OTL logfile created on: 8/10/2011 6:31:54 PM - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\AKSHA\Desktop
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.87 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 77.55% Memory free
3.75 Gb Paging File | 3.41 Gb Available in Paging File | 91.08% Paging File free
Paging file location(s): g:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 21.29 Gb Free Space | 43.61% Space Free | Partition Type: NTFS
Drive D: | 43.95 Gb Total Space | 34.22 Gb Free Space | 77.87% Space Free | Partition Type: NTFS
Drive E: | 43.95 Gb Total Space | 42.11 Gb Free Space | 95.81% Space Free | Partition Type: NTFS
Drive F: | 96.15 Gb Total Space | 29.70 Gb Free Space | 30.88% Space Free | Partition Type: NTFS
Drive G: | 78.34 Gb Total Space | 75.99 Gb Free Space | 97.01% Space Free | Partition Type: NTFS
Drive H: | 70.71 Gb Total Space | 39.07 Gb Free Space | 55.26% Space Free | Partition Type: NTFS
Drive I: | 4.35 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: ARVIND | User Name: BOSS | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/08/10 18:05:23 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\AKSHA\Desktop\OTL(1).exe
PRC - [2011/02/25 11:00:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/08/10 18:05:23 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\AKSHA\Desktop\OTL(1).exe
MOD - [2010/11/20 17:25:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/08/04 19:53:29 | 000,177,784 | ---- | M] (Solid Documents, LLC) [Auto | Stopped] -- C:\Windows\Installer\MSI4583.tmp -- (SCPDFReadSpool)
SRV - [2011/07/24 13:32:26 | 000,339,336 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\tuEagles\EglSrv.exe -- (tuEaglesService)
SRV - [2011/06/21 19:58:36 | 008,155,648 | ---- | M] () [Disabled | Stopped] -- H:\Program Files\MySql\MySQL Server 5.5\bin\mysqld.exe -- (MySQL)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/05/16 15:28:24 | 000,321,288 | ---- | M] (SXR Software) [Auto | Stopped] -- C:\Program Files\SXR Software\StatWin\ExecStat.exe -- (SW Administration Service)
SRV - [2011/04/24 22:39:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/30 22:27:40 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/04/30 20:17:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Stopped] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2009/12/12 04:22:52 | 001,078,632 | ---- | M] (Blue Coat Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (bckwfs)
SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/07/24 13:32:28 | 000,066,952 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\tuEagles\egldrv.sys -- (egldrv)
DRV - [2011/04/14 21:28:30 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 18:59:38 | 000,032,672 | ---- | M] (IObit Information Technology) [File_System | Auto | Stopped] -- C:\Program Files\IObit\Protected Folder\pffilter.sys -- (PfFilter)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/19 17:47:12 | 000,022,504 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011/01/07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/20 18:00:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 18:00:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 18:00:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 15:54:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 15:51:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 15:29:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 14:44:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 14:44:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/08/25 14:45:28 | 000,395,464 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2010/08/25 14:45:28 | 000,056,208 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2010/08/25 14:45:28 | 000,037,080 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\UimBus.sys -- (UimBus)
DRV - [2010/07/15 08:44:20 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2010/07/15 08:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/06/23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/01/11 14:30:32 | 000,164,992 | ---- | M] (Etron) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ETdrv.sys -- (usbet)
DRV - [2009/12/12 04:22:52 | 000,074,088 | ---- | M] (Blue Coat Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\bckd.sys -- (bckd)
DRV - [2009/10/26 16:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008/09/26 12:30:54 | 000,651,264 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2008/07/22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/06/03 06:22:56 | 003,695,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/04/24 11:33:46 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mgmt.sys -- (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/24 11:33:46 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125obex.sys -- (s125obex)
DRV - [2007/04/24 11:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007/04/24 11:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007/04/24 11:33:34 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)
DRV - [2005/02/28 09:49:24 | 000,034,064 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Invoker.sys -- (Invoker)
DRV - [2005/02/28 09:49:24 | 000,033,148 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlexBios.sys -- (FlexBios)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://in.yahoo.com/?fr=fp-spt_gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://in.yahoo.com/?fr=fp-spt_gen
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.co.in/"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/08/09 15:40:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/24 08:28:03 | 000,000,000 | ---D | M]
 
[2011/07/02 08:05:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/01 17:19:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/07/02 08:05:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011/08/09 15:40:00 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/06/24 08:28:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 13:30:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
 
