiSpywareService | ID = 0
Description =

Error - 2/3/2011 6:30:59 PM | Computer Name = JORGE_DESKTOP | Source = Application Hang | ID = 1002
Description = Hanging application Encompass.exe, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/4/2011 11:14:17 AM | Computer Name = JORGE_DESKTOP | Source = AntiSpywareService | ID = 0
Description =

Error - 2/4/2011 11:40:51 AM | Computer Name = JORGE_DESKTOP | Source = AntiSpywareService | ID = 0
Description =

Error - 2/4/2011 4:02:57 PM | Computer Name = JORGE_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application spoolsv.exe, version 5.1.2600.6024, faulting
module unknown, version 0.0.0.0, fault address 0x020184fe.

Error - 2/4/2011 5:20:51 PM | Computer Name = JORGE_DESKTOP | Source = AntiSpywareService | ID = 0
Description =

Error - 2/4/2011 5:58:37 PM | Computer Name = JORGE_DESKTOP | Source = AntiSpywareService | ID = 0
Description =

Error - 2/4/2011 6:06:02 PM | Computer Name = JORGE_DESKTOP | Source = Application Hang | ID = 1002
Description = Hanging application Encompass.exe, version 4.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 2/4/2011 8:49:02 PM | Computer Name = JORGE_DESKTOP | Source = AntiSpywareService | ID = 0
Description =

Error - 2/6/2011 7:58:08 AM | Computer Name = JORGE_DESKTOP | Source = Application Error | ID = 1000
Description = Faulting application spoolsv.exe, version 5.1.2600.6024, faulting
module unknown, version 0.0.0.0, fault address 0x0201705b.

[ System Events ]
Error - 2/4/2011 9:11:10 PM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 2/4/2011 9:11:10 PM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The Forceware Web Interface service terminated unexpectedly. It has
done this 1 time(s).

Error - 2/4/2011 9:11:10 PM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 2/4/2011 9:11:10 PM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The ForceWare user log service service terminated unexpectedly. It
has done this 1 time(s).

Error - 2/4/2011 9:11:10 PM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The SupportSoft Sprocket Service (ddoctorv2) service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/4/2011 9:11:10 PM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The ForceWare Intelligent Application Manager (IAM) service terminated
unexpectedly. It has done this 1 time(s).

Error - 2/4/2011 9:11:10 PM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The XobniService service terminated unexpectedly. It has done this
1 time(s).

Error - 2/4/2011 9:11:10 PM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The ForceWare IP service service terminated unexpectedly. It has
done this 1 time(s).

Error - 2/4/2011 9:11:11 PM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).

Error - 2/6/2011 7:58:10 AM | Computer Name = JORGE_DESKTOP | Source = Service Control Manager | ID = 7034
Description = The Print Spooler service terminated unexpectedly. It has done this
1 time(s).


< End of report >
jorgechm
Regular Member
 
Posts: 16
Joined: January 12th, 2011, 5:18 pm

Re: HijackThis Log - PC is slow even after deleting temp fil

Unread postby jorgechm » February 7th, 2011, 9:28 pm

My printers have dissapeared.
jorgechm
Regular Member
 
Posts: 16
Joined: January 12th, 2011, 5:18 pm

Re: HijackThis Log - PC is slow even after deleting temp fil

Unread postby askey127 » February 8th, 2011, 9:39 pm

jorgechm,
Download OTL from here http://oldtimer.geekstogo.com/OTL.exe and save it to your desktop.
----------------------------------------------
Perform a Custom Scan or Fix with OTL
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    O15 - HKCU\..Trusted Domains: byreferralonly.com ([myclients] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: byreferralonly.com ([myphoneleads] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: byreferralonly.com ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: craigslist.org ([accounts] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: google.com ([]* in Trusted sites)
    O15 - HKCU\..Trusted Domains: google.com ([local] * in Trusted sites)
    O15 - HKCU\..Trusted Domains: google.com ([maps] * in Trusted sites)
    O15 - HKCU\..Trusted Domains: google.com ([picassaweb] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: google.com ([www] * in Trusted sites)
    O15 - HKCU\..Trusted Domains: har.com ([members] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: har.com ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: intuit.com ([qbo] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: linkedin.com ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: mydailyflyer.com ([]https in Trusted sites)
    O15 - HKCU\..Trusted Domains: realtor.org ([secure] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: statemortgageregistry.com ([www] https in Trusted sites)
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
    [2010/05/26 05:11:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/10/22 13:14:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

If your printers are on a network, or on a parallel port, the software may have to be re-installed.
USB printers should be unplugged, then plugged back in to initiate.
Tell me how it's running.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: HijackThis Log - PC is slow even after deleting temp fil

Unread postby jorgechm » February 9th, 2011, 1:08 pm

Please recall that I still have that Malicious.PDF.Gen file.

