OTL logfile created on: 11/09/2011 16:29:16 - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Derek\Desktop\Downloads 64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 4.00 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 21.26% Memory free 8.00 Gb Paging File | 4.67 Gb Available in Paging File | 58.38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148.95 Gb Total Space | 23.39 Gb Free Space | 15.71% Space Free | Partition Type: NTFS Drive D: | 1863.01 Gb Total Space | 902.93 Gb Free Space | 48.47% Space Free | Partition Type: NTFS Computer Name: HOME-PC | User Name: Derek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/09/11 16:29:00 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Derek\Desktop\Downloads\OTL.exe PRC - [2011/09/07 20:47:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011/08/30 20:19:48 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe PRC - [2011/08/04 14:25:20 | 001,839,448 | ---- | M] (Crystal Rich Ltd) -- C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe PRC - [2011/08/03 12:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/06/14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2011/06/03 15:00:04 | 001,123,584 | ---- | M] () -- C:\Program Files (x86)\Full Uninstall\FullUninstallAgent.exe PRC - [2011/05/08 14:31:44 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe PRC - [2011/04/06 13:01:06 | 004,326,472 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oasrv.exe PRC - [2011/04/06 13:01:06 | 002,477,032 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oaui.exe PRC - [2011/04/06 13:01:04 | 001,165,336 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oahlp.exe PRC - [2011/04/06 13:01:04 | 000,381,512 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oacat.exe PRC - [2010/03/24 16:26:02 | 000,243,544 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe PRC - [2008/10/13 12:22:10 | 000,960,376 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2008/10/13 12:16:50 | 000,165,144 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2008/10/13 12:00:16 | 004,344,472 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2008/09/25 14:54:04 | 002,040,456 | ---- | M] (CyberScrub LLC) -- C:\Program Files (x86)\CyberScrub Privacy Suite\CSRiskMon.exe PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/09/07 20:47:57 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2011/08/30 20:19:48 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe MOD - [2011/08/15 12:39:28 | 000,077,312 | ---- | M] () -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\icr9qrym.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko6.dll MOD - [2011/08/12 07:50:12 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011/06/03 15:00:04 | 001,123,584 | ---- | M] () -- C:\Program Files (x86)\Full Uninstall\FullUninstallAgent.exe MOD - [2009/06/17 11:40:16 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2009/06/17 11:40:16 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2009/06/17 11:40:16 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2009/02/14 05:04:38 | 000,756,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011/08/18 07:41:39 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:[b]64bit:[/b] - [2011/06/24 22:44:21 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2011/06/17 08:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV:[b]64bit:[/b] - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2010/01/21 01:53:42 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) SRV:[b]64bit:[/b] - [2010/01/21 01:53:42 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV:[b]64bit:[/b] - [2009/10/23 19:44:42 | 002,430,304 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper) SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009/07/14 02:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr) SRV - [2011/08/04 14:25:22 | 000,551,352 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\USB Safely Remove\USBSRService.exe -- (USBSafelyRemoveService) SRV - [2011/08/03 12:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/07/06 16:32:56 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint) SRV - [2011/07/06 16:32:50 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2011/06/24 22:41:32 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/06/08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011/04/06 13:01:06 | 004,326,472 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\oasrv.exe -- (SvcOnlineArmor) SRV - [2011/04/06 13:01:04 | 000,381,512 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\OAcat.exe -- (OAcat) SRV - [2010/11/08 12:04:20 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/10/13 12:18:16 | 000,743,192 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) SRV - [2007/01/11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011/07/29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:[b]64bit:[/b] - [2011/07/29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:[b]64bit:[/b] - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV:[b]64bit:[/b] - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV:[b]64bit:[/b] - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2011/07/06 16:33:18 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV:[b]64bit:[/b] - [2011/05/18 10:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2011/05/18 10:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2011/05/18 10:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:[b]64bit:[/b] - [2011/05/18 10:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:[b]64bit:[/b] - [2011/05/18 