OTL logfile created on: 14/11/2010 9:09:40 p.m. - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Admin\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 69.00% Memory free 8.00 Gb Paging File | 7.00 Gb Available in Paging File | 83.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 698.63 Gb Total Space | 377.07 Gb Free Space | 53.97% Space Free | Partition Type: NTFS Computer Name: ADMIN-PC | User Name: Admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/11/14 21:09:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe PRC - [2010/10/30 10:49:52 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010/08/13 13:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/03/24 21:31:50 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2010/03/24 20:18:45 | 002,937,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2009/05/27 11:31:29 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe PRC - [2008/09/05 10:03:56 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe PRC - [2007/12/19 12:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe PRC - [2006/11/24 16:24:16 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/11/14 21:09:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe MOD - [2009/07/14 14:15:31 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2009/07/14 14:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009/07/14 14:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2010/03/24 21:39:50 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV:[b]64bit:[/b] - [2010/03/24 21:31:50 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2009/07/14 14:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/14 14:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2010/08/13 13:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/10/31 16:49:44 | 000,320,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009/07/26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009/06/11 10:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\zztyvgxr.sys -- (zztyvgxr) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\zroqsdbv.sys -- (zroqsdbv) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\zjagduck.sys -- (zjagduck) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\yzoontit.sys -- (yzoontit) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ywdklarc.sys -- (ywdklarc) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ykyiqovx.sys -- (ykyiqovx) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\yktoolcs.sys -- (yktoolcs) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\yegarizr.sys -- (yegarizr) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\yeewgmnz.sys -- (yeewgmnz) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xwkvjoib.sys -- (xwkvjoib) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xqobldsx.sys -- (xqobldsx) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xqjblptj.sys -- (xqjblptj) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xjwachnj.sys -- (xjwachnj) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\xawqczlg.sys -- (xawqczlg) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wzagowqf.sys -- (wzagowqf) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wwatqtoi.sys -- (wwatqtoi) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wlmqmama.sys -- (wlmqmama) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wfcuvgwo.sys -- (wfcuvgwo) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wcqrctzr.sys -- (wcqrctzr) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vsthdnja.sys -- (vsthdnja) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vsjjdbso.sys -- (vsjjdbso) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vnyezkgb.sys -- (vnyezkgb) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vkzhimqz.sys -- (vkzhimqz) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vixalutk.sys -- (vixalutk) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vgterbdx.sys -- (vgterbdx) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vajqsodo.sys -- (vajqsodo) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uqatfwnu.sys -- (uqatfwnu) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\umhzijah.sys -- (umhzijah) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ukpsrfvf.sys -- (ukpsrfvf) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\txvhgboh.sys -- (txvhgboh) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tklcwnap.sys -- (tklcwnap) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\syuiedos.sys -- (syuiedos) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sojkuknm.sys -- (sojkuknm) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\snyrfrvv.sys -- (snyrfrvv) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rqblsyrq.sys -- (rqblsyrq) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rmsmoite.sys -- (rmsmoite) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rmoftglv.sys -- (rmoftglv) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rmobrakg.sys -- (rmobrakg) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rgoyncrv.sys -- (rgoyncrv) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\qxvjtonk.sys -- (qxvjtonk) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\qwyskipn.sys -- (qwyskipn) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\qvekhaly.sys -- (qvekhaly) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\pqqwscdc.sys -- (pqqwscdc) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\oxbcaemi.sys -- (oxbcaemi) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ovcprtyp.sys -- (ovcprtyp) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ouldorxh.sys -- (ouldorxh) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ntzywdtc.sys -- (ntzywdtc) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nmwuzvhd.sys -- (nmwuzvhd) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nhyntzxr.sys -- (nhyntzxr) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nenvdfvj.sys -- (nenvdfvj) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\neeykvll.sys -- (neeykvll) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nbwugwno.sys -- (nbwugwno) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nalalaob.sys -- (nalalaob) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mqhuyrvi.sys -- (mqhuyrvi) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mpqdgfpa.sys -- (mpqdgfpa) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ljdqrqcf.sys -- (ljdqrqcf) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lipyeqty.sys -- (lipyeqty) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lbcpkslz.sys -- (lbcpkslz) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\kxqqqlfu.sys -- (kxqqqlfu) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\kpzjbjgo.sys -- (kpzjbjgo) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\koukhyrv.sys -- (koukhyrv) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\kgwsgmcv.sys -- (kgwsgmcv) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\kbjqshai.sys -- (kbjqshai) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\jsfhnvdy.sys -- (jsfhnvdy) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\jpbyhgqy.sys -- (jpbyhgqy) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\jlstswid.sys -- (jlstswid) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\jjuleifq.sys -- (jjuleifq) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\jirtmnqj.sys -- (jirtmnqj) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igncqmfo.sys -- (igncqmfo) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hxzxnvvi.sys -- (hxzxnvvi) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\htqlheaz.sys -- (htqlheaz) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hqzphzdq.sys -- (hqzphzdq) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hmaxpvaa.sys -- (hmaxpvaa) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hjeyrgnt.sys -- (hjeyrgnt) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hhetflmu.sys -- (hhetflmu) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hdmlndqy.sys -- (hdmlndqy) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hbhuvbkc.sys -- (hbhuvbkc) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\gxlnredm.sys -- (gxlnredm) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\gwquhabs.sys -- (gwquhabs) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\gocmzskv.sys -- (gocmzskv) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\gdqwnano.sys -- (gdqwnano) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\gdfgrjib.sys -- (gdfgrjib) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\frhfsxdv.sys -- (frhfsxdv) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fqlytink.sys -- (fqlytink) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fjuttdax.sys -- (fjuttdax) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\eyusaimi.sys -- (eyusaimi) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\evcaqsga.sys -- (evcaqsga) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\esbpwutc.sys -- (esbpwutc) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\elhdporl.sys -- (elhdporl) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\eatatlnd.sys -- (eatatlnd) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dyyeynav.sys -- (dyyeynav) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dshhzoan.sys -- (dshhzoan) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dqnalyej.sys -- (dqnalyej) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dkfturlw.sys -- (dkfturlw) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dczmbita.sys -- (dczmbita) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\csamgiqd.sys -- (csamgiqd) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\cpufuiys.sys -- (cpufuiys) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ckhqszkc.sys -- (ckhqszkc) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\cfyrzblk.sys -- (cfyrzblk) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\cfbrfltu.sys -- (cfbrfltu) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ceshqnwk.sys -- (ceshqnwk) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\blmzialf.sys -- (blmzialf) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\beaipyxb.sys -- (beaipyxb) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bcohyumt.sys -- (bcohyumt) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\axepllgd.sys -- (axepllgd) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\asmivdgu.sys -- (asmivdgu) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\aoqqasqa.sys -- (aoqqasqa) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\aemfoijh.sys -- (aemfoijh) DRV:[b]64bit:[/b] - [2010/04/19 21:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2010/03/24 21:34:20 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:[b]64bit:[/b] - [2010/03/24 21:31:12 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2010/03/24 21:24:00 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2009/10/13 02:15:52 | 000,061,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l160x64.sys -- (AtcL001) DRV:[b]64bit:[/b] - [2009/07/14 14:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009/07/14 14:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009/07/14 14:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 14:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 14:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009/07/14 14:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/11 09:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009/06/11 09:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/11 09:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/11 09:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/11 09:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/23 12:08:37 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:[b]64bit:[/b] - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009/02/18 06:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:[b]64bit:[/b] - [2007/08/02 18:33:04 | 000,012,672 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dadder.sys -- (DAdderFltr) DRV:[b]64bit:[/b] - [2005/03/29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15243&l=dis IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://msn.co.nz/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-nz IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF D8 21 E2 E0 8F CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.co.nz/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8 FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76 FF - prefs.js..extensions.enabledItems: {455D905A-D37C-4643-A9E2-F6FEFAA0424A}:0.8.13 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019 FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=DAT&o=15240&locale=en_US&apn_uid=80AAC5B4-49B6-4E56-8D50-4955CEECC4CB&apn_ptnrs=FD&apn_sauid=0BD52D7D-EF57-4CB5-BD99-91529CB2812D&apn_dtid=YYYYYYYYNZ&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/05 20:37:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/30 10:49:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/04/19 22:32:17 | 000,000,000 | ---D | M] [2009/08/13 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions [2010/11/14 18:34:57 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qvrxehac.default\extensions [2010/07/04 19:20:14 | 000,000,000 | ---D | M] (RefControl) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qvrxehac.default\extensions\{455D905A-D37C-4643-A9E2-F6FEFAA0424A} [2010/02/23 19:52:51 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qvrxehac.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2010/10/09 09:36:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qvrxehac.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2010/10/09 09:36:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qvrxehac.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/02/23 19:52:51 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qvrxehac.default\extensions\noia2_option@kk.noia [2010/10/31 18:09:08 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qvrxehac.default\extensions\toolbar@ask.com [2010/11/14 18:24:58 | 000,002,567 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qvrxehac.default\searchplugins\askcom.xml [2010/11/14 18:34:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/03/24 20:13:49 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll O1 HOSTS File: ([2009/06/11 10:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe () O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKCU..\Run: [Java developer Script Browse] C:\Windows\jusched.exe File not found O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 202.27.158.40 202.27.156.72 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{a4e7b485-afc5-11de-b6de-001d60b939f5}\Shell - "" = AutoRun O33 - MountPoints2\{a4e7b485-afc5-11de-b6de-001d60b939f5}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{abc09f51-bd19-11df-b601-001d60b939f5}\Shell - "" = AutoRun O33 - MountPoints2\{abc09f51-bd19-11df-b601-001d60b939f5}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O33 - MountPoints2\{bbc41563-8795-11de-ae65-001d60b939f5}\Shell - "" = AutoRun O33 - MountPoints2\{bbc41563-8795-11de-ae65-001d60b939f5}\Shell\AutoRun\command - "" = F:\Installer.exe -- File not found O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/11/14 21:09:21 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe [2010/11/13 13:40:11 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Other [2010/11/13 13:35:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Microsoft [2010/11/13 11:04:08 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Movies, Vids and More [2010/11/13 11:03:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Pics [2010/11/13 11:02:12 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Flash Platforms [2010/11/13 11:00:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Notepad TXT [2010/11/13 10:58:31 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Setups [2010/11/13 10:58:09 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Game Platforms [2010/11/13 10:40:06 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Admin\Desktop\HijackThis.exe [2010/11/13 10:33:56 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\NodLogin.10.0.2 [2010/10/22 20:48:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Video Converter [2010/10/22 20:39:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FLV Player [2010/10/22 20:14:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2010/10/22 20:12:00 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2010/10/22 20:11:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar [2010/10/22 