Reply to thread

Message: <blockquote data-quote="RJude" data-source="post: 125852" data-attributes="member: 9341">OTL logfile created on: 6/25/2013 2:02:31 AM - Run OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPEWindows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = SystemInternet Explorer (Version = 9.0.8112.16421)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program FilesDrive C: | 218.20 Gb Total Space | 54.07 Gb Free Space | 24.78% Space Free | Partition Type: NTFSDrive E: | 14.65 Gb Total Space | 5.23 Gb Free Space | 35.69% Space Free | Partition Type: NTFSDrive F: | 7.25 Gb Total Space | 7.23 Gb Free Space | 99.80% Space Free | Partition Type: FAT32Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEMBoot Mode: Normal | Scan Mode: All usersCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 DaysUsing ControlSet: ControlSet002 ========== Win32 Services (SafeList) ========== SRV - File not found [Auto] --  -- (HitmanPro36CrusaderBoot) HitmanPro 3.6 Crusader (Boot)SRV - File not found [Auto] --  -- (DirectUpdate)SRV - [2013/06/23 18:10:57 | 000,106,280 | ---- | M] (SurfRight B.V.) [Auto] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)SRV - [2012/07/27 16:09:11 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2012/03/26 18:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)SRV - [2011/11/10 12:33:08 | 000,605,512 | ---- | M] (WinZip Computing, S.L. (WinZip Computing)) [Auto] -- C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe -- (WINZIPSSDiskOptimizer)SRV - [2011/08/11 19:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)SRV - [2011/07/07 20:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)SRV - [2011/06/15 18:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)SRV - [2010/03/04 13:28:08 | 000,658,656 | ---- | M] (SoftThinks) [Disabled] -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)SRV - [2009/06/29 00:23:13 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)SRV - [2009/04/13 10:48:12 | 000,828,656 | ---- | M] (Dell Inc.) [Disabled] -- C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)SRV - [2009/03/31 11:00:18 | 000,254,042 | ---- | M] (IDT, Inc.) [Disabled] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe -- (STacSV)SRV - [2009/03/31 11:00:04 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Disabled] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe -- (AESTFilters)SRV - [2009/03/25 11:44:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [Disabled] -- C:\Program Files\Dell\DellComms\bin\sprtsvc.exe -- (sprtsvc_DellComms) SupportSoft Sprocket Service (DellComms)SRV - [2009/01/30 01:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Disabled] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)SRV - [2008/12/18 14:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Disabled] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)SRV - [2008/05/07 18:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Disabled] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)SRV - [2006/09/14 08:56:06 | 000,102,400 | ---- | M] () [Disabled] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)  ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | Boot] --  -- (TfSysMon)DRV - File not found [Kernel | On_Demand] --  -- (TfNetMon)DRV - File not found [Kernel | Boot] --  -- (TfFsMon)DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)DRV - File not found [Kernel | On_Demand] --  -- (catchme)DRV - File not found [Kernel | System] --  -- (A2DDA)DRV - [2012/03/20 21:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)DRV - [2009/04/10 23:45:26 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)DRV - [2009/03/31 11:00:26 | 000,398,336 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)DRV - [2009/03/31 10:18:30 | 000,192,048 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)DRV - [2009/03/25 12:06:30 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)DRV - [2009/03/25 12:06:28 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)DRV - [2009/03/25 12:06:28 | 000,079,880 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)DRV - [2009/03/25 12:06:28 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)DRV - [2009/03/25 12:05:54 | 000,034,216 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)DRV - [2008/12/21 14:32:18 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)DRV - [2008/11/04 19:16:40 | 000,022,904 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand] -- C:\Program Files\Dell Support Center\HWDiag\bin\pcd5srvc.pkms -- (PCD5SRVC{3F6A8B78-EC003E00-05040104})DRV - [2008/06/17 13:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto] -- C:\Windows\System32\drivers\packet.sys -- (Packet)DRV - [2008/01/20 22:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)  ========== Standard Registry (SafeList) ==========  ========== Internet Explorer ==========   IE - HKU\.DEFAULT\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not foundIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\Caitlin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1IE - HKU\Caitlin_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FF 0C D2 01 7D 12 84 4B 96 FC F6 91 26 D8 F8 72  [binary data]IE - HKU\Caitlin_ON_C\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - Reg Error: Key error. File not foundIE - HKU\Caitlin_ON_C\..\URLSearchHook: {81fae9c9-cfbd-4cb3-8322-412e72f55f65} - Reg Error: Key error. File not foundIE - HKU\Caitlin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\Caitlin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FF 0C D2 01 7D 12 84 4B 96 FC F6 91 26 D8 F8 72  [binary data] IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = FF 0C D2 01 7D 12 84 4B 96 FC F6 91 26 D8 F8 72  [binary data]  ========== FireFox ========== FF - prefs.js..network.proxy.http: "127.0.0.1"FF - prefs.js..network.proxy.http_port: 61677FF - prefs.js..network.proxy.no_proxies_on: "localho,t,127.0.0.1,*.local"FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\System32\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)  [2009/07/23 21:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Caitlin\AppData\Roaming\Mozilla\Extensions[2009/07/23 21:23:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Caitlin\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org[2012/07/23 00:30:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions[2012/02/18 00:26:35 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}[2012/06/28 22:16:25 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions\OneClickDownload@OneClickDownload.com[2012/07/23 00:30:32 | 000,000,000 | ---D | M] (ASPCA App By We-Care.com) -- C:\Users\Caitlin\AppData\Roaming\Mozilla\Firefox\Profiles\zh23lfrc.default\extensions\wecarereminder@bryan[2011/10/12 15:28:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensionsFile not found (No name found) -- [2011/09/29 02:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll[2011/09/28 20:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml Hosts file not foundO2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -  File not foundO3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)O3 - HKU\Caitlin_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.O3 - HKU\Caitlin_ON_C\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.O3 - HKU\Caitlin_ON_C\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.O3 - HKU\Caitlin_ON_C\..\Toolbar\WebBrowser: (no name) - {81FAE9C9-CFBD-4CB3-8322-412E72F55F65} - No CLSID value found.O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)O4 - HKU\Caitlin_ON_C..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files\Dell DataSafe Local Backup\ToasterLauncher.exe ()O4 - Startup: C:\Users\Caitlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)O4 - Startup: C:\Users\Caitlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk =  File not foundO4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel presentO6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel presentO7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery presentO7 - HKU\Caitlin_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel presentO7 - HKU\Caitlin_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery presentO7 - HKU\Caitlin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel presentO7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery presentO7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel presentO7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery presentO7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel presentO7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery presentO10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Reg Error: Value error.)O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab (Enlite 2.x Simulation Engine Installer)O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 10.9.2)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.168.12 97.64.183.165 192.168.1.1O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)O32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]O34 - HKLM BootExecute: (autocheck autochk *) -  File not foundO35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2013/06/24 19:59:04 | 000,000,000 | ---D | C] -- C:\FRST[2013/06/23 15:35:50 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{FB9CC6D4-6A56-4FFE-8AE3-563E991FC57D}[2013/06/23 00:36:15 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{FE7A3477-0B54-469F-9955-16245DD8524B}[2013/06/22 11:32:29 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{D5F7F2DC-B67C-4C08-A564-CCB078797226}[2013/06/21 11:03:05 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{A6B1C668-A0E5-4AD5-B0BB-C896B3446F28}[2013/06/20 11:37:37 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{E66D9967-8E5B-4681-BCBC-49C36A764BBB}[2013/06/19 11:09:25 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{1459652D-89D5-45D1-B060-261D3FFFF53C}[2013/06/18 23:08:38 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{0DC30A43-E0B0-4249-B913-C67F10736E93}[2013/06/17 14:21:17 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{F6514760-505B-40E0-9775-32BAB28BDC89}[2013/06/16 16:54:56 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{126C9442-62A1-47CE-AE40-6AFA1D7B51AE}[2013/06/15 18:50:13 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{158C0930-0F6B-4A73-A443-840840230FF5}[2013/06/14 13:22:22 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{27579C40-B4EE-4C77-9E58-870695617695}[2013/06/14 13:21:18 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\Desktop\Safety Pics[2013/06/12 18:46:19 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{D3F275CD-D912-47B8-A849-695BB4EA4CB4}[2013/06/11 19:36:37 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{1EE2E195-1376-4359-B1FE-AF56A691BE2A}[2013/06/10 22:06:43 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{7CDF8395-B91D-4A16-9C4E-94DF559E2EDE}[2013/06/09 14:43:20 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{0DEE1197-B6A1-40CC-8641-BE4F97ABB78E}[2013/06/09 00:32:35 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{1BC67F5D-DCA0-454A-9D0B-482A49A4BD04}[2013/06/08 12:31:50 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{5D26E18D-AD13-45BB-ACE1-D935E4548259}[2013/06/08 00:14:48 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{0F4970B7-9E4F-43DA-BE4C-B0DE882F8F96}[2013/06/07 12:13:53 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{C5FC9EA3-7673-4A64-9788-B572915B3BE4}[2013/06/06 21:57:07 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{4DCDC46B-BB6F-4BEE-8984-CE816DD8F739}[2013/06/06 09:56:41 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{BBA9CA9D-C306-4890-A26E-4201795EB3F9}[2013/06/05 09:45:18 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{407BD67D-FAAA-458F-914A-3E114A4A87B2}[2013/06/04 10:02:51 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{06B93890-E623-411A-ADCF-7D82859CB908}[2013/06/03 21:55:02 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{BB85A3C0-2CAB-4EED-ACA1-E854D64098F1}[2013/06/03 09:54:22 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{E97467EB-9AFC-4357-A322-B96586F63DD3}[2013/06/02 21:17:19 | 000,000,000 | -HSD | C] -- C:\found.002[2013/06/02 12:42:56 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{ED2F81C7-2E67-4741-9F4D-31BCEC1DF164}[2013/06/01 11:57:15 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{E5D87E93-B0D2-4986-B5FC-A0BE553F4EAF}[2013/05/31 22:00:58 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{7A2B4651-4898-41EC-A4A8-6DE3C93801C9}[2013/05/31 10:00:17 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{7A7A0C55-4EBB-429C-AC72-4660A99157B1}[2013/05/30 15:08:28 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{59E0D749-12F5-43F7-B11F-17083D2C3D8C}[2013/05/30 09:49:14 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{EB5ABCFE-A76A-4DE4-A29D-02BD3762EC97}[2013/05/29 14:27:41 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{87C10CDF-B7B9-46B4-9DE3-4EA051E70805}[2013/05/29 13:21:50 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{61E9C591-63B6-4D54-94A2-A8AE9F052841}[2013/05/29 09:53:58 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{69C56121-BFC5-4D66-A27A-06E05D623702}[2013/05/28 23:26:53 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{31571B64-6944-401A-A49E-F60E0A5A9631}[2013/05/28 19:48:06 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{90623B4B-FAB7-4E98-93F4-133C22646F3D}[2013/05/28 17:05:50 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{1BC6A980-562C-43C8-8483-7A1D2526BB9F}[2013/05/28 16:32:14 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{EE7D7AA3-B6F7-4BD9-AF66-37483DFC0D7E}[2013/05/28 10:12:50 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{84F5DABE-EE6A-4D9E-9E25-A2A288F434F0}[2013/05/27 15:19:14 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{3F0DFEAC-AB67-46DE-A5F5-0007C5112C4E}[2013/05/26 17:03:29 | 000,000,000 | ---D | C] -- C:\Users\Caitlin\AppData\Local\{2C3ECAC2-E949-42BF-9085-9340D055FF4D}[2012/07/12 04:28:44 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files\Common Files\atimpenc.dll[3 C:\Users\Caitlin\Documents\*.tmp files -> C:\Users\Caitlin\Documents\*.tmp -> ][1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/06/25 01:49:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2013/06/25 01:47:49 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0[2013/06/25 01:47:49 | 000,003,744 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0[2013/06/25 01:47:44 | 3181,760,512 | -HS- | M] () -- C:\hiberfil.sys[2013/06/23 23:18:32 | 187,263,387 | ---- | M] () -- C:\Windows\MEMORY.DMP[2013/06/23 18:08:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro[2013/06/23 16:15:29 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2013/06/23 15:39:56 | 001,097,648 | ---- | M] () -- C:\ProgramData\2433f433[2013/06/23 12:35:40 | 000,104,448 | ---- | M] () -- C:\Users\Caitlin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2013/06/23 12:13:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2013/06/23 12:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2013/06/22 17:44:42 | 117,974,633 | ---- | M] () -- C:\Users\Caitlin\Documents\Always Forever.wmv[2013/06/22 12:22:27 | 140,777,201 | ---- | M] () -- C:\Users\Caitlin\Desktop\Ryan, Do roses know their thorns can hurt.wmv[2013/06/16 18:47:21 | 000,607,180 | ---- | M] () -- C:\Windows\System32\perfh009.dat[2013/06/16 18:47:21 | 000,105,934 | ---- | M] () -- C:\Windows\System32\perfc009.dat[2013/06/16 17:17:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf[2013/06/16 00:24:38 | 000,136,711 | ---- | M] () -- C:\Users\Caitlin\Desktop\FathersDay.jpg[2013/06/14 01:33:28 | 205,655,593 | ---- | M] () -- C:\Users\Caitlin\Documents\SafetyCamp2013.wmv[2013/06/13 20:08:57 | 000,013,376 | ---- | M] () -- C:\Users\Caitlin\Desktop\xLifeincolorings 5.veg[2013/06/09 19:48:46 | 098,398,573 | ---- | M] () -- C:\Users\Caitlin\Documents\ForeverYoung.wmv[2013/06/09 16:34:01 | 000,023,368 | ---- | M] () -- C:\Users\Caitlin\Desktop\JColouring.veg[2013/06/09 16:07:43 | 000,017,640 | ---- | M] () -- C:\Users\Caitlin\Desktop\sony vegas coloring 009.veg[2013/06/09 16:06:41 | 000,018,904 | ---- | M] () -- C:\Users\Caitlin\Desktop\TheDarlingTutorials_2.veg[2013/06/09 16:04:40 | 000,014,768 | ---- | M] () -- C:\Users\Caitlin\Desktop\xlifeincolorings7.veg[2013/06/08 16:54:06 | 000,019,152 | ---- | M] () -- C:\Users\Caitlin\Documents\Horserider9802 sony vegas coloring.veg[2013/05/31 15:32:20 | 022,349,661 | ---- | M] () -- C:\Users\Caitlin\Documents\LastPageant.wmv[2013/05/29 15:27:13 | 123,366,633 | ---- | M] () -- C:\Users\Caitlin\Documents\Ashes Like Snow.wmv[3 C:\Users\Caitlin\Documents\*.tmp files -> C:\Users\Caitlin\Documents\*.tmp -> ][1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/06/25 00:12:06 | 3181,760,512 | -HS- | C] () -- C:\hiberfil.sys[2013/06/23 15:39:56 | 001,097,648 | ---- | C] () -- C:\ProgramData\2433f433[2013/06/22 16:55:52 | 117,974,633 | ---- | C] () -- C:\Users\Caitlin\Documents\Always Forever.wmv[2013/06/22 12:19:53 | 140,777,201 | ---- | C] () -- C:\Users\Caitlin\Desktop\Ryan, Do roses know their thorns can hurt.wmv[2013/06/16 17:17:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf[2013/06/16 00:24:37 | 000,136,711 | ---- | C] () -- C:\Users\Caitlin\Desktop\FathersDay.jpg[2013/06/14 00:34:15 | 205,655,593 | ---- | C] () -- C:\Users\Caitlin\Documents\SafetyCamp2013.wmv[2013/06/13 