OTL logfile created on: 6/7/2012 12:57:21 AM - Run 1
OTL by OldTimer - Version 3.2.46.2     Folder = C:\Users\Jfarelas\Downloads
64bit-Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 45.45% Memory free
8.00 Gb Paging File | 4.77 Gb Available in Paging File | 59.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 324.40 Gb Free Space | 71.92% Space Free | Partition Type: NTFS
 
Computer Name: JFARELAS-PC | User Name: Jfarelas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/06/07 00:57:04 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Jfarelas\Downloads\OTL.exe
PRC - [2012/06/06 11:06:18 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/05/08 00:31:08 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Jfarelas\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/04/29 11:57:24 | 000,932,736 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
PRC - [2012/04/29 11:57:23 | 001,116,544 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2012/02/15 10:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/06 12:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/03/25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2009/12/29 16:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/11/13 16:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/06/06 11:06:17 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/05/12 04:13:17 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/05/12 03:55:43 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/05/12 03:37:07 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/12 03:36:59 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\59a5af8e3ea07f7980e0476d2da234cd\System.Web.Services.ni.dll
MOD - [2012/05/12 03:36:40 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07f019692c382d588d3c6cb2da2a9ec5\PresentationFramework.ni.dll
MOD - [2012/05/12 03:36:24 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012/05/12 03:36:18 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012/05/12 03:36:15 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2d1fd350e9bc62ce659e5cbcfd555796\PresentationCore.ni.dll
MOD - [2012/05/12 03:36:00 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/12 03:35:47 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/12 03:35:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/12 03:35:31 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/12 03:35:16 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/05 08:04:07 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/04/29 11:57:24 | 000,130,944 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\SiteSafety.dll
MOD - [2012/04/29 11:57:23 | 001,116,544 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/11/13 16:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/11/13 16:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/11/13 16:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/11/13 16:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/11/13 16:15:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2009/11/13 16:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009/10/15 03:10:28 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011/11/17 01:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:[b]64bit:[/b] - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010/11/20 08:27:23 | 000,476,160 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:[b]64bit:[/b] - [2010/11/20 08:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:[b]64bit:[/b] - [2010/11/20 08:26:39 | 000,569,344 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:[b]64bit:[/b] - [2010/11/20 08:25:49 | 000,080,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:[b]64bit:[/b] - [2010/06/29 12:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:[b]64bit:[/b] - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/13 20:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:[b]64bit:[/b] - [2009/07/13 20:41:11 | 000,156,672 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:[b]64bit:[/b] - [2009/07/13 20:39:41 | 000,014,336 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:[b]64bit:[/b] - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:[b]64bit:[/b] - [2007/05/03 03:49:48 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbtcoms.exe -- (lxbt_device)
SRV - [2012/06/06 11:06:18 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/05/22 22:35:24 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012/05/05 08:04:07 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/04/29 11:57:24 | 000,932,736 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- (vToolbarUpdater11.0.2)
SRV - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/10 08:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/06/07 09:08:00 | 004,825,776 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010/04/09 19:57:08 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/04/09 19:46:21 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/13 20:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 15:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/05/03 03:48:52 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxbtcoms.exe -- (lxbt_device)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:[b]64bit:[/b] - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:[b]64bit:[/b] - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:[b]64bit:[/b] - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:[b]64bit:[/b] - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:[b]64bit:[/b] - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:[b]64bit:[/b] - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:[b]64bit:[/b] - [2011/11/28 21:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2011/09/28 00:12:00 | 000,182,872 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:[b]64bit:[/b] - [2011/09/28 00:12:00 | 000,107,096 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:[b]64bit:[/b] - [2011/09/28 00:12:00 | 000,097,368 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:[b]64bit:[/b] - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:[b]64bit:[/b] - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/11/20 04:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:[b]64bit:[/b] - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2010/02/25 18:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2010/02/17 13:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:[b]64bit:[/b] - [2010/02/17 13:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:[b]64bit:[/b] - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 20:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:[b]64bit:[/b] - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/13 18:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:[b]64bit:[/b] - [2009/06/10 15:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:[b]64bit:[/b] - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/06/04 21:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/05/26 07:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:[b]64bit:[/b] - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2009/04/08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/05/11 23:24:58 | 000,050,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\koramgame\STOnline\avital\wyqku64.sys -- (uqk)
DRV - [2012/04/15 17:58:18 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/12/30 07:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0E63A738-CFC5-44B1-8187-CED0C8ABFC4D}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0E63A738-CFC5-44B1-8187-CED0C8ABFC4D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2418376
IE - HKLM\..\SearchScopes\{E9C1531F-6396-405E-91A3-C7E6260BBC9E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=BDT3&ocid=bdtdhp
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {2FD59BD9-496D-43F8-9121-9E4CEEE174BB}
IE - HKCU\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolbarhome.com/search.aspx?q={searchTerms}&srch=dsp
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111373&babsrc=SP_ss&mntrId=52d33c9000000000000000ff19829ea8
IE - HKCU\..\SearchScopes\{2FD59BD9-496D-43F8-9121-9E4CEEE174BB}: "URL" = http://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{8EA94DB3-7D8A-42FF-BFF7-5005AE386A83}: "URL" = http://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true& user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={F6308F09-BF48-4FF4-8AFE-1A4033273669}&mid=ed7698e7205156e13536869fbf2f9808-09bed38f6f2e11028f85dd63c0f77b8bff1d4295&lang=en&ds=AVG&pr=fr&d=2012-04-19 02:11:51&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2418376
IE - HKCU\..\SearchScopes\{B93A2DEA-4568-406F-83EF-5FFC71D8FACD}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=685749&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [String data over 1000 bytes]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=127.0.0.1:9050
 
[color=#E56717]========== FireFox ==========[/color]
 
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NxGame: C:\ProgramData\Nexon\NGM\npNxGame.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\npDisplayEngine: C:\Program Files (x86)\LivingPlay Games\nplplaypop.dll File not found
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jfarelas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Jfarelas\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files (x86)\OpinionSquare
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011/08/23 01:53:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/05/29 09:03:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.0.0.9\ [2012/04/29 11:57:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/07 19:37:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/04 08:42:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/06 11:06:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/12 00:02:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/06 11:06:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/12 00:02:29 | 000,000,000 | ---D | M]
 
[2011/02/19 02:10:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jfarelas\AppData\Roaming\Mozilla\Extensions
[2011/02/19 02:10:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jfarelas\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2012/04/17 20:38:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jfarelas\AppData\Roaming\Mozilla\Firefox\Profiles\klvv2ehc.default\extensions
[2012/04/17 20:38:45 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Jfarelas\AppData\Roaming\Mozilla\Firefox\Profiles\klvv2ehc.default\extensions\ffxtlbr@babylon.com
[2012/03/25 12:26:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jfarelas\AppData\Roaming\Mozilla\Firefox\Profiles\klvv2ehc.default\extensions\staged
[2012/05/13 19:24:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jfarelas\AppData\Roaming\Mozilla\Firefox\Profiles\sgjxpb9b.default\extensions
[2012/04/30 12:26:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/31 15:23:22 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/06/06 11:06:18 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/05 14:51:37 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/12 21:40:57 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/04/20 20:18:25 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/20 20:18:25 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jfarelas\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jfarelas\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jfarelas\AppData\Local\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: AhnLab Online Security (Enabled) = C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll
CHR - plugin: AhnLab Online Security Anti-keylogger (Enabled) = C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonEU\NGM\npNxGameeu.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\Nexon\NGM\npNxGame.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Jfarelas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Jfarelas\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Jfarelas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: OGPlanet Game Plugin (Enabled) = C:\Windows\system32\npOGPPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: Entanglement = C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: AOL Lifestream = C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnabicdoplelkdcpdiodoodgdebaolcn\1.0.0.5_0\
CHR - Extension: AdBlock = C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.30_0\
CHR - Extension: AVG Safe Search = C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: Skype Click to Call = C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Poppit = C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Jfarelas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2012/04/19 01:37:36 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:[b]64bit:[/b] - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:[b]64bit:[/b] - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:[b]64bit:[/b] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jfarelas\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [LXBTCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\LXBTtime.DLL ()
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jfarelas\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Jfarelas\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [FlashGet 3] C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe (Trend Media Corporation Limited)
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Jfarelas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O4 - Startup: C:\Users\Jfarelas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:[b]64bit:[/b] - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O9:[b]64bit:[/b] - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - Reg Error: Value error. File not found
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16:[b]64bit:[/b] - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} https://platform.nexon.com/activex/ahnlab/aosmgr.cab (Aosmgr Control)
O16 - DPF: {0D8004AA-A1CB-4F92-BBEB-0A824B1EE2A2} http://ws.nopp.co.kr/Game/Common/HGLauncher.cab (HGLauncher Control)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://d1ylr6sba64qi3.cloudfront.net/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54DAE659-3733-41D7-A1AB-9628E6A64F76}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1E5918D-296B-48BD-92FD-B4B9653DB506}: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\viprotocol - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll ()
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) -  File not found
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/06/07 00:46:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/06/07 00:46:50 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/06/06 14:39:03 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{71D820C1-925E-47E7-8F50-39E8B671D688}
[2012/06/06 02:38:26 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{092610F6-1F2B-459D-A766-4979F5B0346F}
[2012/06/05 14:37:50 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{6AF2E6FF-FF4F-4403-BFB5-7D3FC8014B53}
[2012/06/05 02:37:14 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{BEB2DB6B-FEA3-4E71-B5E7-3A6C35D735BC}
[2012/06/05 02:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ActivePresenter
[2012/06/05 02:18:41 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\Documents\ActivePresenter
[2012/06/05 02:15:24 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Roaming\ActivePresenter
[2012/06/05 02:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePresenter
[2012/06/05 02:15:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATOMI
[2012/06/04 14:36:38 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{F8792848-E99F-4198-8156-911F26117FD9}
[2012/06/04 14:36:15 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{8CF08B7E-3901-4ABA-B079-8770256A4543}
[2012/06/01 23:37:01 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{52190482-4EF8-493E-B2EE-3BDF7B852BD9}
[2012/06/01 11:36:25 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{189A5844-CF7C-4BBD-953D-E35B7E4EDBC6}
[2012/05/31 23:35:48 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{6B954DF5-6F6D-4993-A986-C45AB1F2D045}
[2012/05/31 11:35:12 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{A66EC326-F778-4578-9CA3-0C497D705D8B}
[2012/05/30 23:34:37 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{C23CED9B-2698-4B95-8AC8-256A9CD74101}
[2012/05/30 23:34:14 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{5EEECD08-319C-4094-B2A4-AD504B8648EF}
[2012/05/30 11:33:49 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{DEB1D29D-DC38-496B-9312-29371698663B}
[2012/05/29 23:33:13 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{99E81964-443D-40F0-B92F-802651B00559}
[2012/05/29 11:32:37 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{E0E878E0-4D68-422D-85E9-73251292B42A}
[2012/05/29 09:03:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/05/28 23:32:01 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{2C35C83E-9D37-471C-8F37-952C9F9A95A0}
[2012/05/28 11:31:35 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{F5499DB7-E977-42D3-A99F-B3E29658B35D}
[2012/05/28 11:31:12 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{0B34E010-9EB1-414D-A79D-EC280DC9E40F}
[2012/05/27 10:42:02 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\Desktop\GMSMultipleMaplesV1.10c
[2012/05/27 00:14:28 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{5CE92C9D-E30F-4A2F-B34A-46B9C89B9512}
[2012/05/26 12:13:52 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{36735765-409E-4864-AEA6-0C15B0861980}
[2012/05/26 00:13:17 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{058E7D71-AB2C-4E03-AC3C-D489FC11ACF6}
[2012/05/25 12:12:41 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{6BBF92EF-A51A-43A8-87D0-B6A30F854DB2}
[2012/05/25 12:12:19 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{517926A8-4E16-40B2-9087-213396ACFE15}
[2012/05/25 00:11:53 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{916E1D77-B819-4437-9E2D-2FA0BEE7BACA}
[2012/05/25 00:11:42 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{D58744F2-9BCD-49AF-B02E-B2076250EC60}
[2012/05/24 19:37:08 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\Desktop\MapleStory
[2012/05/24 12:10:56 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{8E9F16AB-214E-4D7B-BA69-B5ED85E7E46A}
[2012/05/24 12:10:45 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{7A0C6C71-E7CC-489E-B0B6-12FF98E4BE15}
[2012/05/24 12:10:34 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{A4D2BABD-130D-4C91-99FB-368C4C96B44D}
[2012/05/24 00:09:59 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{1F3A4A5E-4883-449C-BFD8-A21ECD293073}
[2012/05/23 12:09:21 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{A22781F7-3F9B-4DDD-B909-B0F0F2F4667F}
[2012/05/23 00:08:43 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{41AF81D1-C665-413C-AB30-FC3E3A55C42D}
[2012/05/22 19:28:51 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Roaming\Unity
[2012/05/22 12:08:07 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{DFAE591B-827A-4E9D-A640-6F60BE2776D5}
[2012/05/22 00:07:31 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{0C0D609B-3186-4B12-ACF5-F9A1D783E6D9}
[2012/05/22 00:07:16 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{E857EED4-9F70-4941-B875-D4728033BC70}
[2012/05/20 02:32:12 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{E26020CC-4742-4756-9702-9C7D3E8CF760}
[2012/05/19 03:28:21 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{EF402122-C6B3-405D-85D2-E8E4BE98F231}
[2012/05/19 03:27:58 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{4880D5C7-9620-4EC6-9638-397FC4CBC18C}
[2012/05/17 21:44:17 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012/05/16 15:26:09 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{E7B60EC6-6133-4001-BD9D-F8FF7B7C771B}
[2012/05/16 01:18:45 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{55DBEE05-E53F-4BB2-B053-6E979E05DDAC}
[2012/05/14 23:40:16 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{0E47E3C6-A301-46E8-8421-8682EB8DB688}
[2012/05/14 23:39:54 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{55F5B13D-B8FE-4D84-99D1-4BCAD7579D53}
[2012/05/14 13:59:16 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\Documents\Diablo III
[2012/05/14 13:19:55 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{08869591-C6B0-4376-836C-B5DB8B272796}
[2012/05/14 12:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012/05/14 12:22:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III
[2012/05/14 12:14:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2012/05/14 10:59:36 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{61A830ED-5045-4206-A1C5-5CFC898ECFD7}
[2012/05/13 18:52:34 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{5A8E2F91-CFB5-4ED2-9B9A-1F855B8103AE}
[2012/05/13 06:52:08 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{2A2BCC17-C12B-487E-B86C-977D753FF7C5}
[2012/05/12 18:51:27 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{6E4A8C14-48F3-489C-A02B-86865D2459B2}
[2012/05/12 18:51:00 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{7C206B3B-08DC-45D2-9CE5-6DC8EF860AEA}
[2012/05/12 03:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/12 03:21:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/12 01:23:06 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{1E68DC1C-0F21-42E1-BC69-51E7D2C519FF}
[2012/05/11 23:08:46 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Roaming\KlLauncherST
[2012/05/11 23:08:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\koramgame
[2012/05/11 23:06:07 | 000,000,000 | ---D | C] -- C:\koramgame
[2012/05/11 13:22:29 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{772415C6-57DC-45E7-9F05-C0E417E4FC2A}
[2012/05/11 13:22:07 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{F10ADD36-9B8A-4B87-AE6C-95B3C18F153A}
[2012/05/10 12:58:16 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{05AA807E-1181-4927-B509-B1B2F3DF93C8}
[2012/05/10 12:57:53 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{F6706E7F-5EDC-45D7-A161-C0F73AE1DE62}
[2012/05/10 00:57:28 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{7B97FE63-C0C1-4851-973A-3228D9EE6837}
[2012/05/10 00:57:06 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{E758538D-98CE-43EC-A0B3-282BA2B4093C}
[2012/05/09 19:50:47 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{5F54F0B7-7930-4E56-A7C7-D3C774BD6701}
[2012/05/08 17:57:08 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\Desktop\GMSMultipleMaplesV1.092
