OTL logfile created on: 5/29/2011 3:57:42 PM - Run 4
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\† **** †\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00003409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy
 
2.50 Gb Total Physical Memory | 1.71 Gb Available Physical Memory | 68.48% Memory free
5.21 Gb Paging File | 3.84 Gb Available in Paging File | 73.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290.01 Gb Total Space | 3.78 Gb Free Space | 1.30% Space Free | Partition Type: NTFS
Drive D: | 8.08 Gb Total Space | 1.01 Gb Free Space | 12.52% Space Free | Partition Type: NTFS
 
Computer Name: ****-PC | User Name: † **** † | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/05/28 20:24:44 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\† **** †\Desktop\OTL.exe
PRC - [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe
PRC - [2011/01/19 16:23:41 | 000,136,336 | ---- | M] (RockMelt Inc.) -- C:\Users\† **** †\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
PRC - [2011/01/13 16:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 16:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/09 05:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/12/09 03:17:46 | 001,226,608 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/09/27 23:36:24 | 000,176,408 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe
PRC - [2010/01/22 07:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/11/11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/04/11 14:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/04/11 14:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/02 18:50:34 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/06/02 18:50:32 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/19 15:33:27 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
PRC - [2008/01/15 11:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/09/12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/04/18 23:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 19:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/09/04 01:32:28 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/05/28 20:24:44 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\† **** †\Desktop\OTL.exe
MOD - [2011/01/13 16:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/31 23:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/01/13 16:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/09/27 23:36:24 | 000,176,408 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/06/23 20:53:52 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/26 00:47:00 | 003,489,788 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/01/22 07:21:02 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/01/18 14:14:24 | 001,141,712 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/12/09 15:23:34 | 000,365,280 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/06/02 18:50:34 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/19 15:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/07 08:58:18 | 003,004,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2006/09/12 07:02:44 | 000,544,256 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) Intel(R)
SRV - [2006/09/12 07:01:04 | 000,167,936 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) Intel(R)
SRV - [2006/09/12 06:56:32 | 000,075,264 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM) Intel(R)
SRV - [2006/09/12 06:56:20 | 000,188,416 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) Intel(R)
SRV - [2006/09/04 01:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 14:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) Intel(R) Viiv(TM)
SRV - [2006/05/11 00:13:52 | 000,029,696 | R--- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/01/13 16:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 16:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 16:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 16:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/01/13 16:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/07/10 05:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/06 11:56:34 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2009/10/06 11:56:32 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009/10/06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/09/23 16:10:06 | 000,207,280 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/09/10 14:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/07/27 20:44:57 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/05/07 09:55:22 | 000,767,488 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2005/12/13 01:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_PH&c=74&bd=Pavilion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.drp.su/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-msgr"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-msgr"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:8.6.7.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: fbdislike@doweb.fr:1.2.3
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: {916ab64c-bc3e-471b-8e60-29551922a7ba}:1.300.367
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {0329E7D6-6F54-462D-93F6-F5C3118BADF2}:2.2.4
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {98e34367-8df7-42b4-837b-20b892ff0849}:1.7