10:09:48 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:[b]64bit:[/b] - [2011/05/18 10:09:48 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:[b]64bit:[/b] - [2011/05/08 18:26:09 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011/05/08 14:56:46 | 001,580,576 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm147.sys -- (tdrpman147) Acronis Try&Decide and Restore Points filter (build 147) DRV:[b]64bit:[/b] - [2011/05/08 14:56:41 | 000,880,160 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter) DRV:[b]64bit:[/b] - [2011/05/08 14:56:41 | 000,083,488 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter) DRV:[b]64bit:[/b] - [2011/05/08 14:56:38 | 000,237,600 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380) DRV:[b]64bit:[/b] - [2011/05/08 14:41:35 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011/04/30 12:59:32 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:[b]64bit:[/b] - [2011/04/30 12:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:[b]64bit:[/b] - [2011/04/30 12:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:[b]64bit:[/b] - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2011/04/06 13:01:30 | 000,032,920 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OAnet.sys -- (OAnet) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011/01/26 08:29:08 | 000,024,664 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FarMntIo.sys -- (FARMNTIO) DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/11/20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2010/11/06 22:24:34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter) DRV:[b]64bit:[/b] - [2010/10/28 10:16:24 | 004,716,608 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2010/09/17 15:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV:[b]64bit:[/b] - [2010/09/17 15:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr) DRV:[b]64bit:[/b] - [2010/08/12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/06/10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV:[b]64bit:[/b] - [2008/04/04 14:47:40 | 000,178,560 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiH8000.sys -- (SaiH8000) DRV:[b]64bit:[/b] - [2008/02/06 03:00:00 | 000,054,480 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2007/05/09 21:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64) DRV:[b]64bit:[/b] - [2007/05/09 21:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI) DRV:[b]64bit:[/b] - [2007/05/09 21:46:36 | 000,016,032 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64) DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2011/04/06 13:02:26 | 000,055,088 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\oahlp64.sys -- (oahlpXX) DRV - [2011/04/06 13:01:30 | 000,059,176 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\OADriver.sys -- (OADevice) DRV - [2011/04/06 13:01:30 | 000,038,064 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\OAmon.sys -- (OAmon) DRV - [2010/09/17 15:40:06 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 35 86 54 D3 5D CC 01 [binary data] IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Windows\system32\C2MP\npdivx32.dll File not found FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc;version=0.8.6d: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\Firefox [2011/07/15 14:37:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/07/16 12:41:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/07 20:47:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/08/11 08:08:34 | 000,000,000 | ---D | M] [2011/05/08 12:33:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Derek\AppData\Roaming\Mozilla\Extensions [2011/09/04 11:53:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\icr9qrym.default\extensions [2011/05/08 17:17:16 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\icr9qrym.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011/08/19 08:00:09 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\icr9qrym.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/08/18 07:42:29 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\icr9qrym.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2011/05/08 14:53:02 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\icr9qrym.default\extensions\en-GB@dictionaries.addons.mozilla.org [2010/09/28 22:39:14 | 000,002,333 | ---- | M] () -- C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\icr9qrym.default\searchplugins\askcom.xml [2011/05/08 12:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions () (No name found) -- C:\USERS\DEREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICR9QRYM.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI () (No name found) -- C:\USERS\DEREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICR9QRYM.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\DEREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICR9QRYM.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI () (No name found) -- C:\USERS\DEREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICR9QRYM.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI () (No name found) -- C:\USERS\DEREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICR9QRYM.DEFAULT\EXTENSIONS\AUTOPAGER@MOZILLA.ORG.XPI () (No name found) -- C:\USERS\DEREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICR9QRYM.DEFAULT\EXTENSIONS\NOIAFOXOPTION@DAVIDVINCENT.TLD.XPI () (No name found) -- C:\USERS\DEREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ICR9QRYM.DEFAULT\EXTENSIONS\TOGGLEPERSONA@DAVIDVINCENT.TLD.XPI [2011/09/07 20:47:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010/01/01 09:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml [2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010/01/01 09:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml [2010/01/01 09:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml [2010/01/01 09:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml O1 HOSTS File: ([2011/05/08 22:01:05 | 000,001,906 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 nero.com O1 - Hosts: 127.0.0.1 www.nero.com O1 - Hosts: 127.0.0.1 my.nero.com O1 - Hosts: 127.0.0.1 support.nero.com O1 - Hosts: 127.0.0.1 registernero.com O1 - Hosts: 127.0.0.1 www.registernero.com O1 - Hosts: 127.0.0.1 www.nero.com/rus/index.html O1 - Hosts: 127.0.0.1 www.nero.com/enu/support-nero8.html O1 - Hosts: 127.0.0.1 secure.nero.com/us/secure.asp O1 - Hosts: 127.0.0.1 www.nero.com/rus/support.html O1 - Hosts: 127.0.0.1 www.nero.com/rus/support-customer-service-product-registration.html O1 - Hosts: 127.0.0.1 www.nero.com/rus/store-upgrade-center.html O1 - Hosts: 127.0.0.1 www.nero.com/rus/store-volume-licensing.html O1 - Hosts: 127.0.0.1 www.nero.com/eng/privacy.html O1 - Hosts: 127.0.0.1 www.nero.com/eng/support.html?NeroSID=392cba06859c3dcd87b47525e97a3b80 O1 - Hosts: 127.0.0.1 www.nero.com/eng/support-customer-service-product-registration.html?NeroSID=392cba06859c3dcd87b47525e97a3b80 O1 - Hosts: 127.0.0.1 www.nero.com/eng/index.html O1 - Hosts: 127.0.0.1 www.nero.com/eng/store-upgrade-center.html?NeroSID=392cba06859c3dcd87b47525e97a3b80 O1 - Hosts: 127.0.0.1 www.nero.com/eng/store-upgrade-center.html?sa=X?oi=smap?resnum=1?ct=result?cd=6?usg=AFQjCNFRzc_q0umeKlIj7pPYNNBYCFbXkg O1 - Hosts: 127.0.0.1 activation@nero.com O1 - Hosts: 127.0.0.1 legal@nero.com O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files (x86)\Online Armor\oaui.exe (Emsi Software GmbH) O4:[b]64bit:[/b] - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4:[b]64bit:[/b] - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe (Microsoft Corp.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [EPSON Stylus Photo R285 Series] File not found O4 - HKCU..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC) O4 - HKCU..\Run: [Privacy Suite RiskMonitor] C:\Program Files (x86)\CyberScrub Privacy Suite\Launch.exe () O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKCU..\Run: [USB Safely Remove] C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe (Crystal Rich Ltd) O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe () O4 - Startup: C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Socialbox.lnk = File not found O4 - Startup: C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Users\Derek\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:[b]64bit:[/b] - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Derek\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Free YouTube Download - C:\Users\Derek\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Derek\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42EE4F58-B03D-433A-B8F2-484F76BFE17F}: DhcpNameServer = 192.168.1.254 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/09/07 23:26:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011/09/07 20:58:14 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\com.socialbox.socialbox [2011/09/05 19:43:13 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\OnlineArmor [2011/09/05 19:43:13 | 000,000,000 | ---D | C] -- C:\ProgramData\OnlineArmor [2011/09/05 19:42:48 | 000,038,064 | ---- | C] (Emsisoft) -- C:\Windows\SysWow64\drivers\OAmon.sys [2011/09/05 19:42:48 | 000,032,920 | ---- | C] (Emsisoft) -- C:\Windows\SysNative\drivers\OAnet.sys [2011/09/05 19:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Armor [2011/09/05 19:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Online Armor [2011/08/30 22:46:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lenovo [2011/08/30 22:37:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011/08/30 22:37:42 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011/08/30 22:37:05 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2011/08/30 22:37:05 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011/08/30 22:37:05 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011/08/30 22:37:05 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011/08/30 22:37:05 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011/08/30 22:37:04 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll [2011/08/30 22:37:03 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll [2011/08/30 22:37:03 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll [2011/08/30 22:37:03 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2011/08/30 22:37:01 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011/08/30 22:37:01 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011/08/30 22:37:01 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011/08/30 22:37:01 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011/08/30 22:37:01 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011/08/30 22:37:01 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011/08/30 22:37:00 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2011/08/30 22:37:00 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2011/08/30 22:37:00 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2011/08/30 22:37:00 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2011/08/30 22:37:00 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2011/08/30 22:37:00 