[2012/05/08 17:56:56 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\Desktop\GMSMultipleMaplesV1.09
[2012/05/08 17:16:09 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{68A4A460-FCEE-4B5C-BF65-E60EEF6574C8}
[2012/05/08 17:15:47 | 000,000,000 | ---D | C] -- C:\Users\Jfarelas\AppData\Local\{5D1F36A8-FC8D-4775-9A1D-E69C1DAC98E8}
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/06/07 00:46:50 | 000,002,991 | ---- | M] () -- C:\Users\Jfarelas\Desktop\HiJackThis.lnk
[2012/06/07 00:43:02 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3195389507-3672305450-632222044-1000UA.job
[2012/06/07 00:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/06 18:41:56 | 099,900,957 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/06/06 09:43:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3195389507-3672305450-632222044-1000Core.job
[2012/06/05 19:05:59 | 000,001,274 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2012/06/05 19:05:58 | 000,001,247 | ---- | M] () -- C:\Users\Jfarelas\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
[2012/06/05 19:05:58 | 000,001,223 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/06/05 15:01:19 | 012,674,048 | ---- | M] () -- C:\Users\Jfarelas\Desktop\Maple Abroad.avi.approj
[2012/06/05 02:15:12 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\Active Presenter.lnk
[2012/06/05 02:15:12 | 000,002,141 | ---- | M] () -- C:\Users\Jfarelas\Application Data\Microsoft\Internet Explorer\Quick Launch\ActivePresenter.lnk
[2012/06/02 21:31:34 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2012/05/31 23:14:06 | 000,000,989 | ---- | M] () -- C:\Users\Jfarelas\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/05/31 23:14:06 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/05/30 20:07:25 | 000,001,605 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms.lnk
[2012/05/29 18:41:21 | 000,499,171 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/05/29 09:03:39 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/05/27 10:43:21 | 000,001,031 | ---- | M] () -- C:\Users\Jfarelas\Desktop\Launcher - Shortcut.lnk
[2012/05/26 08:22:20 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/26 08:22:20 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/25 11:27:01 | 000,000,248 | ---- | M] () -- C:\Windows\SysWow64\secustat.dat
[2012/05/25 11:25:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/25 11:25:32 | 3220,426,752 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/14 12:23:15 | 000,001,191 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012/05/12 03:30:50 | 004,903,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/12 03:09:03 | 000,784,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/12 03:09:03 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/12 03:09:03 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/11 23:08:42 | 000,001,604 | ---- | M] () -- C:\Users\Public\Desktop\Spirit Tales.lnk
[2012/05/10 15:26:32 | 000,000,204 | ---- | M] () -- C:\Users\Public\Desktop\MapleStory.url
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/06/07 00:46:50 | 000,002,991 | ---- | C] () -- C:\Users\Jfarelas\Desktop\HiJackThis.lnk
[2012/06/05 19:05:58 | 000,001,247 | ---- | C] () -- C:\Users\Jfarelas\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
[2012/06/05 19:05:58 | 000,001,223 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/06/05 15:01:18 | 012,674,048 | ---- | C] () -- C:\Users\Jfarelas\Desktop\Maple Abroad.avi.approj
[2012/06/05 02:15:12 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\Active Presenter.lnk
[2012/06/05 02:15:12 | 000,002,141 | ---- | C] () -- C:\Users\Jfarelas\Application Data\Microsoft\Internet Explorer\Quick Launch\ActivePresenter.lnk
[2012/06/02 21:30:15 | 003,756,544 | ---- | C] () -- C:\Users\Jfarelas\Desktop\Paint.NET.3.5.10.Install.exe
[2012/05/31 23:14:06 | 000,000,989 | ---- | C] () -- C:\Users\Jfarelas\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/05/31 23:14:06 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/05/30 20:07:25 | 000,001,605 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms.lnk
[2012/05/27 10:43:21 | 000,001,031 | ---- | C] () -- C:\Users\Jfarelas\Desktop\Launcher - Shortcut.lnk
[2012/05/14 12:22:52 | 000,001,191 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012/05/11 23:08:42 | 000,001,604 | ---- | C] () -- C:\Users\Public\Desktop\Spirit Tales.lnk
[2012/04/19 01:16:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/04/19 01:16:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/04/19 01:16:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/04/19 01:16:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/04/19 01:16:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/03/28 19:41:01 | 000,000,248 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2012/03/28 19:27:45 | 000,000,305 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2012/03/28 18:57:58 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2012/03/17 17:28:36 | 000,086,394 | ---- | C] () -- C:\Users\Jfarelas\AppData\Roaming\terrain.png
[2012/03/17 17:28:36 | 000,011,771 | ---- | C] () -- C:\Users\Jfarelas\AppData\Roaming\particles.png
[2012/03/17 17:28:36 | 000,006,667 | ---- | C] () -- C:\Users\Jfarelas\AppData\Roaming\color.properties
[2012/03/17 17:28:36 | 000,004,733 | ---- | C] () -- C:\Users\Jfarelas\AppData\Roaming\pack.png
[2011/06/30 15:20:51 | 000,772,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/10 23:05:03 | 000,003,584 | ---- | C] () -- C:\Users\Jfarelas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/29 15:02:09 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtserv.dll
[2011/03/29 15:02:09 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtusb1.dll
[2011/03/29 15:02:09 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbthbn3.dll
[2011/03/29 15:02:09 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtcomc.dll
[2011/03/29 15:02:09 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtpmui.dll
[2011/03/29 15:02:09 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtlmpm.dll
[2011/03/29 15:02:09 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtcoms.exe
[2011/03/29 15:02:09 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtcomm.dll
[2011/03/29 15:02:09 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtinpa.dll
[2011/03/29 15:02:09 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtiesc.dll
[2011/03/29 15:02:09 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtih.exe
[2011/03/29 15:02:09 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxbtcomx.dll
[2011/03/29 15:02:09 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtcfg.exe
[2011/03/29 15:02:09 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxbtinst.dll
[2011/03/29 15:02:09 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtppls.exe
[2011/03/29 15:02:09 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtprox.dll
[2011/03/29 15:02:09 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbtpplc.dll
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/03/04 13:09:11 | 000,007,597 | ---- | C] () -- C:\Users\Jfarelas\AppData\Local\Resmon.ResmonCfg
[2010/11/26 14:22:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/19 18:33:25 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/09/16 01:50:53 | 000,001,032 | ---- | C] () -- C:\Users\Jfarelas\AppData\Roaming\wklnhst.dat
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/08/20 23:15:03 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/04/14 23:28:28 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\.minecraft
[2010/08/08 14:05:48 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\acccore
[2011/11/26 15:30:32 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\achievement
[2011/01/12 23:41:31 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Acreon
[2012/06/05 23:32:39 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\ActivePresenter
[2012/02/01 23:25:18 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\anim
[2011/11/26 15:30:32 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\armor
[2012/04/16 23:40:57 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Avant Downloader
[2012/04/19 02:11:03 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\AVG2012
[2012/04/17 20:38:42 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Babylon
[2012/05/25 11:27:01 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\BITS
[2012/06/05 19:01:58 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\BitTorrent
[2011/11/13 23:32:53 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\CoreFTP
[2012/01/29 21:37:42 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\environment
[2012/01/02 15:22:03 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\EurekaLog
[2012/06/02 13:44:50 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\FileZilla
[2012/03/28 19:41:01 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\FlashGet
[2012/03/28 18:57:42 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\FlashGetBHO
[2012/03/28 18:57:45 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\FlashgetSetup
[2012/02/10 22:49:25 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Foxit Software
[2012/02/01 18:41:04 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\gui
[2012/06/05 19:06:01 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\IObit
[2011/11/26 15:30:32 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\item
[2012/05/11 23:08:46 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\KlLauncherST
[2012/01/28 23:07:01 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\LolClient
[2012/02/24 21:22:16 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\misc
[2012/02/26 16:36:30 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\mob
[2011/03/24 22:29:29 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\NeopleLauncherDFO
[2010/08/09 14:35:27 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\OpenOffice.org
[2012/04/17 00:41:29 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Opera
[2011/06/30 15:01:45 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Publish Providers
[2011/06/04 14:46:35 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\RoboForm
[2012/01/07 22:21:27 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\S.A.D
[2010/09/21 07:49:57 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Sony
[2012/04/15 17:56:29 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\SystemRequirementsLab
[2011/03/01 10:07:57 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\TeamViewer
[2011/02/24 02:33:10 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Template
[2012/03/04 20:06:30 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\terrain
[2012/05/22 19:28:51 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Unity
[2010/10/21 14:55:12 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\Windows Live Writer
[2012/03/04 20:06:38 | 000,000,000 | ---D | M] -- C:\Users\Jfarelas\AppData\Roaming\__MACOSX
[2012/06/06 09:43:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3195389507-3672305450-632222044-1000Core.job
[2012/06/07 00:43:02 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3195389507-3672305450-632222044-1000UA.job
[2011/08/16 20:10:56 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86

< End of report >