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/12/09 14:24:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/08 16:03:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/27 09:35:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2010/12/12 22:56:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2010/12/12 22:56:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0849}: C:\ProgramData\iWin Games\firefox [2011/02/24 23:57:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/23 13:02:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/23 13:02:00 | 000,000,000 | ---D | M]
 
[2008/12/30 20:36:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\† **** †\AppData\Roaming\Mozilla\Extensions
[2011/05/29 12:12:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\† **** †\AppData\Roaming\Mozilla\Firefox\Profiles\q1dio9k3.default\extensions
[2010/04/28 10:17:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\† **** †\AppData\Roaming\Mozilla\Firefox\Profiles\q1dio9k3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/29 00:45:56 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\† **** †\AppData\Roaming\Mozilla\Firefox\Profiles\q1dio9k3.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/05/25 23:55:51 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\† **** †\AppData\Roaming\Mozilla\Firefox\Profiles\q1dio9k3.default\extensions\fbdislike@doweb.fr
[2010/03/21 21:00:19 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\† **** †\AppData\Roaming\Mozilla\Firefox\Profiles\q1dio9k3.default\extensions\illimitux@illimitux.net
[2011/03/27 15:22:40 | 000,000,000 | ---D | M] (Personas) -- C:\Users\† **** †\AppData\Roaming\Mozilla\Firefox\Profiles\q1dio9k3.default\extensions\personas@christopher.beard
[2010/05/13 00:10:56 | 000,000,000 | ---D | M] (Veoh Video Compass) -- C:\Users\† **** †\AppData\Roaming\Mozilla\Firefox\Profiles\q1dio9k3.default\extensions\searchrecs@veoh.com
[2011/05/23 13:02:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/03 22:16:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/02/25 14:47:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- 
File not found (No name found) -- C:\USERS\€  **** € \APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1DIO9K3.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\USERS\€  **** € \APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Q1DIO9K3.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD
[2011/04/15 00:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/12/31 00:33:17 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010/01/01 16:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
 
O1 HOSTS File: ([2011/05/29 13:22:28 | 000,000,098 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {A1056498-D09A-41E4-864B-505EDD640D9E} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [ProcessTamer] C:\Program Files\ProcessTamer\ProcessTamerTray.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [RockMelt Update] C:\Users\† **** †\AppData\Local\RockMelt\Update\RockMeltUpdate.exe (RockMelt Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\† **** †\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\† **** †\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/01 11:00:36 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/05/29 15:59:11 | 000,000,000 | ---D | C] -- C:\Users\† **** †\Desktop\gmer
[2011/05/29 13:34:02 | 000,000,000 | ---D | C] -- C:\Users\† **** †\Desktop\New Folder (2)
[2011/05/29 12:12:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/29 11:42:47 | 000,000,000 | ---D | C] -- C:\Desktop
[2011/05/28 21:45:36 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\† **** †\Desktop\aswMBR.exe
[2011/05/28 21:12:06 | 000,000,000 | ---D | C] -- C:\Users\† **** †\AppData\Local\temp
[2011/05/28 21:00:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/28 20:32:24 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/28 20:32:24 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/28 20:32:24 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/28 20:32:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/28 20:32:01 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/05/28 20:28:34 | 004,296,757 | R--- | C] (Swearware) -- C:\Users\† **** †\Desktop\ComboFix.exe
[2011/05/28 20:24:28 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\† **** †\Desktop\OTL.exe
[2011/05/28 19:53:24 | 000,000,000 | ---D | C] -- C:\Users\† **** †\AppData\Local\Apple
[2011/05/27 18:00:12 | 000,000,000 | ---D | C] -- C:\Users\† **** †\AppData\Local\Adobe
[2011/05/27 17:55:36 | 000,000,000 | ---D | C] -- C:\Users\† **** †\Desktop\bartpe
[2011/05/23 13:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/05/22 23:09:11 | 000,000,000 | ---D | C] -- C:\Users\† **** †\AppData\Local\ElevatedDiagnostics
[2011/05/19 20:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ATS
[2011/05/16 22:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Matrix Storage Manager
[2011/05/04 23:36:05 | 000,000,000 | ---D | C] -- C:\Users\† **** †\oni
[2011/05/04 23:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CosmicBreak_eng
[2011/05/04 23:34:14 | 000,000,000 | ---D | C] -- C:\CyberStep
[2011/05/04 15:34:40 | 000,000,000 | ---D | C] -- C:\Users\† **** †\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
[2011/05/04 15:34:30 | 000,000,000 | ---D | C] -- C:\Users\† **** †\AppData\Roaming\WindSolutions
[2011/05/04 15:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2049/12/31 16:00:00 | 000,021,387 | ---- | M] () -- C:\Users\† **** †\Documents\title.jpg
[2049/12/31 16:00:00 | 000,018,370 | ---- | M] () -- C:\Users\† **** †\Documents\poe1.jpg
[2049/12/31 16:00:00 | 000,005,987 | ---- | M] () -- C:\Users\† **** †\Documents\tale1.jpg
[2011/05/29 15:52:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/29 15:26:35 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/29 15:26:35 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/29 15:02:24 | 000,165,676 | ---- | M] () -- C:\Users\† **** †\Desktop\qwert.jpg
[2011/05/29 13:30:59 | 000,037,493 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/05/29 13:30:59 | 000,037,493 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/05/29 13:26:46 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1ca5a13c7ed8130.job
[2011/05/29 13:26:46 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011/05/29 13:26:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/29 13:26:30 | 2682,769,408 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/29 13:22:28 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/05/29 12:07:45 | 000,132,597 | ---- | M] () -- C:\Users\† **** †\Desktop\Flash_Disinfector.exe
[2011/05/29 11:59:34 | 000,000,396 | ---- | M] () -- C:\Users\† **** †\Desktop\Desktop.lnk
[2011/05/29 11:56:43 | 000,000,021 | ---- | M] () -- C:\Config.ini
[2011/05/29 11:47:02 | 000,092,672 | ---- | M] () -- C:\Users\† **** †\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/28 21:50:05 | 000,000,512 | ---- | M] () -- C:\Users\† **** †\Desktop\MBR.dat
[2011/05/28 21:45:44 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\† **** †\Desktop\aswMBR.exe
[2011/05/28 20:29:23 | 004,296,757 | R--- | M] (Swearware) -- C:\Users\† **** †\Desktop\ComboFix.exe
[2011/05/28 20:24:44 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\† **** †\Desktop\OTL.exe
[2011/05/27 18:00:15 | 000,000,004 | ---- | M] () -- C:\VERSION.CFG
[2011/05/27 08:34:07 | 000,001,985 | ---- | M] () -- C:\Users\† **** †\Desktop\RockMelt.lnk
[2011/05/27 08:34:07 | 000,001,947 | ---- | M] () -- C:\Users\† **** †\Application Data\Microsoft\Internet Explorer\Quick Launch\RockMelt.lnk
[2011/05/25 18:53:00 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/05/23 13:02:10 | 000,000,832 | ---- | M] () -- C:\Users\† **** †\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/23 13:02:10 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/19 20:53:01 | 000,617,086 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/19 20:53:01 | 000,111,660 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/18 07:01:18 | 000,000,905 | ---- | M] () -- C:\Users\† **** †\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/18 06:59:48 | 000,000,438 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011/05/17 13:41:39 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/05/17 13:41:39 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/05/17 13:41:19 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/05/04 23:35:34 | 000,000,758 | ---- | M] () -- C:\Users\Public\Desktop\Cosmic Break.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/05/29 15:02:23 | 000,165,676 | ---- | C] () -- C:\Users\† **** †\Desktop\qwert.jpg
[2011/05/29 12:07:42 | 000,132,597 | ---- | C] () -- C:\Users\† **** †\Desktop\Flash_Disinfector.exe
[2011/05/29 11:59:34 | 000,000,396 | ---- | C] () -- C:\Users\† **** †\Desktop\Desktop.lnk
[2011/05/28 21:50:05 | 000,000,512 | ---- | C] () -- C:\Users\† **** †\Desktop\MBR.dat
[2011/05/28 20:32:24 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/28 20:32:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/28 20:32:24 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/28 20:32:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/28 20:32:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/23 13:02:10 | 000,000,820 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/17 13:41:19 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/05/04 23:35:34 | 000,000,758 | ---- | C] () -- C:\Users\Public\Desktop\Cosmic Break.lnk
[2010/11/19 22:49:34 | 000,037,493 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/11/19 22:49:32 | 000,037,493 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/10/30 16:44:47 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1504.dll
[2010/03/30 13:55:27 | 000,000,046 | ---- | C] () -- C:\Windows\System32\DonationCoder_processtamer_InstallInfo.dat
[2010/03/30 13:55:27 | 000,000,046 | ---- | C] () -- C:\Users\† **** †\AppData\Local\DonationCoder_processtamer_InstallInfo.dat
[2010/03/14 00:46:49 | 000,001,025 | ---- | C] () -- C:\Windows\wininit.ini
[2010/03/11 15:54:56 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010/03/11 15:54:56 | 000,763,832 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/03/08 16:02:57 | 000,023,090 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009/09/11 18:50:43 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/11 18:50:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/04 08:12:54 | 000,026,340 | ---- | C] () -- C:\Users\† **** †\AppData\Roaming\UserTile.png
[2009/08/16 22:45:35 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/07/01 16:30:54 | 000,008,620 | ---- | C] () -- C:\Users\† **** †\AppData\Local\d3d9caps.dat
[2009/05/26 23:29:29 | 000,164,978 | ---- | C] () -- C:\Windows\hpqins00.dat
[2009/05/10 16:45:15 | 000,008,553 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2009/05/03 13:53:45 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/01/14 15:09:40 | 000,000,003 | ---- | C] () -- C:\ProgramData\NOD.dll
[2009/01/06 15:54:53 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009/01/03 19:56:46 | 000,137,623 | ---- | C] () -- C:\Windows\HPHins15.dat