I believe it is running faster.

OTL logfile created on: 2/9/2011 11:04:24 AM - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Jorge\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 418.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.04 Gb Total Space | 111.24 Gb Free Space | 74.64% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 145.28 Gb Free Space | 97.48% Space Free | Partition Type: NTFS

Computer Name: JORGE_DESKTOP | User Name: Jorge | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/02/09 10:51:46 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTL.exe
PRC - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/01/10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/09/29 07:37:22 | 000,142,336 | ---- | M] () -- C:\Program Files\ADrive Desktop\ADrive Desktop.exe
PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/20 11:46:28 | 000,055,016 | ---- | M] (Xobni Corporation) -- C:\Program Files\Xobni\XobniService.exe
PRC - [2010/04/05 16:03:36 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/19 10:26:54 | 000,455,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 12:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/03/26 10:30:12 | 000,053,248 | ---- | M] (HP) -- C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
PRC - [2006/12/18 21:34:36 | 000,868,352 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2006/11/13 12:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 12:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/09/11 19:59:28 | 000,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2006/09/11 19:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006/09/11 19:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006/04/13 16:14:26 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2005/08/07 14:38:30 | 000,253,952 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2005/06/03 04:18:54 | 000,335,872 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe
PRC - [2004/12/14 01:12:02 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe


========== Modules (SafeList) ==========

MOD - [2011/02/09 10:51:46 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTL.exe
MOD - [2010/08/23 10:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 18:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2007/04/19 13:21:40 | 000,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/01/10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/09/01 14:52:56 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/20 11:46:28 | 000,055,016 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files\Xobni\XobniService.exe -- (XobniService)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/19 10:26:54 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2008/04/24 12:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2006/09/11 19:59:28 | 000,172,032 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2006/09/11 19:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006/09/11 19:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006/04/13 16:14:26 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2005/08/07 14:38:30 | 000,253,952 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


========== Driver Services (SafeList) ==========

DRV - [2011/01/10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/07/20 04:38:24 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/07/20 04:38:24 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010/07/20 04:38:24 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/04/26 20:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/04/26 20:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010/04/26 20:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2009/08/16 10:57:00 | 007,729,568 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/12/04 16:10:30 | 000,016,640 | R--- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/01/16 09:09:06 | 000,293,888 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006/05/03 10:50:42 | 001,540,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/04/24 17:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/03/22 14:24:02 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/22 14:24:00 | 000,052,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/03/22 14:23:50 | 000,109,568 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvtcp.sys -- (NVTCP)
DRV - [2006/03/17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/08/22 05:42:27 | 000,011,264 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005/06/09 14:10:58 | 000,023,040 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2004/10/27 15:21:36 | 000,138,240 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004/05/17 07:04:16 | 000,041,984 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://members.har.com/indexr.cfm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Comcast Search"
FF - prefs.js..browser.startup.homepage: "https://members.har.com/indexr.cfm"
FF - prefs.js..extensions.enabledItems: ""
FF - prefs.js..extensions.enabledItems: ""
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {4E77EDAD-9566-4089-88D1-C81498CEE770}:3.5
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: ""

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/29 11:39:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/13 08:34:56 | 000,000,000 | ---D | M]

[2010/05/07 14:59:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jorge\Application Data\Mozilla\Extensions
[2011/02/04 18:49:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jorge\Application Data\Mozilla\Firefox\Profiles\wq9yghgh.default\extensions
[2010/10/25 16:08:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jorge\Application Data\Mozilla\Firefox\Profiles\wq9yghgh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/25 16:07:10 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Documents and Settings\Jorge\Application Data\Mozilla\Firefox\Profiles\wq9yghgh.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/02/09 10:52:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/02 09:44:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JORGE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WQ9YGHGH.DEFAULT\EXTENSIONS\{4E77EDAD-9566-4089-88D1-C81498CEE770}
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/02 09:44:12 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/12/01 10:50:26 | 000,004,946 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\comcast.xml

O1 HOSTS File: ([2011/02/05 10:28:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [HPWQTOOLBOX] C:\Program Files\Hewlett-Packard\HP Deskjet 9800 Series\Toolbox\HPWQTBX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Samsung Common SM] File not found
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe ()
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\Jorge\Start Menu\Programs\Startup\ADrive Desktop.lnk = C:\Program Files\ADrive Desktop\ADrive Desktop.exe ()
O4 - Startup: C:\Documents and Settings\Jorge\Start Menu\Programs\Startup\OggSync.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: swsecure.com ([]http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/12 15:39:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/24 12:29:55 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/02/09 10:52:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/02/08 13:35:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/02/08 09:43:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung CLP-510 Series
[2011/02/08 09:41:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Samsung
[2011/02/07 19:13:02 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTL.exe
[2011/02/05 10:21:37 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/02/05 10:15:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/02/05 10:15:47 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/02/05 10:15:47 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/02/05 10:15:47 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/02/05 10:15:38 | 000,000,000 | ---D | C] -- C:\zzz
[2011/02/05 10:15:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/02/04 19:02:45 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/02/04 19:01:27 | 000,519,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTM.exe
[2011/02/04 18:48:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\comcasttb
[2011/02/04 16:26:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\ePASS
[2011/02/04 15:11:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/02/04 12:54:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2011/02/04 09:51:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/02/04 09:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\Avira
[2011/02/04 09:43:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/02/04 09:43:44 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/02/04 09:43:43 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/02/04 09:43:43 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/02/04 09:43:43 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/02/04 09:43:43 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/02/04 09:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/02/04 09:43:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/02/04 09:06:32 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\TFC.exe
[2011/02/02 18:15:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/02/02 09:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/01/30 15:42:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
[2011/01/30 15:41:49 | 000,121,576 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdm.sys
[2011/01/30 15:41:49 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadmdfl.sys
[2011/01/30 15:41:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcmnt.sys
[2011/01/30 15:41:49 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadcm.sys
[2011/01/30 15:41:47 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwhnt.sys
[2011/01/30 15:41:47 | 000,010,216 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadwh.sys
[2011/01/30 15:41:46 | 000,096,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\ssadbus.sys
[2011/01/30 15:41:42 | 000,132,424 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdm.sys
[2011/01/30 15:41:42 | 000,014,920 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys
[2011/01/30 15:41:42 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcmnt.sys
[2011/01/30 15:41:42 | 000,012,616 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdcm.sys
[2011/01/30 15:41:40 | 000,104,648 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdbus.sys
[2011/01/30 15:41:40 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwhnt.sys
[2011/01/30 15:41:40 | 000,012,488 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\sscdwh.sys
[2011/01/30 15:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2011/01/30 15:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2011/01/30 15:40:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\.svn
[2011/01/30 15:38:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2011/01/30 15:35:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2011/01/28 12:12:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\My Documents\pics
[2011/01/25 12:10:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\FileZilla
[2011/01/25 12:08:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileZilla FTP Client
[2011/01/25 12:08:31 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2011/01/24 11:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/01/24 11:43:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Start Menu\Programs\HiJackThis
[2011/01/19 19:30:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Local Settings\Application Data\WinZip
[2011/01/19 19:30:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinZip
[2011/01/19 19:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2011/01/14 20:37:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jorge\Application Data\Serif
[2011/01/14 20:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Serif Applications
[2011/01/14 20:36:06 | 000,000,000 | ---D | C] -- C:\Program Files\Serif
[2011/01/12 21:31:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools
[2011/01/10 16:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ellie Mae Encompass360
[2010/07/22 18:13:52 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Jorge\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/02/09 10:59:05 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2011/02/09 10:58:26 | 000,249,324 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/02/09 10:57:31 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/09 10:57:29 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/02/09 10:56:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/02/09 10:55:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/09 10:51:46 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTL.exe
[2011/02/09 10:09:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-842925246-725345543-1005UA.job
[2011/02/09 08:10:03 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/02/09 03:21:19 | 000,446,904 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/09 03:03:49 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/02/08 19:09:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-842925246-725345543-1005Core.job
[2011/02/05 16:23:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/02/05 10:28:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/02/05 10:21:41 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/02/04 19:01:33 | 000,519,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\OTM.exe
[2011/02/04 15:10:51 | 004,263,406 | R--- | M] () -- C:\Documents and Settings\Jorge\Desktop\zzz.exe
[2011/02/04 12:54:36 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/02/04 09:43:50 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/02/04 09:36:34 | 049,788,256 | ---- | M] () -- C:\Documents and Settings\Jorge\Desktop\avira_antivir_personal_en.exe
[2011/02/04 09:07:10 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jorge\Desktop\TFC.exe
[2011/02/02 18:25:28 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/02/01 09:54:20 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\Jorge\Desktop\EELWER REALTY ADS.doc
[2011/01/30 15:53:12 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/01/30 15:52:00 | 000,000,827 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies mini.lnk
[2011/01/30 15:42:05 | 000,001,747 | ---- | M] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies mini.lnk
[2011/01/30 15:41:45 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/01/30 15:41:45 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/01/30 15:38:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2011/01/24 11:43:54 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\Jorge\Desktop\HiJackThis.lnk
[2011/01/13 18:45:17 | 000,037,888 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2011/01/13 18:45:17 | 000,020,480 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2011/01/12 21:31:48 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/01/12 21:31:19 | 000,001,730 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011/01/11 16:07:10 | 000,140,288 | ---- | M] () -- C:\Documents and Settings\Jorge\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/10 16:08:11 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Encompass360.lnk
[2011/01/10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/01/10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

========== Files Created - No Company Name ==========

[2011/02/08 09:21:26 | 000,000,766 | ---- | C] () -- C:\WINDOWS\Uninstall.ico
[2011/02/05 10:21:41 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/02/05 10:21:38 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/02/05 10:15:47 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/02/05 10:15:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/02/05 10:15:47 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/02/05 10:15:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/02/05 10:15:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/02/04 15:00:19 | 004,263,406 | R--- | C] () -- C:\Documents and Settings\Jorge\Desktop\zzz.exe
[2011/02/04 09:43:50 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/02/04 09:36:33 | 049,788,256 | ---- | C] () -- C:\Documents and Settings\Jorge\Desktop\avira_antivir_personal_en.exe
[2011/02/01 09:54:20 | 000,054,784 | ---- | C] () -- C:\Documents and Settings\Jorge\Desktop\EELWER REALTY ADS.doc
[2011/01/30 15:53:12 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011/01/30 15:42:05 | 000,001,747 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies mini.lnk
[2011/01/30 15:42:05 | 000,000,827 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Samsung Kies mini.lnk
[2011/01/30 15:41:19 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/01/30 15:38:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2011/01/24 11:43:54 | 000,001,984 | ---- | C] () -- C:\Documents and Settings\Jorge\Desktop\HiJackThis.lnk
[2011/01/14 22:06:54 | 000,002,393 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Serif PagePlus X5.lnk
[2011/01/12 21:31:19 | 000,002,435 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Publisher.lnk
[2011/01/12 21:31:19 | 000,001,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011/01/10 16:08:11 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Encompass360.lnk
[2010/11/14 13:43:41 | 000,172,338 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1993962763-842925246-725345543-1005-0.dat
[2010/11/10 05:16:55 | 000,172,338 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2010/10/25 16:22:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EngineExe.INI
[2010/10/25 16:22:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2010/10/13 08:56:37 | 000,000,094 | ---- | C] () -- C:\WINDOWS\family.ini
[2010/08/23 14:16:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Jorge\Local Settings\Application Data\fusioncache.dat
[2010/07/22 18:14:24 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\vso_ts_preview.xml
[2010/07/22 18:14:05 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\pcouffin.log
[2010/07/22 18:13:52 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\pcouffin.cat
[2010/07/22 18:13:52 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\pcouffin.inf
[2010/07/19 11:17:33 | 000,038,468 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\Comma Separated Values (DOS).ADR
[2010/07/14 17:10:29 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Aeditor.INI
[2010/07/14 17:09:51 | 000,000,520 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2010/06/24 02:22:29 | 000,244,760 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010/05/25 13:04:53 | 000,000,025 | ---- | C] () -- C:\WINDOWS\WebEasy.INI
[2010/05/14 17:11:35 | 000,000,397 | ---- | C] () -- C:\WINDOWS\hpw9800k.ini
[2010/05/14 17:07:50 | 000,000,092 | ---- | C] () -- C:\WINDOWS\hpdj9800.ini
[2010/05/14 17:07:34 | 000,001,505 | ---- | C] () -- C:\WINDOWS\mariner.ini
[2010/04/22 07:33:53 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jorge\Application Data\$_hpcst$.hpc
[2010/04/08 19:21:47 | 000,229,376 | R--- | C] () -- C:\WINDOWS\System32\HPPCPR01.DLL
[2010/04/08 19:21:19 | 000,000,163 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2010/04/08 18:55:47 | 000,001,219 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2010/04/08 13:00:21 | 000,000,212 | ---- | C] () -- C:\Documents and Settings\Jorge\Local Settings\Application Data\xobni_installer_updater.log
[2010/04/05 21:00:13 | 000,000,087 | ---- | C] () -- C:\WINDOWS\dswplug.ini
[2010/04/05 21:00:09 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\mplaw7.dll
[2010/04/05 21:00:09 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\mplaa6.dll
[2010/04/05 21:00:09 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\mplam6.dll
[2010/04/05 21:00:09 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010/04/05 15:52:32 | 000,140,288 | ---- | C] () -- C:\Documents and Settings\Jorge\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/05 14:33:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/03/23 12:36:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2010/03/23 12:30:41 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2010/03/23 12:30:39 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2010/03/13 03:59:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010/03/13 03:59:25 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\ATKOSDMini.DLL
[2010/03/13 03:59:25 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2010/03/13 03:59:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2010/03/12 09:36:19 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/01/25 12:58:06 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/02/19 00:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2006/01/24 10:33:16 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\ExpLoansFromGenesis.dll
[2005/08/02 02:35:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005/08/02 02:35:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/08/02 02:35:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005/08/02 02:35:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005/08/02 02:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005/08/02 02:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/04/25 15:22:46 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\DSWndinet.dll
[2005/04/25 15:22:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hhsaid.dll
[2003/11/12 09:16:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\GNetParserX.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/07/07 03:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2001/03/28 11:37:14 | 000,000,033 | ---- | C] () -- C:\WINDOWS\hppcap.ini
[2000/02/17 13:57:02 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\GN32.DLL
[1999/10/13 14:59:48 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\GNS2KZIP.DLL

========== LOP Check ==========

[2010/10/22 13:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AT&T(2)
[2010/06/17 15:44:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2010/10/22 13:14:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/06/03 08:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2010/04/25 19:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CitrixLogs
[2010/10/18 08:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/06/08 14:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2010/04/05 15:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flip Video
[2010/08/21 09:17:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hagel Technologies
[2010/12/15 14:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2010/10/22 13:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/06/08 14:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance
[2010/11/27 20:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PrinterShare
[2011/01/30 15:53:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2010/06/08 14:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/10/23 11:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/05/24 19:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2010/04/05 20:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2011/01/19 19:30:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/08/04 18:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/06 09:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\ASAP Utilities
[2010/10/18 14:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\AT&T
[2011/01/05 11:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\ATT Connect
[2010/05/26 08:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Avanquest
[2010/10/18 09:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\AVG
[2010/10/23 13:57:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\CallingID
[2010/04/05 14:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\com.adrive.ADriveDesktop.9E1195EE779B0F966F518632F3A0F64E53222DC6.1
[2011/02/04 18:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\comcasttb
[2010/10/18 14:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\DBUpdater
[2010/11/15 08:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Dropbox
[2011/02/04 16:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\ePASS
[2011/02/08 17:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\FileZilla
[2010/06/20 19:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\GARMIN
[2010/10/13 08:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\HotSync
[2011/02/02 09:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\IPRental
[2010/10/25 08:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Mobile Action
[2010/06/08 14:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Nuance
[2010/08/04 16:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\OverDrive
[2011/01/14 22:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Serif
[2010/10/18 14:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Sierra Wireless
[2010/04/09 08:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Ulead Systems
[2010/07/22 18:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Vso
[2010/11/02 15:53:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\YouDataAIR.CDA5CEB063BC2A22C44BAA035F25F65FCCDA2208.1
[2010/06/08 14:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jorge\Application Data\Zeon

========== Purity Check ==========



< End of report >
jorgechm
Regular Member
 
Posts: 16
Joined: January 12th, 2011, 5:18 pm

Re: HijackThis Log - PC is slow even after deleting temp fil

Unread postby askey127 » February 9th, 2011, 7:50 pm

jorgechm,
The MongoFax coversheet PDF is on your desktop.
C:\Documents and Settings\Jorge\Desktop\MongoFaxCoversheet.pdf
If it is of concern, as the antivirus points out, then delete it !
This is an inexact science, but the rest of your machine looks OK.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: HijackThis Log - PC is slow even after deleting temp fil

Unread postby jorgechm » February 9th, 2011, 11:18 pm

Thank you for your help.
jorgechm
Regular Member
 
Posts: 16
Joined: January 12th, 2011, 5:18 pm

Re: HijackThis Log - PC is slow even after deleting temp fil

Unread postby askey127 » February 10th, 2011, 8:45 am

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13906
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 90 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware