========== Chrome ==========
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.5_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.5.1_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.24_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk\1.17.43_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012/09/09 20:41:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FreeWorkz Games) - {D1ECD019-8423-43de-98D1-7892AF2DA309} - C:\Users\Hitman\AppData\Local\FreeWorkz\FreeWorkzIE.dll File not found
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002..\Run: [Facebook Update] C:\Users\Hitman\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9980562D-1032-44AB-A486-681219EA5379}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\PROGRA~3\BROWSE~1\22580~1.182\{16CDF~1\brwmngr.dll) - c:\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\brwmngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/11 20:10:02 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Hitman\Desktop\OTL.exe
[2012/09/11 15:45:29 | 000,024,128 | ---- | C] (Microsoft Corporation) -- C:\Users\Hitman\Desktop\atapi.sys
[2012/09/09 20:41:10 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/09/09 20:40:03 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/09/09 20:27:05 | 000,000,000 | ---D | C] -- C:\Users\Hitman\Desktop\rkill
[2012/09/09 20:23:31 | 001,629,088 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Hitman\Desktop\iExplore.exe
[2012/09/09 20:22:13 | 004,747,716 | R--- | C] (Swearware) -- C:\Users\Hitman\Desktop\Dave_Starr.exe
[2012/09/08 13:17:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/09/08 13:17:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/09/08 13:17:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/09/08 13:17:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/08 13:16:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/08 12:52:57 | 010,901,120 | ---- | C] (OPSWAT, Inc.) -- C:\Users\Hitman\Desktop\AppRemover.exe
[2012/09/06 03:04:35 | 000,000,000 | ---D | C] -- C:\FRST
[2012/09/05 19:35:12 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Hitman\Desktop\dds.com
[2012/09/03 23:18:56 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/09/03 22:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\blekkotb_soc
[2012/09/03 20:48:21 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\Malwarebytes
[2012/09/03 20:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/03 20:48:11 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/03 20:48:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/03 20:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/03 14:58:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012/09/03 14:58:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012/09/03 11:28:11 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/09/03 11:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\781287A802B36D01D0823CC64F147CE7
[2012/08/26 13:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/08/26 13:02:35 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012/08/26 13:02:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/08/26 13:01:57 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Local\Conduit
[2012/08/26 13:01:49 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012/08/26 13:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012/08/26 12:30:03 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\PerformerSoft
[2012/08/26 12:29:57 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012/08/26 12:29:38 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCPerformer
[2012/08/17 03:03:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/17 03:03:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/17 03:03:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/17 03:03:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/17 03:03:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/17 03:03:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/17 03:03:04 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/17 03:03:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/17 03:03:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/17 03:03:02 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/17 03:03:02 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/17 03:02:57 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/17 03:02:53 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/15 16:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012/08/15 16:21:34 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\HP
[2012/08/15 16:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2012/08/15 16:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Coupons
[2012/08/15 16:19:52 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\HpUpdate
[2012/08/15 16:06:14 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\SUPERAntiSpyware.com
[2012/08/15 16:05:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/08/15 16:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/08/15 16:05:41 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/08/15 16:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012/08/15 15:59:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2012/08/15 15:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2012/08/15 15:57:59 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l70v.dll
[2012/08/15 15:56:42 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/08/15 15:56:05 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012/08/15 15:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/08/15 15:46:04 | 001,403,904 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_p02c.dll
[2012/08/15 15:46:04 | 000,880,640 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_p02c.dll
[2012/08/15 15:46:04 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2012/08/15 15:46:04 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2012/08/15 15:46:03 | 000,515,072 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_p02a.dll
[2012/08/14 22:29:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/14 22:29:30 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/14 22:29:30 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/14 22:26:06 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/14 22:25:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/14 22:25:15 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/14 22:25:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/14 22:24:25 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
========== Files - Modified Within 30 Days ==========
[2012/09/11 20:24:11 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/11 20:20:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3215210023-636172019-1926784146-1002UA.job
[2012/09/11 20:10:02 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Hitman\Desktop\OTL.exe
[2012/09/11 18:57:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3215210023-636172019-1926784146-1002UA.job
[2012/09/11 13:20:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3215210023-636172019-1926784146-1002Core.job
[2012/09/10 21:57:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3215210023-636172019-1926784146-1002Core.job
[2012/09/09 23:24:03 | 000,165,376 | ---- | M] () -- C:\Users\Hitman\Desktop\SystemLook_x64.exe
[2012/09/09 20:51:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/09 20:51:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/09 20:41:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/09 20:40:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/09 20:40:41 | 1556,287,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/09 20:23:31 | 001,629,088 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Hitman\Desktop\iExplore.exe
[2012/09/09 20:22:14 | 004,747,716 | R--- | M] (Swearware) -- C:\Users\Hitman\Desktop\Dave_Starr.exe
[2012/09/08 12:52:57 | 010,901,120 | ---- | M] (OPSWAT, Inc.) -- C:\Users\Hitman\Desktop\AppRemover.exe
[2012/09/08 12:46:45 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHitman.job
[2012/09/08 12:41:47 | 079,998,836 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm.prepare
[2012/09/05 23:15:54 | 000,726,142 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/05 23:15:54 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/05 23:15:54 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/05 19:35:12 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Hitman\Desktop\dds.com
[2012/09/05 16:20:00 | 000,302,592 | ---- | M] () -- C:\Users\Hitman\Desktop\67x870q6.exe
[2012/09/03 23:18:56 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/09/03 20:48:12 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/26 13:02:01 | 000,000,009 | ---- | M] () -- C:\END
[2012/08/26 12:59:14 | 000,000,336 | ---- | M] () -- C:\Windows\game.ini
[2012/08/26 12:30:50 | 000,001,893 | ---- | M] () -- C:\user.js
[2012/08/17 03:27:24 | 000,286,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/16 19:47:02 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/08/15 16:31:37 | 000,208,080 | ---- | M] () -- C:\Windows\hpoins43.dat
[2012/08/15 16:25:02 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/15 16:25:01 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/15 16:18:42 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2012/08/15 16:05:58 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/15 16:00:29 | 000,208,347 | ---- | M] () -- C:\Windows\hpoins43.dat.temp
[2012/08/15 16:00:05 | 000,001,275 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012/08/15 15:59:42 | 000,002,059 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
========== Files Created - No Company Name ==========
[2012/09/09 23:24:03 | 000,165,376 | ---- | C] () -- C:\Users\Hitman\Desktop\SystemLook_x64.exe
[2012/09/08 13:17:48 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/09/08 13:17:48 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/09/08 13:17:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/09/08 13:17:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/09/08 13:17:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/05 16:19:59 | 000,302,592 | ---- | C] () -- C:\Users\Hitman\Desktop\67x870q6.exe
[2012/09/03 20:48:12 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/26 13:02:01 | 000,000,009 | ---- | C] () -- C:\END
[2012/08/26 12:59:14 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2012/08/15 16:18:41 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2012/08/15 16:15:40 | 000,208,347 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2012/08/15 16:15:40 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2012/08/15 16:05:58 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/15 16:00:05 | 000,001,275 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012/08/15 15:59:42 | 000,002,059 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/08/15 15:55:27 | 000,208,080 | ---- | C] () -- C:\Windows\hpoins43.dat
[2012/08/15 15:55:27 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2012/05/19 20:26:45 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/05/11 19:38:40 | 000,066,832 | ---- | C] () -- C:\Users\Hitman\AppData\Roaming\UserTile.png
[2011/10/14 20:37:09 | 000,007,602 | ---- | C] () -- C:\Users\Hitman\AppData\Local\Resmon.ResmonCfg
========== Files - Unicode (All) ==========
[2012/09/08 13:05:21 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?%) -- C:\Windows\SysNative\륀%
[2012/09/08 13:05:21 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?%) -- C:\Windows\SysNative\륀%
[2012/06/19 07:45:06 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?¾) -- C:\Windows\SysNative\륀¾
[2012/06/19 07:45:06 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?¾) -- C:\Windows\SysNative\륀¾
[2012/04/05 13:07:18 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?À) -- C:\Windows\SysNative\륀À
[2012/04/05 13:07:18 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?À) -- C:\Windows\SysNative\륀À
< End of report >
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.5_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.5.1_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.24_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk\1.17.43_0\
CHR - Extension: No name found = C:\Users\Hitman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012/09/09 20:41:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O2:64bit: - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FreeWorkz Games) - {D1ECD019-8423-43de-98D1-7892AF2DA309} - C:\Users\Hitman\AppData\Local\FreeWorkz\FreeWorkzIE.dll File not found
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002..\Run: [Facebook Update] C:\Users\Hitman\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3215210023-636172019-1926784146-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9980562D-1032-44AB-A486-681219EA5379}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\PROGRA~3\BROWSE~1\22580~1.182\{16CDF~1\brwmngr.dll) - c:\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\brwmngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/11 20:10:02 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Hitman\Desktop\OTL.exe
[2012/09/11 15:45:29 | 000,024,128 | ---- | C] (Microsoft Corporation) -- C:\Users\Hitman\Desktop\atapi.sys
[2012/09/09 20:41:10 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/09/09 20:40:03 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/09/09 20:27:05 | 000,000,000 | ---D | C] -- C:\Users\Hitman\Desktop\rkill
[2012/09/09 20:23:31 | 001,629,088 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Hitman\Desktop\iExplore.exe
[2012/09/09 20:22:13 | 004,747,716 | R--- | C] (Swearware) -- C:\Users\Hitman\Desktop\Dave_Starr.exe
[2012/09/08 13:17:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/09/08 13:17:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/09/08 13:17:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/09/08 13:17:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/08 13:16:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/08 12:52:57 | 010,901,120 | ---- | C] (OPSWAT, Inc.) -- C:\Users\Hitman\Desktop\AppRemover.exe
[2012/09/06 03:04:35 | 000,000,000 | ---D | C] -- C:\FRST
[2012/09/05 19:35:12 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Hitman\Desktop\dds.com
[2012/09/03 23:18:56 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/09/03 22:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\blekkotb_soc
[2012/09/03 20:48:21 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\Malwarebytes
[2012/09/03 20:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/03 20:48:11 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/09/03 20:48:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/09/03 20:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/03 14:58:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012/09/03 14:58:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012/09/03 11:28:11 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/09/03 11:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\781287A802B36D01D0823CC64F147CE7
[2012/08/26 13:02:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/08/26 13:02:35 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012/08/26 13:02:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2012/08/26 13:01:57 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Local\Conduit
[2012/08/26 13:01:49 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012/08/26 13:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012/08/26 12:30:03 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\PerformerSoft
[2012/08/26 12:29:57 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012/08/26 12:29:38 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCPerformer
[2012/08/17 03:03:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/17 03:03:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/17 03:03:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/17 03:03:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/17 03:03:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/17 03:03:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/17 03:03:04 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/17 03:03:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/17 03:03:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/17 03:03:02 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/17 03:03:02 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/17 03:02:57 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/17 03:02:53 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/15 16:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012/08/15 16:21:34 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\HP
[2012/08/15 16:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2012/08/15 16:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Coupons
[2012/08/15 16:19:52 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\HpUpdate
[2012/08/15 16:06:14 | 000,000,000 | ---D | C] -- C:\Users\Hitman\AppData\Roaming\SUPERAntiSpyware.com
[2012/08/15 16:05:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/08/15 16:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/08/15 16:05:41 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/08/15 16:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012/08/15 15:59:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2012/08/15 15:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2012/08/15 15:57:59 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l70v.dll
[2012/08/15 15:56:42 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/08/15 15:56:05 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012/08/15 15:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012/08/15 15:46:04 | 001,403,904 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_p02c.dll
[2012/08/15 15:46:04 | 000,880,640 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_p02c.dll
[2012/08/15 15:46:04 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2012/08/15 15:46:04 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2012/08/15 15:46:03 | 000,515,072 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_p02a.dll
[2012/08/14 22:29:32 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/14 22:29:30 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/14 22:29:30 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/14 22:26:06 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/14 22:25:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/14 22:25:15 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/14 22:25:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/14 22:24:25 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
========== Files - Modified Within 30 Days ==========
[2012/09/11 20:24:11 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/11 20:20:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3215210023-636172019-1926784146-1002UA.job
[2012/09/11 20:10:02 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Hitman\Desktop\OTL.exe
[2012/09/11 18:57:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3215210023-636172019-1926784146-1002UA.job
[2012/09/11 13:20:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3215210023-636172019-1926784146-1002Core.job
[2012/09/10 21:57:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3215210023-636172019-1926784146-1002Core.job
[2012/09/09 23:24:03 | 000,165,376 | ---- | M] () -- C:\Users\Hitman\Desktop\SystemLook_x64.exe
[2012/09/09 20:51:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/09 20:51:04 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/09 20:41:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/09 20:40:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/09 20:40:41 | 1556,287,488 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/09 20:23:31 | 001,629,088 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Hitman\Desktop\iExplore.exe
[2012/09/09 20:22:14 | 004,747,716 | R--- | M] (Swearware) -- C:\Users\Hitman\Desktop\Dave_Starr.exe
[2012/09/08 12:52:57 | 010,901,120 | ---- | M] (OPSWAT, Inc.) -- C:\Users\Hitman\Desktop\AppRemover.exe
[2012/09/08 12:46:45 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHitman.job
[2012/09/08 12:41:47 | 079,998,836 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm.prepare
[2012/09/05 23:15:54 | 000,726,142 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/05 23:15:54 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/05 23:15:54 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/05 19:35:12 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Hitman\Desktop\dds.com
[2012/09/05 16:20:00 | 000,302,592 | ---- | M] () -- C:\Users\Hitman\Desktop\67x870q6.exe
[2012/09/03 23:18:56 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012/09/03 20:48:12 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/26 13:02:01 | 000,000,009 | ---- | M] () -- C:\END
[2012/08/26 12:59:14 | 000,000,336 | ---- | M] () -- C:\Windows\game.ini
[2012/08/26 12:30:50 | 000,001,893 | ---- | M] () -- C:\user.js
[2012/08/17 03:27:24 | 000,286,168 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/16 19:47:02 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/08/15 16:31:37 | 000,208,080 | ---- | M] () -- C:\Windows\hpoins43.dat
[2012/08/15 16:25:02 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/15 16:25:01 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/15 16:18:42 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2012/08/15 16:05:58 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/15 16:00:29 | 000,208,347 | ---- | M] () -- C:\Windows\hpoins43.dat.temp
[2012/08/15 16:00:05 | 000,001,275 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012/08/15 15:59:42 | 000,002,059 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
========== Files Created - No Company Name ==========
[2012/09/09 23:24:03 | 000,165,376 | ---- | C] () -- C:\Users\Hitman\Desktop\SystemLook_x64.exe
[2012/09/08 13:17:48 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/09/08 13:17:48 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/09/08 13:17:48 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/09/08 13:17:48 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/09/08 13:17:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/05 16:19:59 | 000,302,592 | ---- | C] () -- C:\Users\Hitman\Desktop\67x870q6.exe
[2012/09/03 20:48:12 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/26 13:02:01 | 000,000,009 | ---- | C] () -- C:\END
[2012/08/26 12:59:14 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini
[2012/08/15 16:18:41 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2012/08/15 16:15:40 | 000,208,347 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2012/08/15 16:15:40 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2012/08/15 16:05:58 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/15 16:00:05 | 000,001,275 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012/08/15 15:59:42 | 000,002,059 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/08/15 15:55:27 | 000,208,080 | ---- | C] () -- C:\Windows\hpoins43.dat
[2012/08/15 15:55:27 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2012/05/19 20:26:45 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/05/11 19:38:40 | 000,066,832 | ---- | C] () -- C:\Users\Hitman\AppData\Roaming\UserTile.png
[2011/10/14 20:37:09 | 000,007,602 | ---- | C] () -- C:\Users\Hitman\AppData\Local\Resmon.ResmonCfg
========== Files - Unicode (All) ==========
[2012/09/08 13:05:21 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?%) -- C:\Windows\SysNative\륀%
[2012/09/08 13:05:21 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?%) -- C:\Windows\SysNative\륀%
[2012/06/19 07:45:06 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?¾) -- C:\Windows\SysNative\륀¾
[2012/06/19 07:45:06 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?¾) -- C:\Windows\SysNative\륀¾
[2012/04/05 13:07:18 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?À) -- C:\Windows\SysNative\륀À
[2012/04/05 13:07:18 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?À) -- C:\Windows\SysNative\륀À
< End of report >