O1 HOSTS File: ([2011/07/24 14:09:59 | 000,436,154 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	123fporn.info
O1 - Hosts: 15009 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ES] C:\Program Files\SXR Software\StatWin\ExecStat.exe (SXR Software)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Windows\System32\config\RegBack\DEFAULT ()
O4 - Startup: C:\Windows\System32\config\RegBack\DEFAULT.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\DEFAULT.LOG2 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SAM ()
O4 - Startup: C:\Windows\System32\config\RegBack\SAM.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SAM.LOG2 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SECURITY ()
O4 - Startup: C:\Windows\System32\config\RegBack\SECURITY.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SECURITY.LOG2 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SOFTWARE ()
O4 - Startup: C:\Windows\System32\config\RegBack\SOFTWARE.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SOFTWARE.LOG2 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SYSTEM ()
O4 - Startup: C:\Windows\System32\config\RegBack\SYSTEM.LOG1 ()
O4 - Startup: C:\Windows\System32\config\RegBack\SYSTEM.LOG2 ()
O4 - Startup: C:\Windows\System32\config\systemprofile\AppData [2009/07/14 10:06:39 | 000,000,000 | --SD | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Desktop [2011/08/03 09:19:02 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Documents [2011/08/09 20:57:08 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\Favorites [2011/05/31 09:18:04 | 000,000,000 | R--D | M]
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1 ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat.LOG2 ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat{c955077b-3df8-11d8-b489-806e6f6e6963}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat{c955077b-3df8-11d8-b489-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\systemprofile\ntuser.dat{c955077b-3df8-11d8-b489-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{12fd7a21-c29a-11e0-af01-806e6f6e6963}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{12fd7a21-c29a-11e0-af01-806e6f6e6963}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{12fd7a21-c29a-11e0-af01-806e6f6e6963}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{12fd7a21-c29a-11e0-af01-806e6f6e6963}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{12fd7a22-c29a-11e0-af01-806e6f6e6963}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{12fd7a22-c29a-11e0-af01-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{12fd7a22-c29a-11e0-af01-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5b32f3fd-6cb4-11e0-b662-e7d54bd0b0d0}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5b32f3fd-6cb4-11e0-b662-e7d54bd0b0d0}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5b32f3fd-6cb4-11e0-b662-e7d54bd0b0d0}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5b32f3fd-6cb4-11e0-b662-e7d54bd0b0d0}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{5b32f3fe-6cb4-11e0-b662-e7d54bd0b0d0}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{5b32f3fe-6cb4-11e0-b662-e7d54bd0b0d0}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5b32f3fe-6cb4-11e0-b662-e7d54bd0b0d0}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5b32f3fe-6cb4-11e0-b662-e7d54bd0b0d0}.TMContainer00000000000000000003.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5c2a9bb5-604f-11e0-b492-001676a32b44}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5c2a9bb5-604f-11e0-b492-001676a32b44}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5c2a9bb5-604f-11e0-b492-001676a32b44}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5c2a9bb5-604f-11e0-b492-001676a32b44}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{5c2a9bb6-604f-11e0-b492-001676a32b44}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{5c2a9bb6-604f-11e0-b492-001676a32b44}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{5c2a9bb6-604f-11e0-b492-001676a32b44}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced300-6e01-11de-8bed-001e0bcd1824}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced300-6e01-11de-8bed-001e0bcd1824}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced300-6e01-11de-8bed-001e0bcd1824}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced300-6e01-11de-8bed-001e0bcd1824}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced301-6e01-11de-8bed-001e0bcd1824}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced301-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{6cced301-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{790f724b-add3-11e0-872b-806e6f6e6963}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{790f724b-add3-11e0-872b-806e6f6e6963}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{790f724b-add3-11e0-872b-806e6f6e6963}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{790f724b-add3-11e0-872b-806e6f6e6963}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{790f724c-add3-11e0-872b-806e6f6e6963}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{790f724c-add3-11e0-872b-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{790f724c-add3-11e0-872b-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{a99a23d3-e2f6-11df-80fa-001676a32b44}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{a99a23d3-e2f6-11df-80fa-001676a32b44}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{a99a23d3-e2f6-11df-80fa-001676a32b44}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{a99a23d3-e2f6-11df-80fa-001676a32b44}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{a99a23d4-e2f6-11df-80fa-001676a32b44}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{a99a23d4-e2f6-11df-80fa-001676a32b44}