20:10:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer [2010/10/22 20:08:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Windows Live [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/11/14 21:09:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe [2010/11/14 21:07:24 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/11/14 21:06:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/11/14 21:06:41 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys [2010/11/14 21:02:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/11/13 13:34:45 | 000,002,693 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Office Word 2007.lnk [2010/11/13 13:34:42 | 000,002,611 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Office Publisher 2007.lnk [2010/11/13 13:34:39 | 000,002,645 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Office PowerPoint 2007.lnk [2010/11/13 13:34:36 | 000,002,693 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Office Outlook 2007.lnk [2010/11/13 13:34:33 | 000,002,619 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Office OneNote 2007.lnk [2010/11/13 13:34:28 | 000,002,687 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Office InfoPath 2007.lnk [2010/11/13 13:34:25 | 000,002,697 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Office Groove 2007.lnk [2010/11/13 13:34:22 | 000,002,655 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Office Excel 2007.lnk [2010/11/13 13:34:17 | 000,002,643 | ---- | M] () -- C:\Users\Admin\Desktop\Microsoft Office Access 2007.lnk [2010/11/13 10:40:10 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Admin\Desktop\HijackThis.exe [2010/11/13 10:35:05 | 000,000,995 | ---- | M] () -- C:\Users\Admin\Desktop\NodLogin Force.lnk [2010/11/13 10:35:05 | 000,000,981 | ---- | M] () -- C:\Users\Admin\Desktop\NodLogin normal.lnk [2010/11/13 10:20:33 | 322,268,454 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010/11/07 19:19:44 | 000,003,280 | ---- | M] () -- C:\bootsqm.dat [2010/11/05 16:02:37 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010/10/23 20:15:37 | 000,019,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/10/23 20:15:37 | 000,019,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/10/22 20:10:26 | 000,027,648 | ---- | M] () -- C:\Users\Admin\Documents\Space Essay.doc [2010/10/22 17:54:07 | 006,740,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010/10/22 17:54:07 | 003,138,004 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010/10/22 17:54:07 | 000,005,136 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010/10/21 21:26:16 | 000,011,336 | ---- | M] () -- C:\Users\Admin\Documents\Space Essay.docx [2010/10/16 20:29:00 | 000,045,568 | -H-- | M] () -- C:\Windows\SysWow64\secupdat.dat [2010/10/16 20:29:00 | 000,045,568 | -H-- | M] () -- C:\Users\Admin\secupdat.dat [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/11/13 13:34:45 | 000,002,693 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Office Word 2007.lnk [2010/11/13 13:34:42 | 000,002,611 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Office Publisher 2007.lnk [2010/11/13 13:34:39 | 000,002,645 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Office PowerPoint 2007.lnk [2010/11/13 13:34:36 | 000,002,693 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Office Outlook 2007.lnk [2010/11/13 13:34:33 | 000,002,619 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Office OneNote 2007.lnk [2010/11/13 13:34:28 | 000,002,687 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Office InfoPath 2007.lnk [2010/11/13 13:34:25 | 000,002,697 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Office Groove 2007.lnk [2010/11/13 13:34:22 | 000,002,655 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Office Excel 2007.lnk [2010/11/13 13:34:17 | 000,002,643 | ---- | C] () -- C:\Users\Admin\Desktop\Microsoft Office Access 2007.lnk [2010/11/13 10:35:05 | 000,000,995 | ---- | C] () -- C:\Users\Admin\Desktop\NodLogin Force.lnk [2010/11/07 19:19:44 | 000,003,280 | ---- | C] () -- C:\bootsqm.dat [2010/10/22 20:10:25 | 000,027,648 | ---- | C] () -- C:\Users\Admin\Documents\Space Essay.doc [2010/10/21 21:26:16 | 000,011,336 | ---- | C] () -- C:\Users\Admin\Documents\Space Essay.docx [2010/10/16 13:17:28 | 000,045,568 | -H-- | C] () -- C:\Windows\SysWow64\secupdat.dat [2010/10/16 13:17:28 | 000,045,568 | -H-- | C] () -- C:\Users\Admin\secupdat.dat [2010/08/07 09:44:18 | 000,004,608 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/04/02 18:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010/03/05 20:31:08 | 000,004,716 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009/08/13 12:30:29 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009/08/13 12:30:28 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2009/08/13 12:30:24 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2009/08/13 12:30:24 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2009/08/13 12:30:24 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2009/08/13 12:30:16 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2009/07/14 12:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/14 10:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [color=#E56717]========== LOP Check ==========[/color] [2010/02/08 18:10:12 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ImgBurn [2009/08/13 12:12:48 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent [2010/10/30 12:54:43 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 527961 bytes -> C:\Windows\Temp:temp < End of report >