Hi all, thanks SuperDave for your interest.
First of all, I'm sorry I couldn't have the would-have-been Jotti's link into my reply. I waited virtually all night for C:\Program Files (x86)\itisaluna\itisaluna.exe (which by the way, is my internet connection provider: a very well-known company here) to be scanned, but the scan didn't start: all I got is "Waiting for scan" with all anti-malware services.
Second of all, my computer looks more stable now, but my flash drives are still severly infected. I've got the files (M3K7H2A3 and M6K2H1A9-- both VBScript Script Files) in one flash drive.
I've uninstalled LimeWire.
Here are the logs you asked for:
Results of screen317's Security Check version 0.99.8
Windows 7
(UAC is disabled!) Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check: Windows Firewall Disabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update. ```````````````````````````````
Anti-malware/Other Utilities Check: Out of date HijackThis installed! Malwarebytes' Anti-Malware
HijackThis 1.99.1
Java(TM) 6 Update 20
Out of date Java installed! Adobe Flash Player 10.0.45.2
Adobe Reader 8.2.5
Out of date Adobe Reader installed! Mozilla Firefox (3.5.3)
Firefox Out of Date! ````````````````````````````````
Process Check:
objlist.exe by Laurent Norton ccSvcHst.exe
``````````End of Log```````````` OTL logfile created on: 06/01/2011 09:48:36 م - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Wissam\Desktop\Hope
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000801 | Country: العراق | Language: ARI | Date Format: dd/MM/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99.27 Gb Total Space | 69.03 Gb Free Space | 69.54% Space Free | Partition Type: NTFS
Drive D: | 99.36 Gb Total Space | 98.24 Gb Free Space | 98.87% Space Free | Partition Type: NTFS
Drive E: | 99.36 Gb Total Space | 87.53 Gb Free Space | 88.09% Space Free | Partition Type: NTFS
Drive G: | 14.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: WISSAM-PC | User Name: Wissam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/01/03 20:22:00 | 000,732,112 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\17.7.0.12\inststub.exe
PRC - [2011/01/02 17:27:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wissam\Desktop\Hope\OTL.exe
PRC - [2010/09/21 19:13:10 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/09/20 20:26:16 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\itisaluna\itisaluna.exe
PRC - [2010/02/26 03:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe
PRC - [2009/12/08 11:27:10 | 001,503,232 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2008/06/03 12:05:38 | 000,351,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE
PRC - [2007/03/12 13:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/03/12 13:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005/03/17 11:10:32 | 000,536,576 | ---- | M] (Panicware, Inc.) -- C:\Program Files (x86)\Panicware\Pop-Up Stopper Free Edition\PSFree.exe
========== Modules (SafeList) ========== MOD - [2011/01/02 17:27:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wissam\Desktop\Hope\OTL.exe
MOD - [2010/08/21 08:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2005/03/10 16:33:48 | 000,053,248 | ---- | M] (Panicware, Inc.) -- C:\Program Files (x86)\Panicware\Pop-Up Stopper Free Edition\XAHook.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - File not found [Auto | Stopped] -- C:\Windows\SysNative\srvany.exe -- (KMService)
SRV:
64bit: - [2010/06/29 20:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:
64bit: - [2010/06/01 22:30:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2009/07/14 04:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/14 04:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2010/09/21 17:53:38 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2010/02/26 03:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/06/11 00:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2010/12/29 19:12:08 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:
64bit: - [2010/12/20 19:51:37 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2010/06/01 22:50:28 | 006,857,728 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2010/06/01 21:42:48 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2010/05/06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:
64bit: - [2010/04/29 08:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\ironx64.sys -- (SymIRON)
DRV:
64bit: - [2010/04/22 06:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa64.sys -- (SymEFA)
DRV:
64bit: - [2010/04/22 05:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:
64bit: - [2010/03/04 13:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2010/02/26 03:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.sys -- (ccHP)
DRV:
64bit: - [2010/02/17 21:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2010/02/17 21:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2009/12/01 20:55:31 | 000,359,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:
64bit: - [2009/10/12 15:23:22 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:
64bit: - [2009/10/06 11:54:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:
64bit: - [2009/10/06 11:53:56 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:
64bit: - [2009/10/06 11:53:56 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:
64bit: - [2009/10/06 11:53:54 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:
64bit: - [2009/09/23 04:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:
64bit: - [2009/09/23 04:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:
64bit: - [2009/09/23 04:32:35 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:
64bit: - [2009/09/23 04:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:
64bit: - [2009/09/10 15:31:56 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:
64bit: - [2009/08/30 03:17:21 | 000,450,608 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1100000.088\symtdiv.sys -- (SYMTDIv)
DRV:
64bit: - [2009/08/30 03:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds64.sys -- (SymDS)
DRV:
64bit: - [2009/08/30 03:16:41 | 000,504,880 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtsp64.sys -- (SRTSP)
DRV:
64bit: - [2009/07/14 04:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2009/07/14 04:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2009/07/14 04:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/14 04:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/14 04:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2009/07/14 04:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/14 03:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:
64bit: - [2009/06/10 23:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:
64bit: - [2009/06/10 23:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 23:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 23:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 23:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2011/01/01 01:00:00 | 001,791,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110101.005\ex64.sys -- (NAVEX15)
DRV - [2011/01/01 01:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110101.005\eng64.sys -- (NAVENG)
DRV - [2010/12/26 01:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/12/26 01:00:00 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/12/01 01:03:34 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20101231.001\IDSviA64.sys -- (IDSVia64)
DRV - [2010/11/23 03:34:08 | 000,953,904 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20101123.003\BHDrvx64.sys -- (BHDrvx64)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.16
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {4C0766D3-67A7-45a3-85A2-752F77312F32}:4.0
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files (x86)\Real\RealPlayer\browserrecord [2010/09/21 19:13:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/10/04 22:25:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010/12/29 19:12:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4C0766D3-67A7-45a3-85A2-752F77312F32}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010/12/29 19:12:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/21 20:03:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/22 22:02:21 | 000,000,000 | ---D | M]
[2010/09/21 20:04:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wissam\AppData\Roaming\Mozilla\Extensions
[2010/09/21 20:04:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wissam\AppData\Roaming\Mozilla\Extensions\
[email protected][2010/09/25 20:14:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wissam\AppData\Roaming\Mozilla\Firefox\Profiles\93jcf71j.default\extensions
[2011/01/03 20:41:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/21 20:01:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/21 20:03:07 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2010/10/04 22:25:48 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES (X86)\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010/09/21 19:13:14 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES (X86)\REAL\REALPLAYER\BROWSERRECORD
[2010/12/29 19:12:17 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\COFFPLGN
[2010/12/29 19:12:17 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPLGN
[2010/09/21 20:01:38 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/12/29 20:00:10 | 000,000,908 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Wissam\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\CoIEPlg.dll (Symantec Corporation)
O4:
64bit: - HKLM..\Run: [MKH] C:\Windows\M1K6H4A5.vbs ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [L09AXLRD_573600] C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [PopUpStopperFreeEdition] C:\Program Files (x86)\Panicware\Pop-Up Stopper Free Edition\PSFree.exe (Panicware, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8:
64bit: - Extra context menu item: Download all by FlashGet3 - C:\Users\Wissam\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:
64bit: - Extra context menu item: Download by FlashGet3 - C:\Users\Wissam\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Wissam\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Wissam\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18:
64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/08/22 21:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - G:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/09/20 04:12:34 | 000,000,045 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{65b6f84a-c4db-11df-a910-a4badbd3b62b}\Shell - "" = AutoRun
O33 - MountPoints2\{65b6f84a-c4db-11df-a910-a4badbd3b62b}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 21:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{6833f136-c5ae-11df-b947-a4badbd3b62b}\Shell - "" = AutoRun