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{a99a23d4-e2f6-11df-80fa-001676a32b44}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{aaa61f47-e63c-11df-a475-001676a32b44}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{aaa61f47-e63c-11df-a475-001676a32b44}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{aaa61f47-e63c-11df-a475-001676a32b44}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{aaa61f47-e63c-11df-a475-001676a32b44}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{aaa61f48-e63c-11df-a475-001676a32b44}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{aaa61f48-e63c-11df-a475-001676a32b44}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{aaa61f48-e63c-11df-a475-001676a32b44}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{b9531efb-4709-11e0-896a-806e6f6e6963}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{b9531efb-4709-11e0-896a-806e6f6e6963}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{b9531efb-4709-11e0-896a-806e6f6e6963}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{b9531efb-4709-11e0-896a-806e6f6e6963}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{b9531efc-4709-11e0-896a-806e6f6e6963}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{b9531efc-4709-11e0-896a-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{b9531efc-4709-11e0-896a-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c241e9d3-e102-11df-86c6-001676a32b44}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c241e9d3-e102-11df-86c6-001676a32b44}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c241e9d3-e102-11df-86c6-001676a32b44}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c241e9d3-e102-11df-86c6-001676a32b44}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{c241e9d4-e102-11df-86c6-001676a32b44}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{c241e9d4-e102-11df-86c6-001676a32b44}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c241e9d4-e102-11df-86c6-001676a32b44}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c3374afb-4726-11e0-8419-806e6f6e6963}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c3374afb-4726-11e0-8419-806e6f6e6963}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c3374afb-4726-11e0-8419-806e6f6e6963}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c3374afb-4726-11e0-8419-806e6f6e6963}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{c3374afc-4726-11e0-8419-806e6f6e6963}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{c3374afc-4726-11e0-8419-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{c3374afc-4726-11e0-8419-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{e0cda7ee-1bcb-11e0-a175-b34a129917ce}.TxR.0.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{e0cda7ee-1bcb-11e0-a175-b34a129917ce}.TxR.1.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{e0cda7ee-1bcb-11e0-a175-b34a129917ce}.TxR.2.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{e0cda7ee-1bcb-11e0-a175-b34a129917ce}.TxR.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{e0cda7ef-1bcb-11e0-a175-b34a129917ce}.TM.blf ()
O4 - Startup: C:\Windows\System32\config\TxR\{e0cda7ef-1bcb-11e0-a175-b34a129917ce}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Windows\System32\config\TxR\{e0cda7ef-1bcb-11e0-a175-b34a129917ce}.TMContainer00000000000000000002.regtrans-ms ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.22.0.cab (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} http://www.intel.com/design/motherbd/boardid/BoardID.cab (BoardCtl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {A5BE62CA-DE0F-4764-A0CB-4044816DB174} - C:\Program Files\tuEagles\EagleObj.dll ()
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 03:12:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/08/10 17:31:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LocalAppData%
[2011/08/09 20:57:08 | 000,000,000 | R--D | C] -- C:\Windows\system32\config\systemprofile\Documents
[2011/08/04 19:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidDocuments
[2011/08/04 19:53:25 | 000,000,000 | ---D | C] -- C:\Program Files\SolidDocuments
[2011/08/04 19:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SolidDocuments
[2011/08/03 20:07:22 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/08/03 20:07:22 | 000,000,000 | -H-D | C] -- \$AVG
[2011/08/03 09:19:02 | 000,000,000 | R--D | C] -- C:\Windows\system32\config\systemprofile\Desktop
[2011/08/01 21:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
[2011/08/01 21:13:46 | 000,000,000 | ---D | C] -- C:\Program Files\Audiograbber
[2011/07/27 22:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
[2011/07/24 14:12:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Coat K9 Web Protection
[2011/07/24 14:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\Blue Coat K9 Web Protection
[2011/07/24 13:32:26 | 000,000,000 | RHSD | C] -- C:\Program Files\tuEagles
[2011/07/24 12:03:16 | 000,102,400 | ---- | C] (Info-ZIP) -- C:\Windows\System32\unzip3252.dll
[2011/07/24 12:03:11 | 000,081,920 | ---- | C] (Marco Bellinaso) -- C:\Windows\System32\MBMouse.ocx
[2011/07/24 12:03:11 | 000,000,000 | ---D | C] -- C:\Program Files\Hyperdyne Software
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/08/10 18:18:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/10 18:18:15 | 1507,995,648 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/10 18:16:14 | 127,503,612 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/08/10 18:14:24 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/08/10 18:12:23 | 000,000,433 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011/08/10 17:59:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/10 17:52:52 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/09 21:20:44 | 000,012,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/09 21:20:44 | 000,012,304 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/09 15:40:00 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/08/07 20:24:46 | 000,353,374 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/07 20:24:46 | 000,055,498 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/07 15:57:45 | 000,921,654 | ---- | M] () -- C:\Windows\snapshot.bmp
