ÿþOTL logfile created on: 5/21/2011 6:00:36 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Preston\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy 4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 62.00% Memory free 8.00 Gb Paging File | 6.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 920.49 Gb Total Space | 835.13 Gb Free Space | 90.73% Space Free | Partition Type: NTFS Drive D: | 10.92 Gb Total Space | 1.33 Gb Free Space | 12.20% Space Free | Partition Type: NTFS Computer Name: PRESTONFAMILY | User Name: Preston | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/05/21 17:59:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Preston\Downloads\OTL.exe PRC - [2011/05/18 22:06:47 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Preston\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe PRC - [2011/04/17 08:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2010/06/18 08:59:40 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe PRC - [2010/05/20 15:26:28 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe PRC - [2009/10/15 07:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe PRC - [2009/10/01 12:02:50 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009/10/01 12:02:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2008/12/04 13:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe PRC - [2008/11/21 02:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/05/21 17:59:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Preston\Downloads\OTL.exe MOD - [2010/08/21 13:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:[b]64bit:[/b] - [2010/05/20 15:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV:[b]64bit:[/b] - [2010/05/17 21:03:54 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2011/04/17 08:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS) SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010/06/08 11:24:22 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010/04/04 07:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/10/15 07:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) SRV - [2009/10/01 12:02:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009/10/01 12:02:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/12/18 06:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) SRV - [2007/01/12 06:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011/05/11 21:44:39 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2011/03/31 11:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2011/03/31 11:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:[b]64bit:[/b] - [2011/03/22 08:39:49 | 000,382,584 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2011/03/15 10:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2011/03/11 14:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 14:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011/01/27 14:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2011/01/27 13:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2010/05/20 15:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000) DRV:[b]64bit:[/b] - [2010/05/17 21:35:30 | 006,853,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010/05/17 20:30:28 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010/04/08 07:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:[b]64bit:[/b] - [2010/03/04 22:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010/03/04 11:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009/09/18 04:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 09:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/11 04:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/18 16:47:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV - [2011/05/18 10:35:32 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110520.036\EX64.SYS -- (NAVEX15) DRV - [2011/05/18 10:35:32 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110520.036\ENG64.SYS -- (NAVENG) DRV - [2011/05/10 11:18:54 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2011/05/10 11:18:54 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011/04/26 16:27:36 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110518.001\IDSviA64.sys -- (IDSVia64) DRV - [2011/04/19 02:08:34 | 001,127,032 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110518.001\BHDrvx64.sys -- (BHDrvx64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/CQALL/13 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/CQALL/13 IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\ [2011/05/12 03:20:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn\ [2011/05/10 11:18:39 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/04/27 23:24:31 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/04/27 23:24:42 | 000,000,000 | ---D | M] O1 HOSTS File: ([2011/05/21 16:54:35 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.) O4:[b]64bit:[/b] - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [EPSON TX110 Series (Copy 1)] File not found O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.68.117 213.109.75.211 O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{0543ffc0-8056-11e0-8312-6c626de5339d}\Shell - "" = AutoRun O33 - MountPoints2\{0543ffc0-8056-11e0-8312-6c626de5339d}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/05/21 17:04:30 | 000,000,000 | ---D | C] -- C:\Users\Preston\Desktop\tdsskiller (1) [2011/05/18 22:37:04 | 000,000,000 | ---D | C] -- C:\Users\Preston\Desktop\GooredFix Backups [2011/05/18 22:28:41 | 000,000,000 | ---D | C] -- C:\_OTM [2011/05/18 22:27:09 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/05/18 22:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2011/05/18 22:26:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2011/05/18 22:07:27 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011/05/18 22:06:48 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Google [2011/05/18 22:06:27 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Apps [2011/05/18 22:06:26 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Deployment [2011/05/17 15:48:09 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton [2011/05/17 14:30:47 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\NPE [2011/05/17 14:25:51 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Tific [2011/05/17 13:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2011/05/17 11:34:45 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Sammsoft [2011/05/10 16:17:25 | 000,000,000 | ---D | C] -- C:\Users\Preston\Documents\Oli's videos [2011/05/10 14:20:01 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Azureus [2011/05/10 14:19:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze [2011/05/10 14:19:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2011/05/10 14:19:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConduitEngine [2011/05/10 14:19:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote [2011/05/10 14:19:27 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Conduit [2011/05/10 14:17:52 | 000,000,000 | ---D | C] -- C:\Users\Preston\Documents\Vuze Downloads [2011/05/05 09:58:41 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Apple Computer [2011/05/05 09:58:41 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Apple Computer [2011/05/05 09:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011/05/05 09:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011/05/05 09:58:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2011/05/05 09:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011/05/05 09:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2011/05/05 09:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/05/05 09:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011/05/05 09:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011/05/05 09:57:06 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Apple [2011/05/05 09:57:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011/05/05 09:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2011/05/05 09:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011/05/05 09:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011/05/05 09:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011/05/05 09:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011/05/05 09:18:29 | 000,000,000 | ---D | C] -- C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC} [2011/05/05 09:17:56 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\hpqLog [2011/05/01 18:26:45 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\HP Support Assistant [2011/05/01 18:17:16 | 000,000,000 | ---D | C] -- C:\Users\Preston\Desktop\University shit [2011/04/30 14:57:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2011/04/30 14:57:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2011/04/30 14:33:48 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\WinBatch [2011/04/30 14:21:54 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\HpUpdate [2011/04/30 14:16:56 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Epson [2011/04/28 00:48:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2011/04/28 00:27:05 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL [2011/04/28 00:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software [2011/04/28 00:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Epson Software [2011/04/28 00:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint [2011/04/28 00:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint [2011/04/28 00:22:21 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\InstallShield [2011/04/28 00:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [2011/04/28 00:21:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson [2011/04/28 00:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2011/04/27 23:56:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam [2011/04/27 23:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft LifeCam [2011/04/27 23:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam [2011/04/27 23:40:48 | 000,000,000 | ---D | C] -- C:\Windows\en [2011/04/27 23:39:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011/04/27 23:39:11 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2011/04/27 23:32:50 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Windows Live [2011/04/27 23:26:31 | 000,000,000 | ---D | C] -- C:\d0c9d8c7e265348c97 [2011/04/27 23:24:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar [2011/04/27 23:16:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2011/04/27 23:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2011/04/27 22:58:49 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Hewlett-Packard [2011/04/27 22:58:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2011/04/27 22:57:11 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2011/04/27 22:56:50 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011/04/27 22:56:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\AppData\Local\Temporary Internet Files [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\Templates [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\Start Menu [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\SendTo [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\Recent [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\PrintHood [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\NetHood [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\Documents\My Videos [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\Documents\My Pictures [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\Documents\My Music [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\Local Settings [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\AppData\Local\History [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\Cookies [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\Application Data [2011/04/27 22:55:58 | 000,000,000 | -HSD | C] -- C:\Users\Preston\AppData\Local\Application Data [2011/04/27 22:55:57 | 000,000,000 | --SD | C] -- C:\Users\Preston\AppData\Roaming\Microsoft [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\Videos [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\Saved Games [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\Pictures [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\Music [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\Links [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\Favorites [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\Downloads [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\My Documents [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\Desktop [2011/04/27 22:55:57 | 000,000,000 | R--D | C] -- C:\Users\Preston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011/04/27 22:55:57 | 000,000,000 | -HSD | C] -- C:\Users\Preston\My Documents [2011/04/27 22:55:57 | 000,000,000 | -H-D | C] -- C:\Users\Preston\AppData [2011/04/27 22:55:57 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Temp [2011/04/27 22:55:57 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Microsoft [2011/04/27 22:55:57 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Media Center Programs [2011/04/27 22:55:57 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Macromedia [2011/04/27 22:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides [2011/04/27 22:54:36 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\CrashDumps [2011/04/27 22:53:26 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Adobe [2011/04/27 22:42:30 | 000,000,000 | ---D | C] -- C:\Users\Preston\Documents\Outlook Files [2011/04/27 22:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2011/04/27 22:36:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011/04/27 22:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2011/04/27 22:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011/04/27 22:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011/04/27 22:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2011/04/27 22:35:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2011/04/27 22:34:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011/04/27 22:34:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2011/04/27 22:34:30 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Microsoft Help [2011/04/27 22:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2011/04/27 22:34:18 | 000,000,000 | RH-D | C] -- C:\MSOCache [2011/04/27 22:23:48 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\ElevatedDiagnostics [2011/04/27 22:10:11 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\ATI [2011/04/27 22:10:11 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\ATI [2011/04/27 22:10:09 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\PictureMover [2011/04/27 22:09:16 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2011/04/27 22:09:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2011/04/27 22:09:16 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2011/04/27 22:09:09 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\PDFC [2011/04/27 22:09:00 | 000,000,000 | R--D | C] -- C:\Users\Preston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011/04/27 22:09:00 | 000,000,000 | R--D | C] -- C:\Users\Preston\Searches [2011/04/27 22:09:00 | 000,000,000 | R--D | C] -- C:\Users\Preston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011/04/27 22:09:00 | 000,000,000 | -H-D | C] -- C:\Users\Preston\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2011/04/27 22:08:54 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Roaming\Identities [2011/04/27 22:08:52 | 000,000,000 | R--D | C] -- C:\Users\Preston\Contacts [2011/04/27 22:08:51 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\VirtualStore [2011/04/27 22:08:40 | 000,000,000 | ---D | C] -- C:\Users\Preston\AppData\Local\Hewlett-Packard [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/05/21 17:31:00 | 000,178,552 | ---- | M] () -- C:\Users\Preston\Desktop\956 - Nov 2010 - CL.pdf [2011/05/21 17:11:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-851408907-325007156-1066789545-1000UA.job [2011/05/21 17:04:19 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/21 17:04:19 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/21 17:03:41 | 001,280,208 | ---- | M] () -- C:\Users\Preston\Desktop\tdsskiller (1).zip [2011/05/21 17:01:25 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/05/21 17:01:25 | 000,630,124 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/05/21 17:01:25 | 000,111,208 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/05/21 16:57:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/05/21 16:56:55 | 3113,570,304 | -HS- | M] () -- C:\hiberfil.sys [2011/05/21 16:54:35 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2011/05/21 16:51:31 | 000,000,926 | ---- | M] () -- C:\Users\Preston\Desktop\NTREGOPT.lnk [2011/05/21 16:51:31 | 000,000,907 | ---- | M] () -- C:\Users\Preston\Desktop\ERUNT.lnk [2011/05/21 16:41:16 | 000,001,439 | ---- | M] () -- C:\Users\Preston\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/05/20 20:33:53 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2011/05/20 20:33:51 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2011/05/20 20:33:50 | 001,386,244 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\Cat.DB [2011/05/18 22:11:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-851408907-325007156-1066789545-1000Core.job [2011/05/18 22:07:29 | 000,002,331 | ---- | M] () -- C:\Users\Preston\Desktop\Google Chrome.lnk [2011/05/15 14:24:48 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPreston.job [2011/05/12 03:20:41 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2011/05/11 21:44:39 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2011/05/11 21:44:39 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2011/05/11 21:44:39 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2011/05/10 14:19:51 | 000,001,850 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk [2011/05/10 14:19:51 | 000,001,850 | ---- | M] () -- C:\Users\Preston\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2011/05/05 09:58:37 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/05/05 09:57:21 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/05/05 09:19:20 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2011/04/29 11:29:05 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\isolate.ini [2011/04/28 13:54:02 | 000,039,219 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011/04/28 13:54:02 | 000,039,219 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011/04/28 00:27:05 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk [2011/04/28 00:22:11 | 000,002,272 | ---- | M] () -- C:\Users\Public\Desktop\Epson Stylus SX110_TX110 Manual.lnk [2011/04/28 00:21:20 | 000,000,932 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk [2011/04/28 00:03:46 | 000,003,584 | ---- | M] () -- C:\Users\Preston\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/27 23:56:30 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk [2011/04/27 23:47:15 | 000,426,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/04/27 23:16:45 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif [2011/04/27 23:16:18 | 000,722,382 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/27 22:56:05 | 000,000,000 | RHS- | M] () -- C:\Windows\SysWow64\drivers\103C_HP_53316J G D_CQ3495AN_Y53316J G D_0U_Q4CE109_EWXB0226001 DPS_4A_I2AB4_SMSI_V2.0_6.07_T101129_WU3-0_L409_M3960_J1000_7Intel_8655_93.20_#110427_N10EC8136_(BW475AA#ABG)_X_CD3_Z_2xxx0204GRxxxxxxxx0_G100268F9.MRK [2011/04/27 22:56:05 | 000,000,000 | RHS- | M] () -- C:\Windows\SysNative\drivers\103C_HP_53316J G D_CQ3495AN_Y53316J G D_0U_Q4CE109_EWXB0226001 DPS_4A_I2AB4_SMSI_V2.0_6.07_T101129_WU3-0_L409_M3960_J1000_7Intel_8655_93.20_#110427_N10EC8136_(BW475AA#ABG)_X_CD3_Z_2xxx0204GRxxxxxxxx0_G100268F9.MRK [2011/04/27 22:42:31 | 000,001,133 | ---- | M] () -- C:\Users\Preston\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/05/21 17:31:00 | 000,178,552 | ---- | C] () -- C:\Users\Preston\Desktop\956 - Nov 2010 - CL.pdf [2011/05/21 17:03:57 | 001,280,208 | ---- | C] () -- C:\Users\Preston\Desktop\tdsskiller (1).zip [2011/05/20 20:33:53 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2011/05/20 20:33:51 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011/05/18 22:26:48 | 000,000,926 | ---- | C] () -- C:\Users\Preston\Desktop\NTREGOPT.lnk [2011/05/18 22:26:48 | 000,000,907 | ---- | C] () -- C:\Users\Preston\Desktop\ERUNT.lnk [2011/05/18 22:07:29 | 000,002,331 | ---- | C] () -- C:\Users\Preston\Desktop\Google Chrome.lnk [2011/05/18 22:06:48 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-851408907-325007156-1066789545-1000UA.job [2011/05/18 22:06:48 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-851408907-325007156-1066789545-1000Core.job [2011/05/10 14:19:51 | 000,001,850 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk [2011/05/10 14:19:51 | 000,001,850 | ---- | C] () -- C:\Users\Preston\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2011/05/10 14:19:50 | 000,001,850 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk [2011/05/05 09:58:37 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/05/05 09:57:21 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/05/05 09:57:06 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011/05/05 09:31:40 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPreston.job [2011/05/05 09:19:20 | 000,002,181 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2011/04/28 00:27:05 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\Epson Easy Photo Print.lnk [2011/04/28 00:22:22 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2011/04/28 00:22:22 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2011/04/28 00:22:22 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2011/04/28 00:22:22 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2011/04/28 00:22:22 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2011/04/28 00:22:22 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2011/04/28 00:22:22 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2011/04/28 00:22:22 | 000,013,732 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_EN.cfg [2011/04/28 00:22:22 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2011/04/28 00:22:22 | 000,006,442 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_IT.cfg [2011/04/28 00:22:22 | 000,006,347 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_PT.cfg [2011/04/28 00:22:22 | 000,006,347 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_BP.cfg [2011/04/28 00:22:22 | 000,006,335 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_GE.cfg [2011/04/28 00:22:22 | 000,006,195 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_FR.cfg [2011/04/28 00:22:22 | 000,006,195 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_CF.cfg [2011/04/28 00:22:22 | 000,006,122 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_DU.cfg [2011/04/28 00:22:22 | 000,006,103 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_ES.cfg [2011/04/28 00:22:22 | 000,005,817 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_KO.cfg [2011/04/28 00:22:22 | 000,005,436 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_SC.cfg [2011/04/28 00:22:22 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2011/04/28 00:22:22 | 000,002,889 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_RU.cfg [2011/04/28 00:22:22 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\EPPICLocal_TC.cfg [2011/04/28 00:22:22 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2011/04/28 00:22:22 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2011/04/28 00:22:22 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2011/04/28 00:22:22 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2011/04/28 00:22:22 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2011/04/28 00:22:22 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2011/04/28 00:22:22 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2011/04/28 00:22:22 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2011/04/28 00:22:22 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2011/04/28 00:22:22 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2011/04/28 00:22:11 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\Epson Stylus SX110_TX110 Manual.lnk [2011/04/28 00:21:20 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk [2011/04/28 00:03:46 | 000,003,584 | ---- | C] () -- C:\Users\Preston\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/27 23:56:30 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk [2011/04/27 23:40:34 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2011/04/27 23:40:26 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2011/04/27 23:40:14 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2011/04/27 23:39:50 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2011/04/27 23:16:45 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif [2011/04/27 23:16:18 | 000,722,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/27 23:16:12 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2011/04/27 22:58:36 | 000,002,239 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk [2011/04/27 22:58:36 | 000,002,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk [2011/04/27 22:56:05 | 000,000,000 | RHS- | C] () -- C:\Windows\SysWow64\drivers\103C_HP_53316J G D_CQ3495AN_Y53316J G D_0U_Q4CE109_EWXB0226001 DPS_4A_I2AB4_SMSI_V2.0_6.07_T101129_WU3-0_L409_M3960_J1000_7Intel_8655_93.20_#110427_N10EC8136_(BW475AA#ABG)_X_CD3_Z_2xxx0204GRxxxxxxxx0_G100268F9.MRK [2011/04/27 22:56:05 | 000,000,000 | RHS- | C] () -- C:\Windows\SysNative\drivers\103C_HP_53316J G D_CQ3495AN_Y53316J G D_0U_Q4CE109_EWXB0226001 DPS_4A_I2AB4_SMSI_V2.0_6.07_T101129_WU3-0_L409_M3960_J1000_7Intel_8655_93.20_#110427_N10EC8136_(BW475AA#ABG)_X_CD3_Z_2xxx0204GRxxxxxxxx0_G100268F9.MRK [2011/04/27 22:55:57 | 000,000,290 | ---- | C] () -- C:\Users\Preston\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2011/04/27 22:55:57 | 000,000,272 | ---- | C] () -- C:\Users\Preston\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2011/04/27 22:53:18 | 000,001,439 | ---- | C] () -- C:\Users\Preston\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/04/27 22:42:31 | 000,001,133 | ---- | C] () -- C:\Users\Preston\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk [2011/04/27 22:09:16 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2011/04/27 22:09:16 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2011/04/27 22:09:06 | 000,001,411 | ---- | C] () -- C:\Users\Preston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011/04/27 22:09:00 | 000,001,445 | ---- | C] () -- C:\Users\Preston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011/02/27 10:18:45 | 000,002,137 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011/02/27 09:21:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010/09/28 14:00:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL [2009/07/14 13:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 10:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 10:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 08:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/14 05:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/26 17:24:18 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini [2009/06/11 05:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011/05/17 23:38:56 | 000,000,000 | ---D | M] -- C:\Users\Preston\AppData\Roaming\Azureus [2011/04/30 14:28:59 | 000,000,000 | ---D | M] -- C:\Users\Preston\AppData\Roaming\Epson [2011/04/27 22:10:12 | 000,000,000 | ---D | M] -- C:\Users\Preston\AppData\Roaming\PictureMover [2011/05/17 11:49:30 | 000,000,000 | ---D | M] -- C:\Users\Preston\AppData\Roaming\Sammsoft [2011/05/17 14:25:51 | 000,000,000 | ---D | M] -- C:\Users\Preston\AppData\Roaming\Tific [2011/04/30 14:33:48 | 000,000,000 | ---D | M] -- C:\Users\Preston\AppData\Roaming\WinBatch [2009/07/14 13:08:49 | 000,016,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2011/05/11 18:03:22 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?¶) -- C:\Windows\SysNative\@Þ¶ [2011/05/11 18:03:22 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?¶) -- C:\Windows\SysNative\@Þ¶ < End of report >