O33 - MountPoints2\{6833f136-c5ae-11df-b947-a4badbd3b62b}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{6833f149-c5ae-11df-b947-a4badbd3b62b}\Shell - "" = AutoRun
O33 - MountPoints2\{6833f149-c5ae-11df-b947-a4badbd3b62b}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 21:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{c55e1015-c4de-11df-b2eb-a4badbd3b62b}\Shell - "" = AutoRun
O33 - MountPoints2\{c55e1015-c4de-11df-b2eb-a4badbd3b62b}\Shell\AutoRun\command - "" = I:\AutoRun.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe -- [2009/08/22 21:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:
64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:
64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootMin:
64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:
64bit: Base - Driver Group
SafeBootMin:
64bit: Boot Bus Extender - Driver Group
SafeBootMin:
64bit: Boot file system - Driver Group
SafeBootMin:
64bit: File system - Driver Group
SafeBootMin:
64bit: Filter - Driver Group
SafeBootMin:
64bit: HelpSvc - Service
SafeBootMin:
64bit: PCI Configuration - Driver Group
SafeBootMin:
64bit: PNP Filter - Driver Group
SafeBootMin:
64bit: Primary disk - Driver Group
SafeBootMin:
64bit: sacsvr - Service
SafeBootMin:
64bit: SCSI Class - Driver Group
SafeBootMin:
64bit: System Bus Extender - Driver Group
SafeBootMin:
64bit: vmms - Service
SafeBootMin:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:
64bit: WudfRd - Driver
SafeBootMin:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WudfRd - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:
64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SafeBootNet:
64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:
64bit: Base - Driver Group
SafeBootNet:
64bit: Boot Bus Extender - Driver Group
SafeBootNet:
64bit: Boot file system - Driver Group
SafeBootNet:
64bit: File system - Driver Group
SafeBootNet:
64bit: Filter - Driver Group
SafeBootNet:
64bit: HelpSvc - Service
SafeBootNet:
64bit: Messenger - Service
SafeBootNet:
64bit: NDIS Wrapper - Driver Group
SafeBootNet:
64bit: NetBIOSGroup - Driver Group
SafeBootNet:
64bit: NetDDEGroup - Driver Group
SafeBootNet:
64bit: Network - Driver Group
SafeBootNet:
64bit: NetworkProvider - Driver Group
SafeBootNet:
64bit: PCI Configuration - Driver Group
SafeBootNet:
64bit: PNP Filter - Driver Group
SafeBootNet:
64bit: PNP_TDI - Driver Group
SafeBootNet:
64bit: Primary disk - Driver Group
SafeBootNet:
64bit: rdsessmgr - Service
SafeBootNet:
64bit: sacsvr - Service
SafeBootNet:
64bit: SCSI Class - Driver Group
SafeBootNet:
64bit: Streams Drivers - Driver Group
SafeBootNet:
64bit: System Bus Extender - Driver Group
SafeBootNet:
64bit: TDI - Driver Group
SafeBootNet:
64bit: vmms - Service
SafeBootNet:
64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:
64bit: WudfRd - Driver
SafeBootNet:
64bit: WudfUsbccidDriver - Driver
SafeBootNet:
64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:
64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:
64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:
64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:
64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:
64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:
64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:
64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:
64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:
64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:
64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:
64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:
64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:
64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:
64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:
64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:
64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:
64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:
64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:
64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:
64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:
64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfRd - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:
64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:
64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:
64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:
64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:
64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:
64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:
64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:
64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:
64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:
64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:
64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:
64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:
64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:
64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:
64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:
64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:
64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:
64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:
64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:
64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:
64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:
64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:
64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:
64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 30 Days ========== [2011/01/05 19:47:07 | 000,000,000 | ---D | C] -- C:\Users\Wissam\AppData\Local\Tific
[2011/01/05 19:46:27 | 000,000,000 | ---D | C] -- C:\Users\Wissam\AppData\Roaming\Tific
[2011/01/04 19:48:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1108000.005
[2011/01/04 00:19:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/01/04 00:19:16 | 000,000,000 | ---D | C] -- C:\Users\Wissam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/01/04 00:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/01/03 23:38:55 | 000,000,000 | ---D | C] -- C:\Users\Wissam\AppData\Roaming\Malwarebytes
[2011/01/03 23:38:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/01/03 23:38:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/01/03 23:38:40 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/01/03 23:38:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/01/03 23:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/01/03 22:36:04 | 000,000,000 | ---D | C] -- C:\Users\Wissam\AppData\Roaming\SUPERAntiSpyware.com
[2011/01/03 22:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/01/03 22:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011/01/03 22:35:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/01/03 22:35:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/01/03 22:04:38 | 000,000,000 | ---D | C] -- C:\Users\Wissam\Desktop\Hope
[2011/01/03 20:22:00 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symtdiv.sys
[2011/01/03 20:22:00 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds64.sys
[2011/01/03 20:22:00 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa64.sys
[2011/01/03 20:22:00 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.sys
[2011/01/03 20:21:59 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.sys
[2011/01/03 20:21:59 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.sys
[2011/01/03 20:21:59 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\ironx64.sys
[2011/01/03 20:21:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1107000.00C
[2011/01/03 19:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
[2011/01/03 19:49:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoFiltre
[2011/01/02 20:38:38 | 000,218,112 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Users\Wissam\Desktop\HiJackThis.exe
[2011/01/01 18:44:15 | 000,000,000 | ---D | C] -- C:\Users\Wissam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pepakura Designer 3
[2011/01/01 18:44:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\tamasoftware
[2011/01/01 18:43:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/01/01 18:43:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/12/29 19:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1285002348
[2010/12/29 19:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/12/29 19:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/12/29 19:11:28 | 000,504,880 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtsp64.sys
[2010/12/29 19:11:28 | 000,450,608 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1100000.088\symtdiv.sys
[2010/12/29 19:11:28 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1100000.088\SymDS64.sys
[2010/12/29 19:11:28 | 000,217,136 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1100000.088\SymEFA64.sys
[2010/12/29 19:11:28 | 000,032,304 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtspx64.sys
[2010/12/29 19:11:27 | 000,146,992 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1100000.088\Ironx64.sys
[2010/12/29 19:11:26 | 000,615,040 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1100000.088\ccHPx64.sys
[2010/12/29 19:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2010/12/29 19:10:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1100000.088
[2010/12/29 19:10:36 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2010/12/29 19:10:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2010/12/29 19:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2010/12/27 18:19:26 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2010/12/23 20:10:49 | 000,000,000 | ---D | C] -- C:\Users\Wissam\AppData\Local\Symantec
[2010/12/20 19:51:59 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/12/20 19:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010/12/20 19:36:26 | 000,000,000 | ---D | C] -- C:\Users\Wissam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ImTOO
[2010/12/20 19:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImTOO
[2010/12/20 19:36:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImTOO
[2010/12/12 19:37:51 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
========== Files - Modified Within 30 Days ========== [2055/09/19 09:29:11 | 000,002,012 | ---- | M] () -- C:\Windows\SysWow64\NAV_75_cltDynam.dat
[2011/01/06 20:05:39 | 000,000,600 | ---- | M] () -- C:\Windows\SysWow64\secustat.dat
[2011/01/06 20:04:40 | 000,002,649 | ---- | M] () -- C:\Windows\SysWow64\secushr.dat
[2011/01/06 19:43:09 | 000,717,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/01/06 19:43:09 | 000,610,632 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/01/06 19:43:09 | 000,104,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/01/06 18:56:59 | 000,014,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/06 18:56:59 | 000,014,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/06 18:51:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/06 18:51:42 | 3113,136,128 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/05 19:42:45 | 001,210,930 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\Cat.DB
[2011/01/04 00:20:28 | 000,001,640 | ---- | M] () -- C:\Users\Wissam\Desktop\Sniper - Shortcut.lnk
[2011/01/04 00:19:20 | 000,002,981 | ---- | M] () -- C:\Users\Wissam\Desktop\HiJackThis.lnk
[2011/01/04 00:19:12 | 001,210,930 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\Cat.DB
[2011/01/03 23:38:44 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/03 22:35:59 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/01/03 19:49:12 | 000,001,047 | ---- | M] () -- C:\Users\Wissam\Desktop\PhotoFiltre.lnk
[2011/01/01 20:48:09 | 000,030,384 | RHS- | M] () -- C:\Windows\M1K6H4A5.vbs
[2011/01/01 18:44:16 | 000,002,257 | ---- | M] () -- C:\Users\Wissam\Desktop\Pepakura Designer 3.lnk
[2010/12/29 20:00:10 | 000,000,908 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/12/29 19:12:08 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/12/29 19:12:08 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/12/29 19:12:08 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/12/29 19:11:45 | 000,002,576 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2010/12/29 18:57:26 | 000,000,000 | ---- | M] () -- C:\ProgramData\N360BUOptions.ini
[2010/12/23 20:41:47 | 000,468,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/12/23 20:20:03 | 000,037,046 | ---- | M] () -- C:\Windows\SysWow64\unknown_mini_F66E9D2846EB4FF3B72297520C3FCE44.7z
[2010/12/20 19:36:27 | 000,001,208 | ---- | M] () -- C:\Users\Wissam\Desktop\ImTOO MP4 Video Converter 3.lnk
[2010/12/20 19:36:27 | 000,001,177 | ---- | M] () -- C:\Users\Wissam\Desktop\ImTOO MP4 Video Converter Wizard 3.lnk
========== Files Created - No Company Name ========== [2011/01/05 19:42:36 | 001,210,930 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\Cat.DB
[2011/01/04 19:48:44 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1108000.005\isolate.ini
[2011/01/04 00:20:28 | 000,001,640 | ---- | C] () -- C:\Users\Wissam\Desktop\Sniper - Shortcut.lnk
[2011/01/04 00:19:19 | 000,002,981 | ---- | C] () -- C:\Users\Wissam\Desktop\HiJackThis.lnk
[2011/01/04 00:14:04 | 000,002,649 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2011/01/03 23:38:44 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/01/03 22:35:59 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/01/03 20:22:00 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa64.cat
[2011/01/03 20:22:00 | 000,007,787 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnetv64.cat
[2011/01/03 20:22:00 | 000,007,406 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds64.cat
[2011/01/03 20:22:00 | 000,007,368 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnet64.cat
[2011/01/03 20:22:00 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symefa.inf
[2011/01/03 20:22:00 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symds.inf
[2011/01/03 20:22:00 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnetv.inf
[2011/01/03 20:22:00 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\symnet.inf
[2011/01/03 20:22:00 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.inf
[2011/01/03 20:21:59 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtspx64.cat
[2011/01/03 20:21:59 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.cat
[2011/01/03 20:21:59 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\iron.cat
[2011/01/03 20:21:59 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.cat
[2011/01/03 20:21:59 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\cchpx64.inf
[2011/01/03 20:21:59 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\srtsp64.inf
[2011/01/03 20:21:59 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\iron.inf
[2011/01/03 20:21:41 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1107000.00C\isolate.ini
[2011/01/03 19:49:11 | 000,001,047 | ---- | C] () -- C:\Users\Wissam\Desktop\PhotoFiltre.lnk
[2011/01/01 20:48:09 | 000,030,384 | RHS- | C] () -- C:\Windows\M1K6H4A5.vbs
[2011/01/01 18:44:16 | 000,002,257 | ---- | C] () -- C:\Users\Wissam\Desktop\Pepakura Designer 3.lnk
[2010/12/29 19:12:12 | 001,210,930 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\Cat.DB
[2010/12/29 19:12:08 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/12/29 19:12:08 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/12/29 19:11:45 | 000,002,576 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2010/12/29 19:11:02 | 000,003,375 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\SymEFA.inf
[2010/12/29 19:11:02 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\SymDS.inf
[2010/12/29 19:11:02 | 000,001,475 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\SymNetV.inf
[2010/12/29 19:11:02 | 000,001,447 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\SymNet.inf
[2010/12/29 19:11:01 | 000,001,840 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\ccHPx64.inf
[2010/12/29 19:11:01 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtsp64.inf
[2010/12/29 19:11:01 | 000,001,422 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtspx64.inf
[2010/12/29 19:11:01 | 000,000,773 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\Iron.inf
[2010/12/29 19:10:44 | 000,007,774 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\symnetv64.cat
[2010/12/29 19:10:44 | 000,007,410 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtsp64.cat
[2010/12/29 19:10:44 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\SymDS64.cat
[2010/12/29 19:10:44 | 000,007,401 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\srtspx64.cat
[2010/12/29 19:10:44 | 000,007,399 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\SymEFA64.cat
[2010/12/29 19:10:44 | 000,007,388 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\iron.cat
[2010/12/29 19:10:44 | 000,007,368 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\symnet64.cat
[2010/12/29 19:10:44 | 000,007,345 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\cchpx64.cat
[2010/12/29 19:10:44 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1100000.088\isolate.ini
[2010/12/29 18:57:26 | 000,000,000 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2010/12/23 20:20:03 | 000,037,046 | ---- | C] () -- C:\Windows\SysWow64\unknown_mini_F66E9D2846EB4FF3B72297520C3FCE44.7z
[2010/12/20 19:36:27 | 000,001,208 | ---- | C] () -- C:\Users\Wissam\Desktop\ImTOO MP4 Video Converter 3.lnk
[2010/12/20 19:36:27 | 000,001,177 | ---- | C] () -- C:\Users\Wissam\Desktop\ImTOO MP4 Video Converter Wizard 3.lnk
[2010/11/30 20:19:51 | 000,006,858 | ---- | C] () -- C:\Users\Wissam\AppData\Roaming\PrimoPDFSet.xml
[2010/10/04 21:54:22 | 000,000,036 | ---- | C] () -- C:\Windows\CTWave32.ini
[2010/10/04 21:44:03 | 000,000,063 | ---- | C] () -- C:\Windows\SBWIN.INI
[2010/09/21 21:27:36 | 000,722,802 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/09/21 20:03:06 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/09/21 19:14:03 | 000,000,050 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/07/14 02:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 00:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/04/28 19:13:33 | 000,000,310 | ---- | C] () -- C:\Windows\primopdf.ini
========== LOP Check ========== [2010/09/21 20:03:29 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\BatteryBar
[2011/01/06 20:05:39 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\BITS
[2010/09/21 20:02:57 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\FlashGet
[2010/09/21 20:02:55 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\FlashGetBHO
[2010/11/27 19:36:14 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\GetRightToGo
[2010/09/24 19:17:48 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\JAM Software
[2010/10/04 22:44:20 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\Nokia
[2010/10/04 22:36:28 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\Nokia Ovi Suite
[2010/09/25 13:08:04 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\Opera
[2010/10/04 22:36:29 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\PC Suite
[2011/01/05 19:46:27 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\Tific
[2010/09/22 00:07:39 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\UBitMenu
[2010/09/24 14:37:44 | 000,000,000 | ---D | M] -- C:\Users\Wissam\AppData\Roaming\XnView
[2010/12/27 17:30:02 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < %systemroot%\*. /mp /s > < c:\$recycle.bin\*.* /s >[2010/10/29 19:14:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I0CCUQT.jar
[2010/10/23 20:10:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I2FUY3I.jar
[2010/10/23 20:10:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I2L06XO.jar
[2010/10/23 20:10:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I3LDGAA.jar
[2011/01/04 19:55:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I4SB74X.mht
[2010/10/29 19:14:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I5EVISS.jar
[2010/10/23 19:51:29 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I68GJ1L.jar
[2011/01/06 19:37:38 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I6EMB1H.bmp
[2010/10/23 19:04:40 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I6TJ4JI.jar
[2010/10/23 20:10:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I81WHP8.jar
[2011/01/06 19:38:00 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I8RJT2V.JPG
[2011/01/04 00:19:21 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$I8Y3Z4O
[2010/10/29 19:14:14 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$IC6T5M1.jar
[2010/10/23 19:51:29 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$IE428AJ.jar
[2010/11/03 19:07:03 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$IFGJMI6.txt
[2010/10/23 19:51:29 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$IFJQRFE.jar
[2010/10/23 19:51:29 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$IFN861C.jar
[2010/10/23 20:10:16 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$IG6L4FR.jar
[2010/10/23 19:51:29 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$II3YRV8.jar
[2011/01/06 21:19:19 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$IK6A9VS
[2010/11/04 19:59:34 | 000,000,544 | ---- | M] () -- c:\$recycle.bin\S-1-5-21-2155874388-3111399207-2435655445-1000\$ILO00M8
[2010/10/29 19:14:14 | 000,000,544 | ---- | M] () -- c:\$recycle.