OTL logfile created on: 12/20/2010 4:47:34 PM - Run 2
OTL by OldTimer - Version 3.2.17.4     Folder = C:\Documents and Settings\Saki\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 78.00% Memory free
6.00 Gb Paging File | 6.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 3840 7680 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 407.43 Gb Free Space | 87.48% Space Free | Partition Type: NTFS
 
Computer Name: 1DCGCC1 | User Name: Saki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/12/19 20:19:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Saki\Desktop\OTL.exe
PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2008/04/30 02:45:04 | 000,053,248 | ---- | M] () -- C:\WINDOWS\KBStatusLED.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/07/27 13:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/06/26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/12/19 20:19:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Saki\Desktop\OTL.exe
MOD - [2010/08/23 08:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2006/06/26 10:33:42 | 000,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- C:\Program Files\VentSrv\ventrilo_svc.exe -- (Ventrilo)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/08/27 10:20:10 | 000,208,616 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe -- (AVP)
SRV - [2006/06/26 10:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/06/26 10:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Saki\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/10/16 10:55:00 | 009,623,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/05/13 16:46:52 | 000,031,760 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009/04/30 15:01:34 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/04/30 14:55:56 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009/04/30 14:55:32 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2009/02/24 18:56:54 | 000,227,344 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2008/12/15 19:41:32 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2008/11/12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008/07/21 16:34:36 | 000,121,872 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 08:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/13 17:02:46 | 000,026,640 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klfltdev.sys -- (KLFLTDEV)
DRV - [2007/01/30 11:12:06 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/27 13:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/06/26 10:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006/06/26 10:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/06/18 22:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2003/11/17 14:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 14:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 14:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.google.com/search?sourceid=navclient&hl=en&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/16 23:13:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/16 23:18:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\THBExt [2010/03/18 03:10:03 | 000,000,000 | ---D | M]
 