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2011/08/30 22:37:00 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2011/08/30 22:36:59 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2011/08/30 22:36:59 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll [2011/08/30 22:36:59 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2011/08/30 22:36:59 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011/08/30 22:36:57 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2011/08/30 22:36:57 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2011/08/30 22:36:57 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2011/08/30 22:36:57 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2011/08/30 22:36:57 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2011/08/30 22:36:57 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2011/08/30 22:36:57 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2011/08/30 22:36:57 | 000,527,872 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll [2011/08/30 22:36:57 | 000,515,584 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll [2011/08/30 22:36:57 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2011/08/30 22:36:57 | 000,439,808 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll [2011/08/30 22:36:57 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2011/08/30 22:36:57 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2011/08/30 22:36:57 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2011/08/30 22:36:57 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2011/08/30 22:36:57 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2011/08/30 22:36:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011/08/30 22:36:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011/08/30 22:30:42 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Local\Logishrd [2011/08/30 22:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2011/08/30 22:13:48 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011/08/30 22:13:48 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011/08/30 22:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2011/08/30 20:23:57 | 001,882,104 | ---- | C] (Codejock Software) -- C:\Windows\SysWow64\Codejock.Controls.v15.0.1.ocx [2011/08/30 20:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Magician [2011/08/30 20:23:56 | 000,526,184 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\SysWow64\XceedCry.dll [2011/08/30 20:23:56 | 000,456,536 | ---- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\SysWow64\XCEEDZIP.DLL [2011/08/30 20:23:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Magician [2011/08/30 20:19:55 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1 [2011/08/30 20:19:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZooskMessenger [2011/08/30 07:31:35 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\Digiarty [2011/08/30 07:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty [2011/08/30 07:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digiarty [2011/08/27 17:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KRyLack Burning Suite [2011/08/27 17:46:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KRyLack Burning Suite [2011/08/27 17:46:00 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\KRyLack Burning Suite [2011/08/27 14:37:40 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 [2011/08/27 14:37:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2 [2011/08/27 14:37:26 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll [2011/08/27 14:37:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins [2011/08/27 14:37:23 | 000,000,000 | ---D | C] -- C:\Users\Derek\Documents\Image-Line [2011/08/27 14:37:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line [2011/08/27 14:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim [2011/08/27 14:35:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter [2011/08/27 14:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free M4a to MP3 Converter [2011/08/27 14:33:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line [2011/08/26 18:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SeriousBit [2011/08/26 18:26:44 | 000,041,256 | ---- | C] (SeriousBit) -- C:\Windows\SysNative\drivers\nbdrv.sys [2011/08/26 18:26:42 | 000,000,000 | ---D | C] -- C:\Program Files\NetBalancer [2011/08/24 17:54:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia [2011/08/22 21:55:10 | 000,000,000 | ---D | C] -- C:\Users\Derek\Desktop\Nero - Welcome Reality [2011/08/22 20:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster [2011/08/22 20:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2011/08/22 20:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2011/08/18 19:40:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle [2011/08/17 22:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Partition Master 9.0.0 Professional Edition [2011/08/17 22:57:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EASEUS [2011/08/17 21:14:00 | 000,000,000 | ---D | C] -- C:\Users\Derek\Desktop\Radio 1's Live Lounge The Best Of 2cds 2011 [2011/08/16 20:58:09 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\DivX [2011/08/14 13:10:59 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Local\MediaMonkey [2011/08/14 13:10:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaMonkey [2011/08/13 21:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel [2011/08/13 21:02:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hard Disk Sentinel [2011/08/13 07:57:04 | 000,000,000 | ---D | C] -- C:\Users\Derek\AppData\Roaming\ChemTable Software [2011/07/03 22:48:42 | 000,147,456 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2010/02/04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/09/11 16:30:58 | 000,013,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/09/11 16:30:58 | 000,013,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/09/11 16:24:42 | 000,733,820 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/09/11 16:24:42 | 000,633,028 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/09/11 16:24:42 | 000,112,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/09/11 15:29:53 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync [2011/09/11 11:33:46 | 000,001,043 | ---- | M] () -- C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2011/09/11 11:31:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/09/11 11:31:30 | 3220,873,216 | -HS- | M] () -- C:\hiberfil.sys [2011/09/09 20:11:11 | 128,594,502 | ---- | M] () -- C:\Users\Derek\Desktop\Foo Fighters - Arlandria (Live) NEW.mp4 [2011/09/07 20:58:17 | 000,000,993 | ---- | M] () -- C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Socialbox.lnk [2011/09/07 20:13:44 | 000,044,322 | -HS- | M] () -- C:\Users\Derek\Desktop\Folder.jpg [2011/09/07 20:13:44 | 000,009,656 | -HS- | M] () -- C:\Users\Derek\Desktop\AlbumArtSmall.jpg [2011/08/30 22:46:39 | 000,749,118 | ---- | M] () -- C:\Windows\SysNative\oem44.inf [2011/08/30 20:23:58 | 000,001,095 | ---- | M] () -- C:\Users\Derek\Desktop\Driver Magician.lnk [2011/08/30 07:31:25 | 000,001,605 | ---- | M] () -- C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk [2011/08/22 20:06:40 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk [2011/08/22 20:06:40 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk [2011/08/17 22:58:23 | 000,001,490 | ---- | M] () -- C:\Users\Public\Desktop\EASEUS Partition Master 9.0.0 Professional Edition.lnk [2011/08/16 23:50:11 | 000,010,340 | -HS- | M] () -- C:\Users\Derek\Desktop\AlbumArt_{2146FD54-21E5-405B-8F12-8AB9C7CFE92C}_Large.jpg [2011/08/16 23:50:11 | 000,002,701 | -HS- | M] () -- C:\Users\Derek\Desktop\AlbumArt_{2146FD54-21E5-405B-8F12-8AB9C7CFE92C}_Small.jpg [2011/08/16 19:59:01 | 000,201,728 | ---- | M] () -- C:\Users\Derek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/08/14 21:30:16 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2011/08/13 21:03:08 | 000,001,031 | ---- | M] () -- C:\Users\Derek\Application Data\Microsoft\Internet Explorer\Quick Launch\Hard Disk Sentinel.lnk [2011/08/13 21:03:08 | 000,001,007 | ---- | M] () -- C:\Users\Derek\Desktop\Hard Disk Sentinel.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/09/11 15:29:53 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync [2011/09/09 20:00:00 | 128,594,502 | ---- | C] () -- C:\Users\Derek\Desktop\Foo Fighters - Arlandria (Live) NEW.mp4 [2011/09/07 20:58:17 | 000,000,993 | ---- | C] () -- C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Socialbox.lnk [2011/09/07 18:11:47 | 000,696,832 | ---- | C] () -- C:\Windows\SysNative\xvidcore.dll [2011/09/07 18:11:47 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\xvidvfw.dll [2011/09/07 18:11:47 | 000,173,568 | ---- | C] () -- C:\Windows\SysNative\xvid.ax [2011/09/07 18:11:46 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011/09/07 18:11:46 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011/09/07 18:11:46 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\xvid.ax [2011/09/05 19:42:48 | 000,055,088 | ---- | C] () -- C:\Windows\SysWow64\drivers\oahlp64.sys [2011/09/05 19:42:47 | 000,059,176 | ---- | C] () -- C:\Windows\SysWow64\drivers\OADriver.sys [2011/08/30 22:46:44 | 000,749,118 | ---- | C] () -- C:\Windows\SysNative\oem44.inf [2011/08/30 20:23:58 | 000,001,095 | ---- | C] () -- C:\Users\Derek\Desktop\Driver Magician.lnk [2011/08/30 20:23:56 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin [2011/08/30 20:19:54 | 000,001,043 | ---- | C] () -- C:\Users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2011/08/30 20:19:51 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZooskMessenger.lnk [2011/08/30 07:31:25 | 000,001,605 | ---- | C] () -- C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk [2011/08/22 20:06:40 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk [2011/08/22 20:06:40 | 000,001,160 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk [2011/08/17 22:58:23 | 000,001,490 | ---- | C] () -- C:\Users\Public\Desktop\EASEUS Partition Master 9.0.0 Professional Edition.lnk [2011/08/17 22:58:17 | 003,320,192 | ---- | C] () -- C:\Windows\SysNative\BootMan.exe [2011/08/17 22:58:17 | 002,469,248 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe [2011/08/17 22:58:17 | 000,100,232 | ---- | C] () -- C:\Windows\SysNative\setupempdrvx64.exe [2011/08/17 22:58:17 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2011/08/17 22:58:17 | 000,016,776 | ---- | C] () -- C:\Windows\SysNative\epmntdrv.sys [2011/08/17 22:58:17 | 000,016,256 | ---- | C] () -- C:\Windows\SysNative\EuEpmGdi.dll [2011/08/17 22:58:17 | 000,009,096 | ---- | C] () -- C:\Windows\SysNative\EuGdiDrv.sys [2011/08/17 22:58:16 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe [2011/08/17 22:58:16 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2011/08/17 22:58:16 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2011/08/13 21:03:08 | 000,001,031 | ---- | C] () -- C:\Users\Derek\Application Data\Microsoft\Internet Explorer\Quick Launch\Hard Disk Sentinel.lnk [2011/08/13 21:03:08 | 000,001,007 | ---- | C] () -- C:\Users\Derek\Desktop\Hard Disk Sentinel.lnk [2011/08/03 22:49:08 | 000,007,597 | ---- | C] () -- C:\Users\Derek\AppData\Local\Resmon.ResmonCfg [2011/07/02 13:49:16 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll [2011/07/02 13:49:16 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll [2011/07/02 13:49:16 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll [2011/07/02 13:49:16 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll [2011/06/20 07:10:44 | 003,888,128 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll [2011/05/08 15:02:31 | 000,000,084 | ---- | C] () -- C:\Windows\csact.ini [2011/05/08 12:44:08 | 000,738,878 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/05/08 12:41:09 | 000,201,728 | ---- | C] () -- C:\Users\Derek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/01/04 17:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2009/08/27 20:04:44 | 000,557,003 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll [2009/08/27 20:04:32 | 000,811,835 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll [2009/08/27 20:03:52 | 004,456,201 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll [2009/08/25 19:07:36 | 000,328,334 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll [2009/08/25 18:38:04 | 000,425,040 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2009/08/25 17:37:02 | 000,146,098 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll [2009/08/11 21:21:26 | 000,087,552 | ---- | C] () -- C:\Windows\SysWow64\ac3config.exe [2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009/06/02 18:15:44 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2009/06/02 18:15:18 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll [2009/06/02 18:15:04 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2009/06/02 18:14:56 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2009/06/02 18:14:30 | 000,486,400 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll [2009/06/02 18:13:58 | 000,257,024 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2009/06/02 18:13:50 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2009/06/02 18:11:26 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2009/01/10 23:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2009/01/10 23:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2009/01/10 23:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\avi.dll [2009/01/10 23:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2009/01/10 23:16:04 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe [2009/01/10 23:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2009/01/10 23:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll [2009/01/10 23:15:36 | 000,103,424 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe [2009/01/10 23:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\avss.dll [2009/01/10 23:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2009/01/10 23:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\avs.dll [2009/01/10 23:15:06 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe [2009/01/10 23:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2009/01/10 23:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2007/10/13 10:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini [color=#E56717]========== LOP Check ==========[/color] [2011/05/08 22:32:59 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Acronis [2011/05/13 13:07:01 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Ashampoo [2011/08/05 22:59:44 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Audacity [2011/09/07 20:08:51 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\AVI ReComp [2011/07/29 18:58:41 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Azureus [2011/08/13 07:57:04 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\ChemTable Software [2011/09/07 20:58:14 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\com.socialbox.socialbox [2011/08/30 20:19:55 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1 [2011/05/08 16:34:30 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\CyberScrub [2011/05/08 14:40:51 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\DAEMON Tools Lite [2011/08/30 07:31:35 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Digiarty [2011/07/15 21:56:59 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\DVDVideoSoft [2011/05/08 17:17:15 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\DVDVideoSoftIEHelpers [2011/05/08 15:17:03 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Epson [2011/05/08 14:05:02 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Foxit Software [2011/08/27 17:48:02 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\KRyLack Burning Suite [2011/05/08 12:54:07 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Leadertech [2011/05/29 22:12:37 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Nokia [2011/05/29 22:12:38 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Nokia Ovi Suite [2011/09/05 19:43:33 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\OnlineArmor [2011/05/29 22:09:43 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\PC Suite [2011/06/07 19:25:41 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Smarty Uninstaller [2011/08/08 22:04:36 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\USBSafelyRemove [2011/09/11 16:34:19 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\uTorrent [2011/07/15 14:34:05 | 000,000,000 | ---D | M] -- C:\Users\Derek\AppData\Roaming\Win7codecs [2011/08/23 07:44:52 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:B4AF47A7 < End of report >