[2009/01/02 23:32:13 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/02 11:00:59 | 000,092,672 | ---- | C] () -- C:\Users\† **** †\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/02 09:51:43 | 000,000,552 | ---- | C] () -- C:\Users\† **** †\AppData\Local\d3d8caps.dat
[2009/01/01 10:52:01 | 000,000,004 | ---- | C] () -- C:\Windows\System32\XPerWin.dll
[2009/01/01 10:51:57 | 000,000,037 | ---- | C] () -- C:\Windows\System32\xsystem.dll
[2007/08/01 10:52:09 | 000,107,026 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/08/01 10:27:33 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2007/08/01 10:25:07 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/08/01 10:25:07 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007/06/07 16:56:07 | 000,002,828 | ---- | C] () -- C:\Windows\hphmdl15.dat
[2007/05/14 20:28:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/14 14:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 14:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 20:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 20:47:37 | 000,506,608 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 20:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 18:33:01 | 000,617,086 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 18:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 18:33:01 | 000,111,660 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 18:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 18:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 16:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 16:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 15:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 15:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/24 01:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2005/12/08 15:19:22 | 000,061,440 | ---- | C] () -- C:\Windows\System32\EGamesPlugin.dll
[2005/12/08 15:19:22 | 000,036,864 | ---- | C] () -- C:\Windows\System32\EGameEncrypt.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/11/20 21:30:24 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\2K Sports
[2010/06/23 22:04:56 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Autodesk
[2009/03/28 16:11:01 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Boolat Games
[2009/07/27 21:35:51 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\DAEMON Tools Lite
[2010/03/30 13:55:28 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\DonationCoder
[2010/03/10 20:46:43 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Facebook
[2010/07/28 21:07:58 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\FreeFLVConverter
[2010/05/03 21:04:34 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\freshgames
[2009/01/26 07:10:19 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\GameHouse
[2010/04/04 20:57:04 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\GlarySoft
[2011/04/10 09:21:59 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Hotdog Hotshot
[2009/02/12 22:12:40 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Image Zone Express
[2010/11/07 15:24:34 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\InterTrust
[2010/04/24 00:23:14 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\LimeWire
[2008/12/30 17:34:41 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\MRTalk
[2009/03/01 08:56:37 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Nexon
[2010/08/26 17:49:13 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Nokia
[2011/04/14 03:13:15 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Opera
[2009/08/25 20:40:22 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\PC Suite
[2009/09/04 08:12:53 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\PeerNetworking
[2010/05/04 09:51:02 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\PlayFirst
[2009/02/12 22:12:39 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Printer Info Cache
[2011/03/22 01:40:44 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Publish Providers
[2011/03/18 20:07:24 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Rovio
[2011/03/22 01:50:35 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Sony
[2011/05/29 15:56:10 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\uTorrent
[2008/12/31 18:35:25 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\WinBatch
[2011/05/04 16:05:59 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\WindSolutions
[2009/05/03 14:37:54 | 000,000,000 | ---D | M] -- C:\Users\† **** †\AppData\Roaming\Zen of Sudoku
[2011/05/29 13:26:46 | 000,000,324 | ---- | M] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2011/05/29 13:25:04 | 000,032,624 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:DDEB08FD
@Alternate Data Stream - 305 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:9547F1DB
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:B557E3E7
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:B0E38115
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:A18121AD
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:04BB186B
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3F6BE44B
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A5264343
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:8511DA13
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:84512B49
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5BDD0820
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:DA3C6C07
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:A9662AE0
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:ADF211B1

< End of report >