[2010/07/30 21:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\Mozilla\Extensions
[2010/12/20 16:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\Mozilla\Firefox\Profiles\qbqz5cqz.default\extensions
[2010/08/12 19:18:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Saki\Application Data\Mozilla\Firefox\Profiles\qbqz5cqz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/04 02:28:15 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Saki\Application Data\Mozilla\Firefox\Profiles\qbqz5cqz.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/30 21:19:33 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Saki\Application Data\Mozilla\Firefox\Profiles\qbqz5cqz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/13 02:20:27 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Saki\Application Data\Mozilla\Firefox\Profiles\qbqz5cqz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/12/20 16:34:44 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/08 22:12:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/18 22:27:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/12/16 23:04:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2010/12/20 16:38:07 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll (Kaspersky Lab)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [KBStatusLED1] C:\WINDOWS\KBStatusLED.exe ()
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm ()
O9 - Extra Button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll (Kaspersky Lab)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.189.0.100 24.159.64.23 24.247.24.53
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Documents and Settings\Saki\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Saki\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/30 10:50:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/12/20 16:38:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/19 20:19:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Saki\Desktop\OTL.exe
[2010/12/18 23:33:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Saki\Recent
[2010/12/18 16:32:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saki\Application Data\SystemRequirementsLab
[2010/12/18 15:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2010/12/16 23:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/12/16 23:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/16 23:10:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/12/16 23:05:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/12/13 18:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/12/12 22:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2010/12/12 22:24:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2010/12/10 02:12:40 | 000,000,000 | ---D | C] -- C:\Program Files\EASEUS
[2010/12/09 17:44:54 | 000,000,000 | -HSD | C] -- C:\found.000
[2010/12/08 20:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\Runtime Software
[2010/12/04 08:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saki\Application Data\skypePM
[2010/12/04 08:11:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/12/04 08:11:12 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/12/04 08:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Saki\Application Data\Skype
[2010/12/04 08:10:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/12/04 07:44:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/12/04 01:10:05 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/12/20 16:45:27 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/20 16:45:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/20 16:44:35 | 001,910,304 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/12/20 16:44:35 | 000,565,280 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2010/12/20 16:44:35 | 000,018,100 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/12/20 16:44:35 | 000,004,060 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2010/12/20 16:38:07 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/12/20 15:55:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/19 21:58:09 | 000,028,375 | ---- | M] () -- C:\Documents and Settings\Saki\Desktop\Southern Jewel App.doc
[2010/12/19 20:19:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Saki\Desktop\OTL.exe
[2010/12/19 02:56:55 | 004,845,996 | ---- | M] () -- C:\Documents and Settings\Saki\Desktop\asdas.mp3
[2010/12/18 16:58:52 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/12/18 16:58:52 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/12/18 16:58:50 | 000,240,592 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/12/18 16:50:38 | 000,433,472 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/18 16:50:38 | 000,068,318 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/18 16:47:41 | 000,237,284 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/12/18 14:23:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/17 02:32:31 | 000,011,197 | ---- | M] () -- C:\Documents and Settings\Saki\Desktop\Bleach_-_Hitohira_no_Hanabira.mp3
[2010/12/15 19:18:58 | 000,105,416 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/12 23:38:34 | 000,002,211 | ---- | M] () -- C:\Documents and Settings\Saki\Desktop\Document.doc
[2010/12/12 07:38:43 | 009,638,508 | ---- | M] () -- C:\Documents and Settings\Saki\Desktop\inori no kanata ~instrumental~.mp3
[2010/12/12 07:37:09 | 010,371,614 | ---- | M] () -- C:\Documents and Settings\Saki\Desktop\inori no kanata.mp3
[2010/12/11 02:07:25 | 000,005,848 | ---- | M] () -- C:\Documents and Settings\Saki\Desktop\th_st00pid_anime_kitty.jpg
[2010/12/08 23:39:08 | 000,001,130 | ---- | M] () -- C:\Documents and Settings\Saki\Local Settings\Application Data\FASTWiz.html
[2010/12/08 15:08:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/06 10:30:42 | 001,624,186 | ---- | M] () -- C:\Documents and Settings\Saki\Desktop\IMAG0169.JPG
[2010/12/04 08:16:15 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/24 19:14:48 | 002,986,038 | ---- | M] () -- C:\Documents and Settings\Saki\Desktop\untitled.bmp
[2010/11/22 14:53:36 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\Saki\My Documents\Adobe Reader 9.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/12/19 21:58:09 | 000,028,375 | ---- | C] () -- C:\Documents and Settings\Saki\Desktop\Southern Jewel App.doc
[2010/12/18 16:42:36 | 000,207,670 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2010/12/17 02:32:31 | 000,011,197 | ---- | C] () -- C:\Documents and Settings\Saki\Desktop\Bleach_-_Hitohira_no_Hanabira.mp3
[2010/12/12 07:38:15 | 009,638,508 | ---- | C] () -- C:\Documents and Settings\Saki\Desktop\inori no kanata ~instrumental~.mp3
[2010/12/12 07:36:48 | 010,371,614 | ---- | C] () -- C:\Documents and Settings\Saki\Desktop\inori no kanata.mp3
[2010/12/12 06:43:22 | 004,845,996 | ---- | C] () -- C:\Documents and Settings\Saki\Desktop\asdas.mp3
[2010/12/10 02:32:56 | 000,005,848 | ---- | C] () -- C:\Documents and Settings\Saki\Desktop\th_st00pid_anime_kitty.jpg
[2010/12/08 23:38:28 | 000,001,130 | ---- | C] () -- C:\Documents and Settings\Saki\Local Settings\Application Data\FASTWiz.html
[2010/12/08 22:39:32 | 000,147,642 | ---- | C] () -- C:\Documents and Settings\Saki\Local Settings\Application Data\FASTWiz.log
[2010/12/06 10:30:41 | 001,624,186 | ---- | C] () -- C:\Documents and Settings\Saki\Desktop\IMAG0169.JPG
[2010/12/04 08:16:15 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/11/24 19:14:47 | 002,986,038 | ---- | C] () -- C:\Documents and Settings\Saki\Desktop\untitled.bmp
[2010/06/20 04:02:25 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2009/12/01 12:43:11 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/11/18 08:47:36 | 000,010,240 | ---- | C] () -- C:\Documents and Settings\Saki\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/11 18:37:19 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/08/30 03:41:17 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/30 21:39:36 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/09/17 22:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/04/15 23:29:52 | 000,229,447 | ---- | C] () -- C:\WINDOWS\KBHook.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/12/04 07:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/12/18 15:51:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2009/11/17 18:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/07/29 19:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2010/12/18 23:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/08/12 18:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010/05/27 14:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivitar
[2010/05/27 14:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vivitar Experience Image Manager
[2010/04/05 13:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/14 13:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/08/12 18:43:25 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010/07/31 05:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\Auslogics
[2010/03/10 21:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\FreeAudioPack
[2009/08/30 15:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\GetRightToGo
[2009/11/16 23:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\Leadertech
[2009/08/30 10:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\MSNInstaller
[2009/10/08 15:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\OpenCandy
[2010/12/18 16:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\SystemRequirementsLab
[2010/08/12 18:50:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Saki\Application Data\TuneUp Software
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

< End of report >