20:09:06 | 000,013,376 | ---- | C] () -- C:\Users\Caitlin\Desktop\xLifeincolorings 5.veg[2013/06/09 18:29:37 | 098,398,573 | ---- | C] () -- C:\Users\Caitlin\Documents\ForeverYoung.wmv[2013/06/09 16:34:01 | 000,023,368 | ---- | C] () -- C:\Users\Caitlin\Desktop\JColouring.veg[2013/06/09 16:08:04 | 000,017,640 | ---- | C] () -- C:\Users\Caitlin\Desktop\sony vegas coloring 009.veg[2013/06/09 16:06:45 | 000,018,904 | ---- | C] () -- C:\Users\Caitlin\Desktop\TheDarlingTutorials_2.veg[2013/06/09 16:04:44 | 000,014,768 | ---- | C] () -- C:\Users\Caitlin\Desktop\xlifeincolorings7.veg[2013/06/08 16:54:20 | 000,019,152 | ---- | C] () -- C:\Users\Caitlin\Documents\Horserider9802 sony vegas coloring.veg[2013/06/02 22:33:34 | 187,263,387 | ---- | C] () -- C:\Windows\MEMORY.DMP[2013/05/31 15:25:01 | 022,349,661 | ---- | C] () -- C:\Users\Caitlin\Documents\LastPageant.wmv[2013/05/29 14:31:03 | 123,366,633 | ---- | C] () -- C:\Users\Caitlin\Documents\Ashes Like Snow.wmv[2012/07/31 01:23:28 | 000,000,064 | ---- | C] () -- C:\ProgramData\-84bi1KGi9E4gk0r[2012/07/31 01:23:27 | 000,000,064 | ---- | C] () -- C:\ProgramData\-84bi1KGi9E4gk0[2012/07/31 01:23:22 | 000,000,368 | ---- | C] () -- C:\ProgramData\84bi1KGi9E4gk0[2012/07/30 17:14:35 | 000,000,064 | ---- | C] () -- C:\ProgramData\-Mc6bjmwTe4AN7or[2012/07/30 17:14:35 | 000,000,064 | ---- | C] () -- C:\ProgramData\-Mc6bjmwTe4AN7o[2012/07/30 17:14:30 | 000,000,368 | ---- | C] () -- C:\ProgramData\Mc6bjmwTe4AN7o[2012/07/24 16:02:15 | 000,000,086 | -HS- | C] () -- C:\Users\Caitlin\AppData\Roaming\winset.ini[2012/05/29 23:51:48 | 000,000,041 | ---- | C] () -- C:\Users\Caitlin\AppData\Roaming\8432A5.dat[2012/05/21 22:54:34 | 000,000,152 | ---- | C] () -- C:\ProgramData\-qpBOEq4gwwLCuar[2012/05/21 22:54:34 | 000,000,000 | ---- | C] () -- C:\ProgramData\-qpBOEq4gwwLCua[2012/05/21 22:54:27 | 000,000,256 | ---- | C] () -- C:\ProgramData\qpBOEq4gwwLCua[2012/01/19 22:43:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe[2012/01/19 22:43:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe[2012/01/19 22:43:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe[2012/01/19 22:43:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe[2012/01/19 22:43:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe[2011/08/24 11:48:28 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll[2011/06/09 10:42:51 | 000,000,552 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\d3d8caps.dat[2011/05/22 15:35:14 | 000,000,000 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\{6CA91625-A7AB-447B-8738-FE14F5ADF468}[2011/05/17 21:28:34 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll1134.old[2011/05/17 21:28:34 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll1112.old[2011/05/17 20:30:45 | 000,005,558 | -HS- | C] () -- C:\Users\Caitlin\AppData\Local\384f67732t3b5h15xhpfvphk727l5ffm[2011/05/17 20:30:45 | 000,005,558 | -HS- | C] () -- C:\ProgramData\384f67732t3b5h15xhpfvphk727l5ffm[2011/05/17 14:10:49 | 000,016,106 | -HS- | C] () -- C:\Users\Caitlin\AppData\Local\c25v536q0haag77cku307l2142ma5s[2011/05/17 14:10:49 | 000,016,106 | -HS- | C] () -- C:\ProgramData\c25v536q0haag77cku307l2142ma5s[2011/05/12 16:15:11 | 000,022,806 | -HS- | C] () -- C:\Users\Caitlin\AppData\Local\okegjy65jj25l0i2x[2011/05/12 16:15:11 | 000,022,806 | -HS- | C] () -- C:\ProgramData\okegjy65jj25l0i2x[2011/03/14 10:57:33 | 000,134,176 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\ucasiyovupomub.dll[2011/03/14 01:15:01 | 000,000,517 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\areqaluh.dll[2011/03/13 22:50:30 | 000,000,517 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\ejesaneyulexaheq.dll[2011/03/13 20:46:02 | 000,000,517 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\exuyetof.dll[2011/03/13 17:29:48 | 000,000,517 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\egelonorapule.dll[2011/03/13 17:12:10 | 000,000,517 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\amebugid.dll[2011/02/02 17:57:38 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll[2011/02/02 17:57:38 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll[2010/11/11 23:19:43 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll[2010/11/11 23:18:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin[2010/06/30 22:59:00 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI[2010/05/08 21:23:37 | 000,006,756 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\d3d9caps.dat[2010/04/07 20:18:45 | 000,018,930 | -HS- | C] () -- C:\Users\Caitlin\AppData\Local\P21b0S80R[2010/04/07 20:18:45 | 000,018,930 | -HS- | C] () -- C:\ProgramData\P21b0S80R[2010/04/01 23:40:28 | 000,017,812 | -HS- | C] () -- C:\Users\Caitlin\AppData\Local\8Cq4r[2010/04/01 23:40:28 | 000,017,812 | -HS- | C] () -- C:\ProgramData\8Cq4r[2009/09/14 16:53:13 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol[2009/08/03 17:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll[2009/08/03 17:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe[2009/07/15 14:47:03 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI[2009/07/15 14:42:18 | 000,104,448 | ---- | C] () -- C:\Users\Caitlin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[2009/06/29 02:50:17 | 000,982,196 | ---- | C] () -- C:\Windows\System32\igkrng500.bin[2009/06/29 02:50:17 | 000,417,344 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin[2009/06/29 02:50:17 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin[2009/06/29 02:50:17 | 000,097,448 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin[2009/06/29 00:12:03 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll[2009/06/29 00:12:02 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll[2009/06/29 00:12:02 | 000,026,112 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE[2009/06/29 00:03:12 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll[2009/04/11 14:02:01 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin[2009/04/11 12:07:30 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat[2006/11/02 08:47:37 | 000,372,072 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll[2006/11/02 06:33:01 | 000,607,180 | ---- | C] () -- C:\Windows\System32\perfh009.dat[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat[2006/11/02 06:33:01 | 000,105,934 | ---- | C] () -- C:\Windows\System32\perfc009.dat[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat[2004/10/26 18:39:05 | 003,375,104 | ---- | C] () -- C:\Windows\System32\qt-mt331.dll ========== LOP Check ========== [2012/07/17 20:43:45 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Apdyd[2012/07/17 20:43:45 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Biqyr[2012/07/17 20:43:45 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Buzyv[2012/06/04 15:28:36 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Byel[2012/07/04 21:22:58 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Cuzy[2012/06/04 19:33:04 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Deuq[2011/09/04 17:00:52 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Dropbox[2012/07/23 22:00:56 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Edvyv[2012/07/19 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Feul[2010/06/23 18:53:26 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\FFAcr8kiMhJxtHYHNe[2012/07/17 16:55:28 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Foseaq[2012/07/17 17:32:09 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Funu[2011/01/27 22:55:56 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\GetRightToGo[2012/07/17 20:43:45 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Icvan[2012/07/17 20:43:45 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Iczer[2012/07/12 21:38:30 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Laby[2012/07/14 15:47:10 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Lodiiw[2012/07/23 12:24:41 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Loum[2012/07/13 16:59:37 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Nedam[2012/07/11 22:11:10 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Ohsi[2012/07/23 00:29:59 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\OpenCandy[2009/08/17 21:57:49 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Opera[2012/07/14 22:31:33 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Otnyde[2012/07/31 20:11:17 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\PCDr[2012/07/17 20:43:45 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Peik[2012/07/17 20:22:04 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Peqube[2009/07/15 14:38:20 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Publish Providers[2012/07/13 20:35:22 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Puoxyv[2012/07/11 22:11:11 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Puuxuf[2012/07/14 15:42:52 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Qycy[2012/06/05 17:41:27 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Raogyf[2012/07/23 12:34:57 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Roaming[2012/07/17 20:44:02 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Sodey[2011/12/05 23:31:43 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Sony[2011/03/07 20:42:22 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Sony Creative Software Inc[2012/07/24 18:02:47 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Suwy[2012/06/06 23:46:40 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Suykb[2012/06/25 19:35:55 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\TeamViewer[2011/11/05 12:45:07 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\TestApp[2012/07/14 22:31:33 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Tytym[2012/07/28 16:09:31 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\uTorrent[2012/07/16 19:22:04 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Uxiwd[2012/06/04 17:11:46 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\WinZip[2012/06/04 19:43:11 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Woir[2012/07/13 17:43:47 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Xelin[2012/09/11 09:33:22 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Xilisoft[2012/07/13 20:35:22 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Ybgi[2012/07/17 20:43:45 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Ymhi[2012/07/12 21:38:30 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Ynwave[2012/07/10 20:20:30 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Yrpu[2012/06/05 17:41:27 | 000,000,000 | ---D | M] -- C:\Users\Caitlin\AppData\Roaming\Zipoac[2012/07/28 15:19:44 | 000,000,000 | ---D | M] -- C:\ProgramData\036DFF851697F7E4C9B746B42F3B707C[2013/03/04 23:57:16 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1[2010/07/01 18:19:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Alwil Software[2009/07/15 14:00:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data[2011/05/17 21:06:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Common Files[2009/07/15 14:00:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop[2009/07/15 14:00:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents[2011/10/11 20:43:23 | 000,000,000 | ---D | M] -- C:\ProgramData\ErrorEND[2011/06/11 15:32:37 | 000,000,000 | ---D | M] -- C:\ProgramData\eSellerate[2009/07/15 14:00:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites[2012/07/23 16:35:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Freemake[2013/06/23 18:08:14 | 000,000,000 | ---D | M] -- C:\ProgramData\HitmanPro[2011/05/17 21:06:57 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData[2009/06/29 00:28:50 | 000,000,000 | ---D | M] -- C:\ProgramData\PC-Doctor[2012/07/31 20:12:29 | 000,000,000 | ---D | M] -- C:\ProgramData\PCDr[2011/01/24 17:45:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Sony[2009/07/15 14:00:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu[2011/05/18 00:37:14 | 000,000,000 | ---D | M] -- C:\ProgramData\STOPzilla![2009/06/29 00:28:52 | 000,000,000 | ---D | M] -- C:\ProgramData\SupportSoft[2012/01/19 22:21:20 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP[2009/07/15 14:00:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates[2009/06/29 00:23:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Uninstall[2012/07/23 00:30:32 | 000,000,000 | ---D | M] -- C:\ProgramData\WeCareReminder[2010/09/21 20:57:44 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch[2012/09/11 09:32:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Xilisoft[2011/07/23 17:59:14 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}[2010/06/25 13:14:13 | 000,000,084 | ---- | M] () -- C:\Windows\Tasks\ID.Conf[2013/06/23 16:11:56 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ==========   ========== Alternate Data Streams ========== @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:5D432CE3@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin    :D" loading="lazy" data-shortname=":D" />FC5A2B2< End of report ></blockquote>

Verification

Top