OTL logfile created on: 15.07.2012 17:33:25 - Run 2
OTL by OldTimer - Version 3.2.54.0     Folder = C:\Users\administrator\Desktop
 Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
1,97 Gb Total Physical Memory | 0,87 Gb Available Physical Memory | 44,22% Memory free
3,93 Gb Paging File | 2,71 Gb Available in Paging File | 68,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,90 Gb Total Space | 37,06 Gb Free Space | 24,89% Space Free | Partition Type: NTFS
 
Computer Name: SUPPORT06 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012.07.15 14:09:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
PRC - [2012.06.14 16:33:54 | 001,288,104 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2012.06.14 16:33:48 | 004,431,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | -H-- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.26 03:32:02 | 001,029,480 | -H-- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
PRC - [2010.11.26 03:32:01 | 000,841,064 | -H-- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
PRC - [2010.11.26 03:31:59 | 005,236,072 | -H-- | M] (DisplayLink Corp.) -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
PRC - [2010.01.27 05:36:22 | 000,309,120 | -H-- | M] (SonicWALL Inc.) -- C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe
PRC - [2010.01.27 05:36:10 | 001,095,552 | -H-- | M] (SonicWALL Inc.) -- C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEGui.exe
PRC - [2009.11.04 17:45:32 | 000,360,448 | -H-- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.11.04 17:45:02 | 000,172,032 | -H-- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2008.11.05 07:00:00 | 000,199,680 | -H-- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFDE.EXE
PRC - [2007.12.17 05:00:00 | 000,143,872 | -H-- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007.01.11 05:02:00 | 000,113,664 | -H-- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012.02.20 21:29:04 | 000,087,912 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | -H-- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | -H-- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.03.17 01:11:16 | 004,297,568 | -H-- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.10.20 16:45:26 | 008,801,120 | -H-- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012.06.14 16:33:54 | 001,288,104 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2011.06.12 11:15:00 | 031,125,880 | -H-- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.11.26 03:31:59 | 005,236,072 | -H-- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV - [2010.05.18 11:56:09 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.01.27 05:36:22 | 000,309,120 | -H-- | M] (SonicWALL Inc.) [Auto | Running] -- C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe -- (SONICWALL_NetExtender)
SRV - [2010.01.15 14:49:20 | 000,227,232 | -H-- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.11.04 17:45:02 | 000,172,032 | -H-- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.17 05:00:00 | 000,143,872 | -H-- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007.11.07 09:58:18 | 003,004,416 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2007.02.22 19:39:44 | 002,808,664 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
SRV - [2007.01.11 05:02:00 | 000,113,664 | -H-- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2012.07.14 18:46:51 | 000,023,368 | ---- | M] (ESET) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\OlmarikFixer.sys -- (OlmarikFixer)
DRV - [2012.07.13 23:57:25 | 000,040,776 | -H-- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.06.14 16:34:08 | 000,050,664 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2012.06.14 16:34:04 | 000,149,568 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2012.06.14 16:34:04 | 000,033,696 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2012.06.14 16:33:52 | 000,121,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.06.14 16:33:28 | 000,171,168 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.11.26 03:32:26 | 000,179,312 | -H-- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dlkmd.sys -- (dlkmd)
DRV - [2010.11.26 03:32:26 | 000,013,936 | -H-- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV - [2010.11.26 02:31:56 | 000,021,888 | -H-- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DisplayLinkUsbPort_5.5.29055.0.sys -- (DisplayLinkUsbPort)
DRV - [2010.11.20 14:30:15 | 000,175,360 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.21 17:07:36 | 000,044,432 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2010.04.19 20:29:20 | 000,018,432 | -H-- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2009.11.04 18:16:46 | 005,079,040 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.10.21 20:27:36 | 000,022,600 | -H-- | M] (SonicWALL Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxDrv.sys -- (NxDrv)
DRV - [2009.06.05 20:12:34 | 000,219,352 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6232.sys -- (e1express) Intel(R)
DRV - [2009.02.23 23:55:34 | 000,020,504 | -H-- | M] (SonicWALL Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SSLDrv.sys -- (SSLDrv)
DRV - [2008.05.06 16:06:00 | 000,011,520 | -H-- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files\BittorrentBar_DE\prxtbBit0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4B 25 5C 9E 41 61 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files\BittorrentBar_DE\prxtbBit0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.07 13:40:40 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.07.12 16:23:50 | 000,000,000 | ---D | M]
 
[2009.11.19 15:12:43 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2012.05.02 21:19:32 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\zi7zp21g.default\extensions
[2012.05.07 13:40:40 | 000,000,000 | -H-D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2010.10.08 12:48:53 | 000,002,491 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: --GFA
O1 - Hosts: 10.170.3.46 		BHHWAPFLP
O1 - Hosts: 10.170.3.43			BHHWAPFLP1
O1 - Hosts: 10.170.3.42 		BHHWAPFLP2
O1 - Hosts: 10.170.3.242		gfadb
O1 - Hosts: 10.170.3.36			BHHWDBFLP1  
O1 - Hosts: 10.170.3.37			BHHWDBFLP2
O1 - Hosts: --UAL CHI
O1 - Hosts: 57.14.225.202 	FWZSTGSQL
O1 - Hosts: 57.14.225.210		VCHIPSTDB
O1 - Hosts: 161.215.226.32	FWZPRDSQL
O1 - Hosts: --MAS
O1 - Hosts: 172.16.250.48		FPDB
O1 - Hosts:    
O1 - Hosts: --BSD
O1 - Hosts: 172.29.246.161 	Homer01     
O1 - Hosts: 172.29.246.162 	Homer02
O1 - Hosts: 172.29.246.230	Homer
O1 - Hosts: 172.29.246.231	Homerdb     
O1 - Hosts: 172.29.246.163  TS01       
O1 - Hosts: 172.29.246.164  TS02       
O1 - Hosts: 172.29.246.165  TS03       
O1 - Hosts: 172.29.246.185	Maggie01   
O1 - Hosts: 172.29.246.186  Maggie02  
O1 - Hosts: 172.29.246.246  Maggiedb
O1 - Hosts: 56 more lines...
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files\BittorrentBar_DE\prxtbBit0.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (BittorrentBar_DE Toolbar) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - C:\Program Files\BittorrentBar_DE\prxtbBit0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BittorrentBar_DE Toolbar) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - C:\Program Files\BittorrentBar_DE\prxtbBit0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [SonicWALLNetExtender] C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEGui.exe (SonicWALL Inc.)
O4 - HKCU..\Run: [EPSON SX210 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFDE.EXE (SEIKO EPSON CORPORATION)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 1 = C:\bginfo\bginfo c:\bginfo\test.bgi /timer:0 /NOLICPROMPT
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = fwz-int.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DDE5B95-DB70-49D9-AC03-02FA7F4F2CA2}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7676209-9604-4888-8262-F45FBFFF494A}: DhcpNameServer = 213.162.69.169 213.162.65.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a2d1f999-370a-11e1-817a-001e4f92d725}\Shell - "" = AutoRun
O33 - MountPoints2\{a2d1f999-370a-11e1-817a-001e4f92d725}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012.07.15 17:28:41 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.07.15 14:45:06 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\administrator\Desktop\aswMBR.exe
[2012.07.15 14:10:24 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\administrator\Desktop\OTL.exe
[2012.07.14 15:00:05 | 000,023,368 | ---- | C] (ESET) -- C:\Windows\System32\drivers\OlmarikFixer.sys
[2012.07.14 09:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.07.14 09:21:23 | 000,000,000 | ---D | C] -- C:\Users\administrator\AppData\Roaming\SUPERAntiSpyware.com
[2012.07.14 09:21:22 | 000,000,000 | ---D | C] -- C:\Users\administrator\AppData\Local\Google
[2012.07.14 09:20:34 | 002,135,640 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\administrator\Desktop\iexplore.exe
[2012.07.13 23:57:12 | 000,040,776 | -H-- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.13 23:57:12 | 000,000,000 | -H-D | C] -- C:\Users\administrator\AppData\Roaming\Malwarebytes
[2012.07.13 23:56:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2012.07.13 23:48:52 | 000,000,000 | -H-D | C] -- C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Recovery
[2012.07.12 16:23:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012.07.12 16:23:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\ESET
[2012.07.12 16:23:27 | 000,000,000 | -H-D | C] -- C:\Program Files\ESET
[2012.06.16 18:34:03 | 000,000,000 | -H-D | C] -- C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tikkurila
[2012.06.16 18:33:49 | 000,000,000 | -H-D | C] -- C:\Program Files\Tikkurila
[2012.06.16 18:33:01 | 000,000,000 | -H-D | C] -- C:\Windows\Downloaded Installations
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012.07.15 17:38:34 | 000,015,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.15 17:38:34 | 000,015,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.15 17:31:33 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.15 17:31:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.15 17:31:03 | 1583,554,560 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.15 17:28:00 | 000,001,124 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-709158431-1206632991-1301536071-1739UA.job
[2012.07.15 17:19:00 | 000,001,114 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-709158431-1206632991-1301536071-1462UA.job
[2012.07.15 17:12:00 | 000,001,122 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-709158431-1206632991-1301536071-1707UA.job
[2012.07.15 16:42:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.15 14:44:52 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\administrator\Desktop\aswMBR.exe
[2012.07.15 14:09:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\administrator\Desktop\OTL.exe
[2012.07.15 13:28:00 | 000,001,072 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-709158431-1206632991-1301536071-1739Core.job
[2012.07.15 12:12:00 | 000,001,070 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-709158431-1206632991-1301536071-1707Core.job
[2012.07.15 08:19:00 | 000,001,062 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-709158431-1206632991-1301536071-1462Core.job
[2012.07.14 18:58:18 | 254,904,020 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.14 18:46:51 | 000,023,368 | ---- | M] (ESET) -- C:\Windows\System32\drivers\OlmarikFixer.sys
[2012.07.14 18:13:18 | 000,302,592 | ---- | M] () -- C:\Users\administrator\Desktop\dh2yr04b.exe
[2012.07.14 09:21:57 | 000,002,208 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.07.14 09:21:57 | 000,002,192 | ---- | M] () -- C:\Users\administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012.07.13 23:57:25 | 000,040,776 | -H-- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.13 23:48:52 | 000,000,686 | -H-- | M] () -- C:\Users\administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\File_Recovery.lnk
[2012.07.13 08:11:21 | 000,411,920 | -H-- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.09 12:48:10 | 002,135,640 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\administrator\Desktop\iexplore.exe
[2012.07.08 18:19:47 | 000,011,264 | -H-- | M] () -- C:\Users\administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 08:31:11 | 000,667,424 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.28 08:31:11 | 000,125,486 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.25 20:22:02 | 000,001,998 | -H-- | M] () -- C:\Users\administrator\Documents\Default.rdp
[2012.06.16 18:34:04 | 000,001,233 | -H-- | M] () -- C:\Users\administrator\Desktop\Tikkurilan Värisuunnitteluohjelma 2.5.lnk
[2012.06.16 18:32:35 | 041,642,054 | -H-- | M] () -- C:\Users\administrator\Desktop\tikkurila_vso_asennus.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012.07.14 18:13:29 | 000,302,592 | ---- | C] () -- C:\Users\administrator\Desktop\dh2yr04b.exe
[2012.07.14 09:37:37 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.14 09:21:57 | 000,002,208 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.07.14 09:21:57 | 000,002,192 | ---- | C] () -- C:\Users\administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012.07.14 09:21:26 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.13 23:48:52 | 000,000,686 | -H-- | C] () -- C:\Users\administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\File_Recovery.lnk
[2012.06.16 18:34:04 | 000,001,233 | -H-- | C] () -- C:\Users\administrator\Desktop\Tikkurilan Värisuunnitteluohjelma 2.5.lnk
[2012.06.16 18:32:13 | 041,642,054 | -H-- | C] () -- C:\Users\administrator\Desktop\tikkurila_vso_asennus.exe
[2012.04.26 12:49:49 | 000,000,866 | -H-- | C] () -- C:\Users\administrator\.recently-used.xbel
[2012.04.03 10:49:40 | 000,111,932 | -H-- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2012.04.03 10:49:40 | 000,031,053 | -H-- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012.04.03 10:49:40 | 000,027,417 | -H-- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012.04.03 10:49:40 | 000,026,154 | -H-- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2012.04.03 10:49:40 | 000,024,903 | -H-- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012.04.03 10:49:40 | 000,021,390 | -H-- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012.04.03 10:49:40 | 000,020,148 | -H-- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012.04.03 10:49:40 | 000,011,811 | -H-- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012.04.03 10:49:40 | 000,004,943 | -H-- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012.04.03 10:49:40 | 000,001,146 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2012.04.03 10:49:40 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012.04.03 10:49:40 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012.04.03 10:49:40 | 000,001,136 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012.04.03 10:49:40 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012.04.03 10:49:40 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012.04.03 10:49:40 | 000,001,120 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2012.04.03 10:49:40 | 000,001,107 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2012.04.03 10:49:40 | 000,001,104 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012.04.03 10:49:40 | 000,000,097 | -H-- | C] () -- C:\Windows\System32\PICSDK.ini
[2011.04.30 08:34:54 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.04.30 08:32:34 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.03.01 13:15:40 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.02.09 12:53:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\dlumd9.dll
[2011.02.09 12:53:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\dlumd11.dll
[2011.02.09 12:53:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\dlumd10.dll
[2010.12.24 08:01:28 | 000,000,037 | -H-- | C] () -- C:\Windows\OverFltMacro.ini
[2010.11.10 03:26:16 | 000,011,264 | -H-- | C] () -- C:\Users\administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.18 19:56:46 | 000,000,940 | RHS- | C] () -- C:\Users\administrator\ntuser.pol
[2009.11.18 19:26:27 | 000,008,949 | RHS- | C] () -- C:\ProgramData\ntuser.pol
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012.07.15 08:01:58 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\BitTorrent
[2012.01.05 16:01:01 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\BSplayer
[2012.01.05 12:08:51 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\BSplayer Pro
[2010.04.11 00:38:24 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\EleFun Games
[2012.05.20 14:29:37 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\ESET
[2011.10.31 09:15:07 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\Felix_Deimel
[2009.11.19 15:13:30 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\Foxit
[2010.11.09 21:09:53 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\IrfanView
[2010.04.12 01:34:39 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\Princess Isabella
[2010.04.11 02:04:42 | 000,000,000 | -H-D | M] -- C:\Users\administrator\AppData\Roaming\VampireSaga
[2012.06.22 20:44:38 | 000,032,608 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >