OTL logfile created on: 3/2/2010 11:04:40 PM - Run 2
OTL by OldTimer - Version 3.1.32.0     Folder = J:\
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 46.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.55 Gb Total Space | 324.92 Gb Free Space | 71.48% Space Free | Partition Type: NTFS
Drive D: | 11.21 Gb Total Space | 1.49 Gb Free Space | 13.32% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 1.87 Gb Total Space | 1.73 Gb Free Space | 92.75% Space Free | Partition Type: FAT
 
Computer Name: WWLD
Current User Name: whatwhiteliesdestroy
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/03/02 20:38:07 | 004,043,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgui.exe
PRC - [2010/03/02 20:38:06 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2010/03/02 20:37:55 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/02 20:37:51 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2010/03/02 20:37:50 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/01 20:16:02 | 000,551,424 | ---- | M] (OldTimer Tools) -- J:\OTL.exe
PRC - [2010/02/28 13:46:49 | 000,332,720 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2010/02/25 06:52:04 | 000,135,664 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.2.183.17\GoogleCrashHandler.exe
PRC - [2010/02/24 06:56:26 | 001,217,872 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/02/08 18:27:29 | 000,038,184 | ---- | M] (NCSoft) -- C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe
PRC - [2009/11/24 17:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 17:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 17:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 17:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 17:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/11/09 11:40:20 | 000,091,392 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2009/11/09 11:40:10 | 000,273,664 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009/11/06 02:34:20 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/10/09 13:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
PRC - [2009/10/09 13:11:12 | 000,078,008 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
PRC - [2009/07/26 16:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/07/08 02:53:36 | 000,472,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2009/02/23 07:05:34 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2009/02/09 17:09:07 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/02 03:00:00 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
PRC - [2008/02/21 16:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/04/18 09:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/03/01 20:16:02 | 000,551,424 | ---- | M] (OldTimer Tools) -- J:\OTL.exe
MOD - [2009/04/11 00:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2010/02/18 12:04:31 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:[b]64bit:[/b] - [2009/11/24 17:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2009/11/24 17:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV:[b]64bit:[/b] - [2009/11/24 17:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV:[b]64bit:[/b] - [2009/11/24 17:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV:[b]64bit:[/b] - [2009/09/24 19:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:[b]64bit:[/b] - [2008/05/02 01:49:54 | 000,160,272 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:[b]64bit:[/b] - [2008/01/20 20:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (usprserv)
SRV:[b]64bit:[/b] - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2007/10/18 09:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2010/03/02 20:37:55 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/02 20:37:51 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/02/28 13:46:49 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/02/18 12:04:10 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/11/09 11:40:20 | 000,091,392 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/29 22:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/03/16 13:37:00 | 002,849,844 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/05/09 13:03:36 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/21 16:02:53 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/12/04 18:41:34 | 000,181,784 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/08/22 02:22:08 | 000,267,096 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/04 15:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/02 07:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 00:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 00:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2010/03/02 20:38:04 | 000,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgtdia.sys -- (AvgTdiA)
DRV:[b]64bit:[/b] - [2010/03/02 20:38:02 | 000,034,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (AvgMfx64)
DRV:[b]64bit:[/b] - [2010/03/02 20:37:51 | 000,422,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (AvgLdx64)
DRV:[b]64bit:[/b] - [2009/11/24 17:50:25 | 000,089,680 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2009/11/24 17:50:05 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2009/11/24 17:49:56 | 000,065,616 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2009/11/24 17:49:10 | 000,053,840 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2009/11/24 17:49:00 | 000,027,216 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2009/09/30 18:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2009/08/28 18:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2009/07/24 06:58:58 | 000,033,264 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MusCAudio.sys -- (MusCAudio)
DRV:[b]64bit:[/b] - [2009/07/07 14:48:44 | 000,035,376 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\purendis.sys -- (purendis)
DRV:[b]64bit:[/b] - [2009/07/07 14:48:44 | 000,033,328 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\pnarp.sys -- (pnarp)
DRV:[b]64bit:[/b] - [2009/05/24 07:36:52 | 000,626,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr7364.sys -- (netr7364)
DRV:[b]64bit:[/b] - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2009/05/09 00:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys -- (NuidFltr)
DRV:[b]64bit:[/b] - [2009/04/10 23:39:34 | 000,098,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:[b]64bit:[/b] - [2009/02/19 11:31:42 | 000,028,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM)
DRV:[b]64bit:[/b] - [2009/02/19 11:31:18 | 000,047,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV:[b]64bit:[/b] - [2009/02/19 11:31:00 | 000,266,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV:[b]64bit:[/b] - [2009/02/19 11:30:58 | 000,145,456 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMFW.SYS -- (SYMFW)
DRV:[b]64bit:[/b] - [2009/02/19 11:30:58 | 000,028,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV:[b]64bit:[/b] - [2009/02/19 11:30:58 | 000,016,432 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV:[b]64bit:[/b] - [2009/01/08 23:01:14 | 000,172,080 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:[b]64bit:[/b] - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:[b]64bit:[/b] - [2008/05/08 04:27:00 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:[b]64bit:[/b] - [2008/05/08 04:25:12 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:[b]64bit:[/b] - [2008/05/08 04:24:08 | 001,487,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys -- (HSF_DP)
DRV:[b]64bit:[/b] - [2008/02/29 02:17:00 | 000,112,144 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouKE.Sys -- (LMouKE)
DRV:[b]64bit:[/b] - [2008/02/29 02:16:52 | 000,057,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:[b]64bit:[/b] - [2008/02/29 02:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:[b]64bit:[/b] - [2008/02/29 02:16:28 | 000,113,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\L8042mou.Sys -- (L8042mou)
DRV:[b]64bit:[/b] - [2008/01/20 20:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:[b]64bit:[/b] - [2007/10/18 09:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:[b]64bit:[/b] - [2007/01/23 14:47:00 | 000,035,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\L8042Kbd.sys -- (L8042Kbd)
DRV:[b]64bit:[/b] - [2006/06/19 08:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2010/03/02 23:04:00 | 000,000,027 | ---- | M] () [Kernel | On_Demand | Stopped] -- .txt -- (PcdrNdisuio)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\adfs.sys -- (adfs)
DRV - [2006/09/18 15:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 15:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2006/06/19 08:26:50 | 000,094,208 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\mdmxsdk.dll -- (mdmxsdk)
DRV - [2005/01/03 18:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2002/09/16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\PQNTDRV.sys -- (PQNTDrv)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.myspace.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.myspace.com/"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.33.0
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.0.176.0
FF - prefs.js..extensions.enabledItems: {d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}:2.2.0.9
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..keyword.URL: "http://www.ask.com/web?&o=13048&l=dis&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2009/11/03 20:52:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010/03/02 20:41:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/03/02 19:20:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/02/20 21:53:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/02/20 21:53:53 | 000,000,000 | ---D | M]
 
[2009/02/25 21:15:52 | 000,000,000 | ---D | M] -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Extensions
[2010/03/02 19:32:14 | 000,000,000 | ---D | M] -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\extensions
[2009/09/03 02:16:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/03 00:11:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/10/29 06:02:33 | 000,000,000 | ---D | M] (OnRPG Toolbar) -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}
[2010/02/08 07:57:06 | 000,000,000 | ---D | M] -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\extensions\DeviceDetection@logitech.com
[2009/04/15 16:19:34 | 000,000,000 | ---D | M] -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\extensions\toolbar@alot.com
[2010/02/09 02:05:13 | 000,000,000 | ---D | M] -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\extensions\toolbar@ask.com
[2009/04/15 16:19:48 | 000,002,094 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\searchplugins\alot-search.xml
[2009/04/08 20:32:01 | 000,000,682 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\searchplugins\ask.xml
[2009/10/27 13:43:54 | 000,002,254 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\searchplugins\askcom.xml
[2009/09/28 19:46:40 | 000,002,160 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\Mozilla\Firefox\Profiles\mdrpfkbj.default\searchplugins\MySpace.xml
[2010/03/02 19:22:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/07/17 02:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
[2009/05/07 16:27:36 | 000,283,952 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npmusicn.dll
[2009/03/18 19:25:05 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
[2007/04/16 11:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\npViewpoint.dll
 
O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files (x86)\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Korn Toolbar) - {A057A204-BACC-4D26-B7F4-49F8CCAB3ED4} - C:\Program Files (x86)\prodegetoolbar705\prodegetoolbar705.dll ([[[COMPANYNAME]]]----------------------------)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Korn Toolbar) - {A057A204-BACC-4D26-B7F4-49F8CCAB3ED4} - C:\Program Files (x86)\prodegetoolbar705\prodegetoolbar705.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Korn Toolbar) - {A057A204-BACC-4D26-B7F4-49F8CCAB3ED4} - C:\Program Files (x86)\prodegetoolbar705\prodegetoolbar705.dll ([[[COMPANYNAME]]]----------------------------)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4:[b]64bit:[/b] - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4:[b]64bit:[/b] - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [WebcammaxMoniter] C:\Program Files (x86)\WebcamMax\wcmmon.exe ()
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [BitComet] C:\Program Files (x86)\BitComet\BitComet.exe File not found
O4 - HKCU..\Run: [Google Update] C:\Users\whatwhiteliesdestroy\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [NCsoft Launcher] C:\Program Files (x86)\NCSoft\Launcher\NCLauncher.exe (NCSoft)
O4 - HKCU..\Run: [PlayNC Launcher]  File not found
O4 - HKCU..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files (x86)\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\whatwhiteliesdestroy\Desktop\andy pics\dans grad party\2009-06-21 dans party\dans party 050.JPG
O24 - Desktop BackupWallPaper: C:\Users\whatwhiteliesdestroy\Desktop\andy pics\dans grad party\2009-06-21 dans party\dans party 050.JPG
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0618a12a-94ba-11dd-aed1-00221533e944}\Shell - "" = AutoRun
O33 - MountPoints2\{0618a12a-94ba-11dd-aed1-00221533e944}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O33 - MountPoints2\{d1a6f06e-cc3e-11dd-a7a1-00221533e944}\Shell - "" = AutoRun
O33 - MountPoints2\{d1a6f06e-cc3e-11dd-a7a1-00221533e944}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O33 - MountPoints2\{f5bf4feb-f8ac-11de-9a89-00221533e944}\Shell\Auto\command - "" = J:\launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
[b]64bit:[/b] O35 - comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/03/02 19:20:18 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/03/02 19:20:17 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/03/02 19:20:16 | 000,470,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010/03/02 19:20:12 | 000,422,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010/03/02 19:20:12 | 000,034,248 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010/03/02 19:20:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\Avg
[2010/03/02 19:20:02 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2010/03/02 19:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/03/02 19:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010/03/01 18:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/03/01 18:14:54 | 000,000,000 | ---D | C] -- C:\Users\whatwhiteliesdestroy\{b537f0fb-1430-41ce-8556-896010db8e3c}
[2010/02/28 21:49:16 | 000,000,000 | ---D | C] -- C:\Users\whatwhiteliesdestroy\{51326002-f62b-45e1-9e26-74c550fb1402}
[2010/02/28 18:41:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pure Networks
[2010/02/28 18:38:43 | 000,076,184 | ---- | C] (WebEx Communications, Inc.) -- C:\Windows\SysWow64\atsckernel.exe
[2010/02/28 18:38:42 | 000,020,376 | ---- | C] (WebEx Communications, Inc.) -- C:\Windows\SysWow64\atashost.exe
[2010/02/28 18:38:36 | 000,000,000 | ---D | C] -- C:\ProgramData\webex
[2010/02/28 18:35:07 | 000,033,328 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\pnarp.sys
[2010/02/28 18:33:52 | 000,035,376 | ---- | C] (Cisco Systems, Inc.) -- C:\Windows\SysNative\drivers\purendis.sys
[2010/02/28 18:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pure Networks Shared
[2010/02/28 14:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Inc
[2010/02/25 19:21:52 | 000,000,000 | ---D | C] -- C:\Windows\E80F62FF5D3C4A1984099721F2928206.TMP
[2010/02/25 19:08:23 | 000,000,000 | ---D | C] -- C:\Users\whatwhiteliesdestroy\.yawcam
[2010/02/25 19:07:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yawcam
[2010/02/23 16:00:14 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010/02/23 16:00:13 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010/02/23 15:59:17 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010/02/23 15:59:16 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010/02/23 15:59:16 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010/02/23 15:59:15 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010/02/23 15:59:13 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010/02/23 15:59:13 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010/02/23 15:59:13 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010/02/23 15:59:13 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010/02/23 15:59:12 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010/02/23 15:59:12 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010/02/23 15:59:11 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010/02/23 15:59:11 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010/02/23 15:59:11 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010/02/23 15:59:11 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010/02/23 15:59:11 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010/02/23 15:59:11 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010/02/23 15:59:10 | 000,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2010/02/23 15:59:10 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll
[2010/02/23 15:59:05 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2010/02/23 15:59:04 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2010/02/23 15:59:01 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2010/02/23 15:59:01 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2010/02/23 15:59:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2010/02/23 15:59:00 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2010/02/18 14:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010/02/18 13:22:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/02/18 13:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2010/02/18 12:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/02/18 12:04:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010/02/18 12:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/02/18 12:04:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2010/02/18 01:11:11 | 000,000,000 | ---D | C] -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\DivX
[2010/02/18 01:02:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\custom matrices
[2010/02/18 01:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2010/02/18 01:02:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP
[2010/02/17 19:03:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2010/02/09 23:17:38 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010/02/09 23:17:35 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010/02/09 23:17:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll
[2010/02/09 23:17:34 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll
[2010/02/09 23:17:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll
[2010/02/09 23:17:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll
[2010/02/09 23:17:34 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2010/02/09 23:17:32 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2010/02/09 23:17:32 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010/02/09 23:17:32 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010/02/09 23:17:14 | 004,698,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/02/08 08:06:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Logitech
[2010/02/08 08:06:16 | 000,000,000 | ---D | C] -- C:\Users\whatwhiteliesdestroy\AppData\Local\Downloaded Installations
[2010/02/06 03:21:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2010/02/06 03:21:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010/02/06 03:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/02/06 03:04:29 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2010/02/06 03:04:29 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2010/02/06 03:04:29 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2010/02/06 03:04:27 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010/02/06 03:04:25 | 001,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2010/02/06 03:04:25 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2010/02/06 03:04:25 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecs.dll
[2010/02/06 03:04:25 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2010/02/06 03:04:25 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2010/02/06 03:04:25 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2010/02/06 03:04:25 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2010/02/06 03:04:24 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2010/02/06 03:04:24 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2010/02/06 03:04:24 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2010/02/06 03:04:24 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe
[2010/02/06 03:04:24 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2010/02/06 03:04:24 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2010/02/06 03:04:24 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2010/02/06 03:04:24 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe
[2010/02/06 03:04:24 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2010/02/06 03:04:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2010/02/06 03:04:24 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2010/02/06 03:04:24 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2010/02/06 03:04:23 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2010/02/06 03:04:23 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2010/02/06 03:04:23 | 000,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2010/02/06 03:04:23 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2010/02/06 03:04:23 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2010/02/06 03:04:23 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2010/02/06 03:04:23 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2010/02/06 03:04:23 | 000,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2010/02/06 03:04:23 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2010/02/06 03:04:23 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2010/02/06 03:04:23 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10core.dll
[2010/02/06 03:04:22 | 003,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2010/02/06 03:04:22 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2010/02/06 03:04:22 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2010/02/06 03:04:22 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2010/02/06 03:04:22 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2010/02/06 03:04:22 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2010/02/06 03:04:21 | 001,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2010/02/06 03:04:21 | 001,142,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll
[2010/02/06 03:04:21 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2010/02/06 03:04:21 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10.dll
[2010/02/06 03:04:21 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2010/02/06 03:04:21 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2010/02/06 03:04:20 | 001,269,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2010/02/06 03:03:38 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
[2010/02/06 03:03:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
[2010/02/06 03:03:36 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll
[2010/02/06 03:03:25 | 002,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdshext.dll
[2010/02/06 03:03:25 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll
[2010/02/06 03:03:25 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtpUS.dll
[2010/02/06 03:03:25 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WpdUsb.sys
[2010/02/06 03:03:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdConns.dll
[2010/02/06 03:03:24 | 002,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2010/02/06 03:03:24 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2010/02/06 03:03:24 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2010/02/06 03:03:24 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2010/02/06 03:03:24 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WpdMtp.dll
[2010/02/06 03:03:24 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2010/02/06 03:03:24 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceTypes.dll
[2010/02/06 03:03:24 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2010/02/06 03:03:24 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2010/02/06 03:03:24 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2010/02/06 03:03:24 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll
[2010/02/06 03:03:23 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2010/02/06 03:03:23 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2010/02/06 03:03:23 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll
[2010/02/06 03:03:23 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll
[2010/02/06 03:02:11 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2010/02/06 03:02:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2010/02/06 03:02:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
[2010/02/06 03:02:10 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2010/02/06 03:02:10 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2010/02/06 03:00:54 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2010/02/06 03:00:54 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2010/02/06 03:00:53 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2010/02/06 03:00:53 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2010/02/06 03:00:52 | 003,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2010/02/06 03:00:52 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2010/02/04 23:43:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2010/02/04 23:43:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2010/02/04 23:43:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2010/02/04 23:43:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2010/02/04 23:43:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2010/02/04 23:43:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2010/02/04 23:13:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/03/02 23:06:43 | 008,388,608 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT
[2010/03/02 23:00:56 | 000,000,464 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9787EBC8-EDA1-4410-8AD4-5173E2E8B9F4}.job
[2010/03/02 23:00:01 | 000,000,968 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-632859373-1800477788-3796531794-1000UA.job
[2010/03/02 22:57:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/02 22:47:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-632859373-1800477788-3796531794-1001UA.job
[2010/03/02 22:42:14 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/02 22:42:14 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/02 22:00:03 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-632859373-1800477788-3796531794-1000Core.job
[2010/03/02 20:56:04 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/02 20:42:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/02 20:42:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/02 20:41:00 | 000,524,288 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{34fabff5-258e-11df-a891-00221533e944}.TMContainer00000000000000000001.regtrans-ms
[2010/03/02 20:41:00 | 000,065,536 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{34fabff5-258e-11df-a891-00221533e944}.TM.blf
[2010/03/02 20:40:03 | 003,852,313 | -H-- | M] () -- C:\Users\whatwhiteliesdestroy\AppData\Local\IconCache.db
[2010/03/02 20:38:04 | 000,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010/03/02 20:38:02 | 000,034,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010/03/02 20:38:02 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/03/02 20:37:51 | 000,422,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010/03/02 20:33:10 | 000,000,612 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for whatwhiteliesdestroy.job
[2010/03/02 19:20:18 | 000,001,691 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/03/02 19:20:12 | 047,541,798 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/03/02 19:20:12 | 000,113,461 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm
[2010/03/02 19:20:11 | 006,061,540 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg
[2010/03/02 19:20:11 | 000,492,629 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg
[2010/03/02 19:20:11 | 000,136,354 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2010/03/02 19:18:10 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/03/02 19:18:10 | 000,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/03/02 19:18:10 | 000,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/03/02 18:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-632859373-1800477788-3796531794-1001Core.job
[2010/03/01 20:00:00 | 000,000,588 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - whatwhiteliesdestroy.job
[2010/03/01 18:37:51 | 000,524,288 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{34fabff5-258e-11df-a891-00221533e944}.TMContainer00000000000000000002.regtrans-ms
[2010/03/01 17:44:41 | 000,524,288 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{ea6340f8-24c8-11df-889b-00221533e944}.TMContainer00000000000000000002.regtrans-ms
[2010/03/01 17:44:41 | 000,524,288 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{ea6340f8-24c8-11df-889b-00221533e944}.TMContainer00000000000000000001.regtrans-ms
[2010/03/01 17:44:40 | 000,065,536 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{ea6340f8-24c8-11df-889b-00221533e944}.TM.blf
[2010/03/01 17:44:37 | 002,963,880 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/03/01 17:42:23 | 008,388,608 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\ntuser.dat_previous
[2010/03/01 17:42:21 | 000,524,288 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{e428ba02-9cb1-11de-af3a-00221533e944}.TMContainer00000000000000000001.regtrans-ms
[2010/03/01 17:42:21 | 000,065,536 | -HS- | M] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{e428ba02-9cb1-11de-af3a-00221533e944}.TM.blf
[2010/02/28 18:41:56 | 000,095,856 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/28 18:41:08 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2010/02/28 18:37:26 | 008,892,928 | ---- | M] () -- C:\ProgramData\atscie.msi
[2010/02/25 19:08:03 | 000,001,704 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Desktop\Yawcam.lnk
[2010/02/25 19:02:47 | 000,010,240 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/24 21:11:14 | 000,549,506 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Desktop\sun_stereo_4dec2006_lrg.jpg
[2010/02/24 21:04:18 | 000,009,728 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Documents\JBD.wps
[2010/02/24 21:04:18 | 000,006,908 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\wklnhst.dat
[2010/02/23 00:22:27 | 000,100,426 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Desktop\cool car.jpg
[2010/02/19 19:18:24 | 001,634,064 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Documents\Official_Korn.exe
[2010/02/18 14:22:20 | 000,039,654 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Documents\Sample 1.psd
[2010/02/17 19:03:57 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010/02/16 19:30:44 | 000,012,453 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Desktop\RWER katy.jpg
[2010/02/16 19:30:28 | 000,012,291 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Desktop\rawr katy.jpg
[2010/02/16 19:30:14 | 000,012,971 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Desktop\hush katy.jpg
[2010/02/16 12:20:54 | 000,014,740 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Desktop\Sacred Rights.ttf
[2010/02/14 17:09:28 | 000,016,896 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Documents\post border.wps
[2010/02/11 17:55:43 | 000,002,119 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Desktop\Google Chrome.lnk
[2010/02/08 23:13:52 | 000,008,704 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Documents\song in progress.wps
[2010/02/08 09:40:13 | 000,012,800 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Documents\oakley's unsealed profile.wps
[2010/02/06 03:21:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/02/06 03:20:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/02/04 21:34:23 | 000,009,216 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Documents\Loved to death.wps
[2010/02/04 21:34:21 | 000,010,240 | ---- | M] () -- C:\Users\whatwhiteliesdestroy\Documents\End of Day.wps
[2010/02/04 12:39:03 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForwhatwhiteliesdestroy.job
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/03/02 19:20:18 | 000,001,691 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/03/02 19:20:12 | 000,113,461 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm
[2010/03/02 19:20:11 | 047,541,798 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/03/02 19:20:11 | 006,061,540 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\avi7.avg
[2010/03/02 19:20:11 | 000,492,629 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\miniavi.avg
[2010/03/02 19:20:11 | 000,136,354 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2010/03/01 18:36:42 | 000,004,984 | ---- | C] () -- C:\Windows\SysNative\drivers\nvphy.bin
[2010/03/01 17:58:38 | 000,524,288 | -HS- | C] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{34fabff5-258e-11df-a891-00221533e944}.TMContainer00000000000000000002.regtrans-ms
[2010/03/01 17:58:38 | 000,524,288 | -HS- | C] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{34fabff5-258e-11df-a891-00221533e944}.TMContainer00000000000000000001.regtrans-ms
[2010/03/01 17:58:38 | 000,065,536 | -HS- | C] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{34fabff5-258e-11df-a891-00221533e944}.TM.blf
[2010/03/01 17:44:41 | 000,524,288 | -HS- | C] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{ea6340f8-24c8-11df-889b-00221533e944}.TMContainer00000000000000000002.regtrans-ms
[2010/03/01 17:44:41 | 000,524,288 | -HS- | C] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{ea6340f8-24c8-11df-889b-00221533e944}.TMContainer00000000000000000001.regtrans-ms
[2010/03/01 17:44:40 | 000,065,536 | -HS- | C] () -- C:\Users\whatwhiteliesdestroy\NTUSER.DAT{ea6340f8-24c8-11df-889b-00221533e944}.TM.blf
[2010/02/28 21:41:32 | 000,000,464 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{9787EBC8-EDA1-4410-8AD4-5173E2E8B9F4}.job
[2010/02/25 19:08:03 | 000,001,704 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Desktop\Yawcam.lnk
[2010/02/24 21:04:18 | 000,009,728 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Documents\JBD.wps
[2010/02/24 21:01:49 | 000,549,506 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Desktop\sun_stereo_4dec2006_lrg.jpg
[2010/02/24 20:33:35 | 000,014,740 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Desktop\Sacred Rights.ttf
[2010/02/23 00:22:23 | 000,100,426 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Desktop\cool car.jpg
[2010/02/19 19:18:21 | 001,634,064 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Documents\Official_Korn.exe
[2010/02/18 14:22:20 | 000,039,654 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Documents\Sample 1.psd
[2010/02/17 19:03:57 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010/02/16 19:30:43 | 000,012,453 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Desktop\RWER katy.jpg
[2010/02/16 19:30:28 | 000,012,291 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Desktop\rawr katy.jpg
[2010/02/16 19:30:13 | 000,012,971 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Desktop\hush katy.jpg
[2010/02/08 23:13:51 | 000,008,704 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Documents\song in progress.wps
[2010/02/08 09:40:13 | 000,012,800 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Documents\oakley's unsealed profile.wps
[2010/02/06 03:21:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/02/06 03:20:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/02/04 10:41:53 | 003,122,208 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\Desktop\WRT54GV4.0_4.21.1_US_code.bin
[2010/01/22 15:04:04 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2010/01/12 22:27:45 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/12 14:18:20 | 001,409,890 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll
[2010/01/12 14:18:18 | 000,882,688 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/01/12 14:18:18 | 000,556,491 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2010/01/12 14:18:16 | 004,507,983 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2010/01/12 14:18:10 | 000,877,385 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll
[2010/01/12 14:18:10 | 000,336,384 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2010/01/12 14:18:10 | 000,216,576 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2010/01/12 14:18:10 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2010/01/12 14:18:10 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2010/01/12 14:18:10 | 000,121,856 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2010/01/12 14:18:08 | 000,169,984 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2010/01/12 14:18:08 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll
[2010/01/12 14:18:08 | 000,100,864 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2010/01/12 14:18:08 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2010/01/12 14:12:36 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/12/31 18:00:00 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2009/12/31 18:00:00 | 000,248,320 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2009/11/21 13:41:13 | 001,053,056 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys
[2009/11/14 12:37:08 | 000,154,112 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2009/11/14 12:33:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2009/11/14 12:11:50 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2009/11/14 12:11:42 | 000,150,016 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2009/11/14 12:11:42 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2009/11/14 12:11:40 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2009/11/14 12:11:40 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2009/11/14 12:11:38 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2009/11/14 12:11:32 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2009/11/14 12:11:32 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2009/11/13 11:02:02 | 000,000,199 | ---- | C] () -- C:\Windows\wininit.ini
[2009/11/12 13:30:55 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2009/11/12 13:30:55 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar3.dll
[2009/11/12 13:30:55 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2009/11/12 13:30:55 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2009/10/20 12:57:18 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/10/20 12:55:51 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/30 22:53:56 | 000,427,450 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\AppData\Local\dd_vcredistMSI7391.txt
[2009/07/30 22:53:54 | 000,014,352 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\AppData\Local\dd_vcredistUI7391.txt
[2009/07/16 16:17:18 | 000,000,000 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\bcrypt.html
[2009/06/30 11:34:34 | 000,000,180 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\setup.log
[2009/06/30 11:34:27 | 000,000,760 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\setup_ldm.iss
[2009/03/07 01:15:36 | 000,000,680 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\AppData\Local\d3d9caps.dat
[2009/01/10 16:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll
[2008/12/03 16:11:50 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008/11/29 00:57:18 | 000,014,976 | ---- | C] () -- C:\Windows\SysWow64\drivers\SBKUPNT.SYS
[2008/11/29 00:57:18 | 000,000,543 | ---- | C] () -- C:\Windows\SWISV3.INI
[2008/11/29 00:57:17 | 000,000,287 | ---- | C] () -- C:\Windows\SKNIFE.INI
[2008/11/29 00:57:13 | 000,002,799 | ---- | C] () -- C:\Windows\SKLANG.INI
[2008/11/28 20:27:02 | 000,081,920 | ---- | C] () -- C:\Windows\ASR32311.DLL
[2008/11/28 20:27:02 | 000,000,070 | ---- | C] () -- C:\Windows\HGSpeech.ini
[2008/11/28 20:26:50 | 000,153,200 | ---- | C] () -- C:\Windows\PSPRT.INI
[2008/11/28 20:26:50 | 000,000,083 | ---- | C] () -- C:\Windows\PSPRTGEN.INI
[2008/11/15 19:23:47 | 000,000,071 | ---- | C] () -- C:\ProgramData\SNDUpgrade.log
[2008/11/06 10:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/11/06 10:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\SysWow64\dtu100.dll.manifest
[2008/11/03 18:25:08 | 000,000,108 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\AppData\Local\fusioncache.dat
[2008/09/24 19:56:55 | 000,010,240 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/17 22:39:57 | 000,006,908 | ---- | C] () -- C:\Users\whatwhiteliesdestroy\AppData\Roaming\wklnhst.dat
[2008/05/09 12:34:48 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/05/09 12:34:48 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/10/13 03:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini
[2007/07/10 11:10:12 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:CB0AACC9
< End of report >