[2011/08/05 17:47:33 | 000,166,556 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011/08/04 19:53:29 | 000,002,685 | ---- | M] () -- C:\Users\Public\Desktop\Solid Converter PDF.lnk
[2011/08/03 21:37:25 | 000,410,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/08/01 21:13:50 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2011/07/27 22:45:37 | 000,000,232 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2011/07/24 14:12:06 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Blue Coat K9 Web Protection Admin.lnk
[2011/07/24 14:09:59 | 000,436,154 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/07/24 14:08:42 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/07/24 14:08:40 | 000,436,154 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110724-140959.backup
[2011/07/24 13:32:47 | 000,009,522 | ---- | M] () -- C:\Windows\Eleathe.bmp
[2011/07/24 13:23:13 | 000,000,830 | ---- | M] () -- C:\Users\Public\Desktop\Snitch.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/08/04 19:53:32 | 000,027,456 | ---- | C] () -- C:\Windows\System32\solidlocalmon.dll
[2011/08/04 19:53:32 | 000,018,752 | ---- | C] () -- C:\Windows\System32\solidlocalui.dll
[2011/08/04 19:53:29 | 000,002,685 | ---- | C] () -- C:\Users\Public\Desktop\Solid Converter PDF.lnk
[2011/08/01 21:13:50 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Audiograbber.lnk
[2011/07/27 22:45:37 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/07/24 14:12:06 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Blue Coat K9 Web Protection Admin.lnk
[2011/07/24 14:08:42 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/07/24 13:32:47 | 000,009,522 | ---- | C] () -- C:\Windows\Eleathe.bmp
[2011/07/24 12:03:16 | 000,667,648 | ---- | C] () -- C:\Windows\System32\FreeImage.dll
[2011/07/24 12:03:16 | 000,159,744 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/07/24 12:03:16 | 000,040,448 | ---- | C] () -- C:\Windows\System32\UNACE.DLL
[2011/07/24 12:03:11 | 000,053,248 | ---- | C] () -- C:\Windows\System32\IMAGEPLUSCONTROL_II.OCX
[2011/07/24 12:03:11 | 000,000,842 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snitch.lnk
[2011/07/24 12:03:11 | 000,000,830 | ---- | C] () -- C:\Users\Public\Desktop\Snitch.lnk
[2011/06/16 10:36:48 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/06/16 10:36:48 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/06/04 18:59:33 | 000,073,728 | ---- | C] () -- C:\Windows\System32\ETCoInst.dll
[2011/04/24 19:50:01 | 000,397,995 | RHS- | C] () -- \OEGVX
[2011/04/24 19:50:01 | 000,000,020 | RHS- | C] () -- \win7.ld
[2011/03/06 11:38:20 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/03/06 11:36:53 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/02/03 07:25:01 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011/02/03 07:25:00 | 002,336,384 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011/02/03 07:24:59 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011/02/03 07:24:59 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011/02/03 07:24:59 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011/01/29 13:42:21 | 000,015,312 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2011/01/02 18:49:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/13 20:19:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/14 10:27:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 10:03:53 | 000,410,680 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 07:35:48 | 000,353,374 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 07:35:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 07:35:48 | 000,055,498 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 07:35:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 07:35:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 07:34:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 07:34:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009/07/14 07:34:04 | 000,000,010 | ---- | C] () -- \config.sys
[2009/07/14 05:25:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 05:21:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 05:12:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/11 02:56:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008/06/03 03:35:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/06/03 03:02:02 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/04/28 21:09:10 | 000,172,033 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/03/06 00:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2004/01/03 19:56:23 | 1507,995,648 | -HS- | C] () -- \hiberfil.sys
[2004/01/03 19:51:11 | 000,008,192 | RHS- | C] () -- \BOOTSECT.BAK
[2004/01/03 19:51:09 | 000,383,786 | RHS- | C] () -- \bootmgr
[2004/01/03 07:16:47 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[1999/09/14 00:00:00 | 000,000,035 | ---- | C] () -- \mscrsv.syc
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/07/14 10:06:39 | 000,000,000 | --SD | M] -- C:\Windows\system32\config\systemprofile\AppData
[2011/08/03 09:19:02 | 000,000,000 | R--D | M] -- C:\Windows\system32\config\systemprofile\Desktop
[2011/08/09 20:57:08 | 000,000,000 | R--D | M] -- C:\Windows\system32\config\systemprofile\Documents
[2011/05/31 09:18:04 | 000,000,000 | R--D | M] -- C:\Windows\system32\config\systemprofile\Favorites
[2011/07/03 13:03:32 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 169 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:63238B95
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:F7F48F12
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:7631EA83
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >