OTL logfile created on: 8/3/2009 11:54:08 AM - Run 2 OTL by OldTimer - Version 3.0.10.4 Folder = C:\Users\user\Desktop Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16386) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.99 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.04% Memory free 4.00 Gb Paging File | 2.72 Gb Available in Paging File | 68.02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 76.94 Gb Total Space | 7.62 Gb Free Space | 9.91% Space Free | Partition Type: NTFS Drive D: | 9.77 Gb Total Space | 2.77 Gb Free Space | 28.37% Space Free | Partition Type: NTFS Drive E: | 59.80 Gb Total Space | 6.48 Gb Free Space | 10.84% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-PC Current User Name: user Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2007/12/08 14:34:40 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE PRC - [2007/12/08 14:34:10 | 02,506,752 | ---- | M] (Dell Inc.) -- C:\Windows\System32\bcmwltry.exe PRC - [2006/11/02 02:45:07 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE PRC - [2009/02/25 08:49:22 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2008/06/03 12:37:40 | 01,497,744 | ---- | M] (a-squared) -- C:\Program Files\a-squared Anti-Dialer\a2adguard.exe PRC - [2009/06/25 11:36:44 | 01,948,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe PRC - [2006/11/02 05:35:32 | 00,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe PRC - [2006/11/02 05:35:32 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe PRC - [2008/06/11 10:16:06 | 00,380,016 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Anti-Dialer\a2service.exe PRC - [2007/09/20 15:31:10 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\aestsrv.exe PRC - [2009/06/25 11:36:38 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe PRC - [2007/07/24 18:02:44 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2009/01/30 13:07:00 | 05,795,840 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe PRC - [2005/08/07 21:54:00 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe PRC - [2007/09/13 15:45:38 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\STacSV.exe PRC - [2006/08/04 16:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe PRC - [2006/11/02 05:36:04 | 00,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2006/11/02 05:36:04 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2009/01/18 10:37:47 | 02,745,776 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe PRC - [2008/02/18 06:01:01 | 00,251,312 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe PRC - [2009/06/25 11:36:55 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe PRC - [2009/03/18 18:50:30 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe PRC - [2006/11/02 05:34:48 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe PRC - [2008/12/10 23:32:46 | 00,098,816 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2008/05/29 13:08:56 | 00,307,712 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2006/11/02 02:45:49 | 00,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskmgr.exe PRC - [2009/08/03 11:29:47 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2008/06/11 10:16:06 | 00,380,016 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Anti-Dialer\a2service.exe -- (a2AntiDialer [Auto | Running]) SRV - [2007/09/20 15:31:10 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\aestsrv.exe -- (AESTFilters [Auto | Running]) SRV - [2009/06/25 11:36:38 | 00,298,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running]) SRV - [2006/11/01 23:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - File not found -- -- (CLTNetCnService [Auto | Stopped]) SRV - File not found -- Service key not found. -- (dmfsx [Auto | Stopped]) SRV - [2006/11/02 05:35:28 | 00,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped]) SRV - [2006/11/02 05:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped]) SRV - [2006/11/02 05:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped]) SRV - [2006/11/02 02:46:13 | 00,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running]) SRV - [2006/11/02 05:36:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2007/07/24 18:02:44 | 00,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON [Auto | Running]) SRV - [2006/11/02 05:36:02 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped]) SRV - File not found -- Service key not found. -- (ltcowcus [Auto | Stopped]) SRV - [2009/01/30 13:07:00 | 05,795,840 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL [Auto | Running]) SRV - [2006/11/02 05:36:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2006/11/02 02:46:11 | 00,052,736 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Stopped]) SRV - [2005/08/07 21:54:00 | 00,167,936 | ---- | M] () -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo [Auto | Running]) SRV - [2005/08/02 14:18:49 | 00,086,016 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd [On_Demand | Stopped]) SRV - [2007/09/13 15:45:38 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\STacSV.exe -- (STacSV [Auto | Running]) SRV - [2008/03/24 07:35:22 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [On_Demand | Stopped]) SRV - [2008/12/10 00:10:14 | 00,024,636 | ---- | M] (Apache Software Foundation) -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache [On_Demand | Stopped]) SRV - [2009/02/15 00:22:12 | 06,558,336 | ---- | M] () -- c:\wamp\bin\mysql\mysql5.1.32\bin\mysqld.exe -- (wampmysqld [On_Demand | Stopped]) SRV - [2006/11/02 05:34:32 | 00,263,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Disabled | Stopped]) SRV - [2007/12/08 14:34:40 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc [Auto | Running]) SRV - [2006/11/02 05:36:04 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running]) SRV - [2006/08/04 16:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running]) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 10.* IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.90.10.29:8080 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AIM Search" FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=&query=" FF - prefs.js..browser.search.selectedEngine: "AIM Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://aimzones.aol.com/homepage" FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.6 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20080609.0 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:5.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.5.0 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0 FF - prefs.js..network.proxy.backup.ftp: "10.90.10.29" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "10.90.10.29" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "10.90.10.29" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "10.90.10.29" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "10.90.10.29" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "10.90.10.29" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "10.90.10.29" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "10.90.10.29" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "10.90.10.29" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 1 FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/05/21 04:30:10 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/07 14:37:50 | 00,000,000 | ---D | M] [2008/12/14 05:52:38 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Extensions [2008/12/14 05:52:38 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/08/02 05:41:39 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\sru312je.default\extensions [2009/08/01 05:34:07 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\sru312je.default\extensions\{29852C08-1E91-4889-A6BF-C77F91D6A8F3} [2009/08/01 05:55:43 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\sru312je.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009/08/01 05:56:42 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\sru312je.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2009/08/01 05:18:04 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\sru312je.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2009/07/01 08:07:04 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\sru312je.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2008/12/14 05:57:22 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\sru312je.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2009/08/01 06:06:23 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\sru312je.default\extensions\check4change-owner@mozdev.org [2009/08/01 06:06:23 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\sru312je.default\extensions\staged-xpis [2009/05/21 04:31:23 | 00,004,196 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\FireFox\Profiles\sru312je.default\searchplugins\aim-search.xml [2009/08/02 05:41:40 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2008/12/14 05:52:09 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/03/17 09:00:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009/02/25 08:49:45 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2008/05/29 13:09:12 | 00,023,040 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2008/05/29 13:09:13 | 00,134,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009/04/12 05:49:02 | 02,438,640 | ---- | M] (DNAML Pty Ltd) -- C:\Program Files\mozilla firefox\plugins\npdbplug.dll [2009/02/25 08:49:23 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2007/02/04 23:02:56 | 01,642,496 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll [2008/05/29 13:09:14 | 00,065,536 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2003/07/14 23:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2008/10/14 22:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009/02/22 07:09:25 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009/02/22 07:09:25 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009/02/22 07:09:25 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009/02/22 07:09:26 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009/02/22 07:09:26 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009/02/22 07:09:26 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009/02/22 07:09:26 | 00,098,304 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2008/05/29 07:24:14 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2008/05/29 07:24:14 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml [2008/05/29 07:24:14 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2008/05/29 07:24:14 | 00,002,642 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2008/05/29 07:24:14 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2008/05/29 07:24:14 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No CLSID value found. O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll () O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found. O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [a-squared] C:\Program Files\a-squared Anti-Dialer\a2adguard.exe (a-squared) O4 - HKLM..\Run: [a-squared Anti-Dialer] C:\Program Files\a-squared Anti-Dialer\a2adguard.exe (a-squared) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKCU..\Run: [Vidalia] C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: UserId = NA:CIDI O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: UserIdNo = 582 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm () O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm () O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm () O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11) O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.90.10.28 10.90.10.31 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 14:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008/10/15 07:14:39 | 00,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008/10/15 05:48:02 | 00,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{25c90f96-c521-11dd-b02e-005056c00008}\Shell\AutoRun\command - "" = G:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe -- File not found O33 - MountPoints2\{25c90f96-c521-11dd-b02e-005056c00008}\Shell\open\command - "" = G:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe -- File not found O33 - MountPoints2\{2ef7c3e6-5b7a-11de-a272-00219be175e9}\Shell - "" = AutoRun O33 - MountPoints2\{2ef7c3e6-5b7a-11de-a272-00219be175e9}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found O33 - MountPoints2\{301a2efc-df24-11dd-ab8c-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{301a2efc-df24-11dd-ab8c-005056c00008}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\{3a85e955-d7f9-11dd-87e4-005056c00008}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe -- File not found O33 - MountPoints2\{3a85e955-d7f9-11dd-87e4-005056c00008}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe -- File not found O33 - MountPoints2\{3a85ea60-d7f9-11dd-87e4-005056c00008}\Shell\AutoRun\command - "" = Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\RisinG.exe O33 - MountPoints2\{3a85ea60-d7f9-11dd-87e4-005056c00008}\Shell\open\command - "" = Recycle\X-5-4-27-2345678318-4567890223-4234567884-2341\RisinG.exe O33 - MountPoints2\{4689ddda-c9d9-11dd-a2ef-005056c00008}\Shell\AutoRun\command - "" = G:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe -- File not found O33 - MountPoints2\{4689ddda-c9d9-11dd-a2ef-005056c00008}\Shell\open\command - "" = G:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe -- File not found O33 - MountPoints2\{4c3bc7ad-1821-11de-b0fb-00219be175e9}\Shell\AutoRun\command - "" = RESTORE\c-1-3-64-8794238531-8742492-9897532\Sys32.exe O33 - MountPoints2\{4c3bc7ad-1821-11de-b0fb-00219be175e9}\Shell\open\command - "" = RESTORE\c-1-3-64-8794238531-8742492-9897532\Sys32.exe O33 - MountPoints2\{7e13119c-50fd-11de-a0ce-00219be175e9}\Shell\AutoRun\command - "" = G:\RECYCLE\D-0-060-0000000000-1111111-2222222\fix.exe -- File not found O33 - MountPoints2\{7e13119c-50fd-11de-a0ce-00219be175e9}\Shell\open\command - "" = G:\RECYCLE\D-0-060-0000000000-1111111-2222222\fix.exe -- File not found O33 - MountPoints2\{86568e7e-681e-11de-9327-00219be175e9}\Shell\AutoRun\command - "" = RESTORE\c-1-3-64-8794238531-8742492-9897532\Sys32.exe O33 - MountPoints2\{86568e7e-681e-11de-9327-00219be175e9}\Shell\open\command - "" = RESTORE\c-1-3-64-8794238531-8742492-9897532\Sys32.exe O33 - MountPoints2\{ab8857da-d9dd-11dd-b972-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{ab8857da-d9dd-11dd-b972-005056c00008}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found O33 - MountPoints2\{c3c8c255-3a3d-11de-87cb-00219be175e9}\Shell\AutoRun\command - "" = RECYCLE\D-0-060-0000000000-1111111-2222222\fix.exe O33 - MountPoints2\{c3c8c255-3a3d-11de-87cb-00219be175e9}\Shell\open\command - "" = RECYCLE\D-0-060-0000000000-1111111-2222222\fix.exe O33 - MountPoints2\{ccc6d97f-c7b7-11dd-bd39-005056c00008}\Shell\AutoRun\command - "" = e.cmd O33 - MountPoints2\{ccc6d97f-c7b7-11dd-bd39-005056c00008}\Shell\explore\Command - "" = e.cmd O33 - MountPoints2\{ccc6d97f-c7b7-11dd-bd39-005056c00008}\Shell\open\Command - "" = e.cmd O33 - MountPoints2\{cd3263c5-ebc6-11dd-9d8d-005056c00008}\Shell\AutoRun\command - "" = G:\scene.exe -- File not found O33 - MountPoints2\{cd3263c5-ebc6-11dd-9d8d-005056c00008}\Shell\explore\Command - "" = G:\scene.exe -- File not found O33 - MountPoints2\{cd3263c5-ebc6-11dd-9d8d-005056c00008}\Shell\open\Command - "" = G:\scene.exe -- File not found O33 - MountPoints2\{cd3263c5-ebc6-11dd-9d8d-005056c00008}\Shell\Scan\Command - "" = G:\scene.exe -- File not found O33 - MountPoints2\{d6157bfa-c873-11dd-a41c-005056c00008}\Shell\Auto\command - "" = Folders.exe O33 - MountPoints2\{e565b07a-f6a5-11dd-9cf0-005056c00008}\Shell\AutoRun\command - "" = G:\Recycle\P-1-3-64-8794238531-8742492-9897532\Redem.exe -- File not found O33 - MountPoints2\{e565b07a-f6a5-11dd-9cf0-005056c00008}\Shell\open\command - "" = G:\Recycle\P-1-3-64-8794238531-8742492-9897532\Redem.exe -- File not found O33 - MountPoints2\{e565b086-f6a5-11dd-9cf0-005056c00008}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe O33 - MountPoints2\{e565b086-f6a5-11dd-9cf0-005056c00008}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe O33 - MountPoints2\{e6ed363e-cc57-11dd-8768-005056c00008}\Shell\AutoRun\command - "" = G:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system.exe -- File not found O33 - MountPoints2\{e6ed363e-cc57-11dd-8768-005056c00008}\Shell\open\command - "" = G:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013\system.exe -- File not found O33 - MountPoints2\{ee538978-d104-11dd-8b89-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{ee538978-d104-11dd-8b89-005056c00008}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [11 C:\ProgramData\*.tmp files] [2009/08/03 11:31:16 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe [2009/08/03 09:24:22 | 00,000,000 | ---D | C] -- C:\Users\user\Desktop\haven [2009/08/02 06:32:40 | 00,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn [2009/08/02 06:32:40 | 00,001,409 | ---- | C] () -- C:\Windows\QTFont.for [2009/08/02 05:59:46 | 00,000,000 | ---D | C] -- C:\Windows\Internet Logs [2009/08/02 05:14:49 | 00,000,291 | ---- | C] () -- C:\Users\user\Desktop\livingB.wvx [2009/08/02 02:05:50 | 00,009,439 | ---- | C] () -- C:\Users\user\Desktop\ [2009/08/01 11:37:24 | 00,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Google [2009/08/01 11:35:18 | 00,001,936 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2009/08/01 11:34:24 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009/08/01 11:33:53 | 00,554,505 | ---- | C] () -- C:\Users\user\Desktop\ [2009/08/01 10:36:17 | 00,055,115 | ---- | C] () -- C:\Users\user\Desktop\ [2009/08/01 08:25:13 | 00,031,848 | ---- | C] () -- C:\Users\user\Desktop\ [2009/08/01 05:51:58 | 00,050,181 | ---- | C] () -- C:\Users\user\Desktop\ [2009/08/01 05:51:58 | 00,000,000 | ---D | C] -- C:\Users\user\Desktop\viewtopic.php_files [2009/08/01 05:51:36 | 00,000,000 | ---D | C] -- C:\Users\user\Desktop\Profile_folder_-_Firefox_files [2009/08/01 05:51:35 | 00,049,258 | ---- | C] () -- C:\Users\user\Desktop\Profile_folder_-_Firefox.htm [2009/08/01 05:20:37 | 00,029,466 | ---- | C] () -- C:\Users\user\Desktop\reloadevery-3.5.0-fx.xpi [2009/07/31 05:09:38 | 01,827,587 | ---- | C] () -- C:\Users\user\Desktop\ [2009/07/30 13:28:08 | 00,018,783 | ---- | C] () -- C:\Users\user\Desktop\ [2009/07/30 13:24:31 | 00,058,001 | ---- | C] () -- C:\Users\user\Desktop\ [2009/07/30 12:46:23 | 00,000,000 | ---D | C] -- C:\Users\user\Desktop\ [2009/07/30 12:24:30 | 00,041,821 | ---- | C] () -- C:\Users\user\Desktop\ [2009/07/30 12:23:44 | 00,030,037 | ---- | C] () -- [2009/07/29 05:04:20 | 00,019,307 | ---- | C] () -- [2009/07/29 04:57:42 | 00,157,499 | ---- | C] () -- [2009/07/29 04:54:55 | 00,043,050 | ---- | C] () -- [2009/07/28 13:04:44 | 00,000,000 | ---D | C] -- [2009/07/28 12:47:53 | 00,000,053 | ---- | C] () -- C:\Windows\WININIT.INI [2009/07/28 12:27:20 | 00,000,000 | ---- | C] () -- C:\Windows\setup32.INI [2009/07/27 12:40:57 | 00,552,325 | ---- | C] () -- C:\Users\user\Desktop\Page 2.JPG [2009/07/27 12:36:45 | 00,731,466 | ---- | C] () -- C:\Users\user\Desktop\Page 1.JPG [2009/07/27 12:28:21 | 00,000,000 | ---D | C] -- C:\Users\user\Desktop\New Folder [2009/07/27 08:48:07 | 00,000,000 | ---D | C] -- [2009/07/27 08:35:25 | 00,000,000 | ---D | C] -- [2009/07/27 07:39:28 | 00,000,000 | ---D | C] -- [2009/07/24 05:43:24 | 00,000,000 | ---D | C] -- [2009/07/24 05:21:50 | 00,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\tor [2009/07/24 05:20:41 | 00,000,000 | ---D | C] -- [2009/07/22 18:54:22 | 00,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Protexis [2009/07/22 18:53:29 | 00,000,008 | RHS- | C] () -- C:\Windows\System32\B838B21A14.dll [2009/07/22 18:53:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Protexis [2009/07/22 18:46:33 | 00,000,000 | ---D | C] -- C:\Program Files\Broderbund [2009/07/22 02:55:09 | 00,000,000 | -HSD | C] -- C:\Users\user\Desktop\zzzz2222 [2009/07/21 17:22:10 | 00,018,867 | ---- | C] () -- [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [45 C:\Windows\System32\*.tmp files] [11 C:\ProgramData\*.tmp files] [2009/08/03 11:29:47 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe [2009/08/03 11:29:32 | 00,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/08/03 11:29:32 | 00,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/08/03 10:58:17 | 00,150,016 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/08/03 10:01:48 | 39,484,539 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2009/08/03 10:01:48 | 00,056,222 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg [2009/08/03 09:18:01 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/08/03 08:34:26 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0A79AC58-1F73-45E3-BFA3-CD2238CB441D}.job [2009/08/02 06:32:40 | 00,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn [2009/08/02 06:32:40 | 00,001,409 | ---- | M] () -- C:\Windows\QTFont.for [2009/08/02 05:30:06 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/08/02 05:14:49 | 00,000,291 | ---- | M] () -- C:\Users\user\Desktop\livingB.wvx [2009/08/02 02:05:50 | 00,009,439 | ---- | M] () -- [2009/08/02 00:56:53 | 04,352,899 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db [2009/08/01 11:35:18 | 00,001,936 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2009/08/01 05:52:05 | 00,050,181 | ---- | M] () -- C:\Users\user\Desktop\viewtopic.php.htm [2009/08/01 05:51:42 | 00,049,258 | ---- | M] () -- C:\Users\user\Desktop\Profile_folder_-_Firefox.htm [2009/08/01 05:20:47 | 00,029,466 | ---- | M] () -- C:\Users\user\Desktop\reloadevery-3.5.0-fx.xpi [2009/08/01 03:47:45 | 00,621,552 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2009/08/01 03:47:45 | 00,104,868 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2009/07/31 05:10:05 | 01,827,587 | ---- | M] () -- [2009/07/30 13:28:13 | 00,018,783 | ---- | M] () -- [2009/07/30 13:24:39 | 00,058,001 | ---- | M] () -- [2009/07/30 12:24:38 | 00,041,821 | ---- | M] () -- [2009/07/30 12:23:51 | 00,030,037 | ---- | M] () -- [2009/07/29 08:17:36 | 00,725,100 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009/07/29 05:04:23 | 00,019,307 | ---- | M] () -- [2009/07/29 04:57:44 | 00,157,499 | ---- | M] () -- [2009/07/29 04:55:01 | 00,043,050 | ---- | M] () -- [2009/07/28 12:47:53 | 00,000,053 | ---- | M] () -- C:\Windows\WININIT.INI [2009/07/28 12:27:20 | 00,000,000 | ---- | M] () -- C:\Windows\setup32.INI [2009/07/27 12:41:01 | 00,552,325 | ---- | M] () -- C:\Users\user\Desktop\Page 2.JPG [2009/07/27 12:38:54 | 00,731,466 | ---- | M] () -- C:\Users\user\Desktop\Page 1.JPG [2009/07/22 18:53:29 | 00,000,008 | RHS- | M] () -- C:\Windows\System32\B838B21A14.dll [color=#E56717]========== LOP Check ==========[/color] [2009/08/01 11:37:24 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming [2008/10/16 13:19:26 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CyberLink [2009/06/12 15:59:49 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Dev-Cpp [2009/08/02 13:34:40 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DMCache [2009/08/01 19:24:54 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\dvdcss [2009/06/01 15:03:06 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Ethereal [2009/07/12 08:28:34 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\FileZilla [2009/01/09 12:56:57 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Free Download Manager [2009/08/02 05:54:04 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\IDM [2006/11/02 05:37:34 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Media Center Programs [2008/11/28 06:59:59 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MetaProducts [2009/03/29 05:39:43 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Moyea [2008/12/08 06:54:16 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Offline Explorer [2009/02/22 07:29:47 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OLYMPUS [2009/02/06 09:44:56 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Opera [2008/10/16 12:00:12 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Roxio [2009/01/12 03:02:21 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SolidDocuments [2008/10/15 14:14:47 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TMP [2009/07/31 15:49:43 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\tor [2009/08/01 13:11:10 | 00,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent [2009/08/02 05:30:06 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT [2009/08/02 00:57:19 | 00,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009/08/03 08:34:26 | 00,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0A79AC58-1F73-45E3-BFA3-CD2238CB441D}.job [color=#E56717]========== Purity Check ==========[/color] < End of report >