OTL logfile created on: 3/19/2013 12:10:04 PM - Run 4
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Shahid\Desktop\Monthly Cleanup
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 14.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 41.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 42.34 Gb Free Space | 33.08% Space Free | Partition Type: NTFS
 
Computer Name: SHAHID-PC | User Name: Shahid | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/03/10 20:22:07 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/03/06 08:36:52 | 000,093,984 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe
PRC - [2013/02/23 20:16:58 | 001,297,728 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/02/23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2013/02/19 22:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/02/18 19:53:55 | 001,151,152 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2013/02/18 19:53:54 | 000,968,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013/01/31 05:01:06 | 000,865,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/01/31 05:01:05 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/11 04:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/22 22:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/10/30 05:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 14:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 14:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/10/22 14:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/07/11 06:51:05 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/05/09 16:36:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Shahid\Desktop\Monthly Cleanup\OTL.exe
PRC - [2011/05/04 17:04:38 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/05/26 17:08:12 | 000,689,392 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe
PRC - [2009/11/11 16:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files\AirPort\APAgent.exe
PRC - [2009/03/23 10:47:10 | 003,458,376 | ---- | M] (Webshots.com) -- C:\Program Files\Webshots\3.1.5.7613\Webshots.scr
PRC - [2009/02/03 09:15:18 | 000,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/05/09 16:36:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Shahid\Desktop\Monthly Cleanup\OTL.exe
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2013/03/14 00:32:37 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/06 08:36:52 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/02/23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/02/19 22:32:08 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/18 19:53:54 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 17:04:38 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/05/26 17:08:12 | 000,689,392 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe -- (ServicepointService)
SRV - [2010/04/28 03:01:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/06 08:59:38 | 000,020,480 | ---- | M] (AG Interactive) [Disabled | Stopped] -- C:\Program Files\AGI\core\3.1\AGCoreService.exe -- (AGCoreService)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2013/03/19 10:05:56 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{29D6CCF9-6438-4B22-AADC-AF9A08E868D7}\MpKslfccae5d1.sys -- (MpKslfccae5d1)
DRV - [2013/02/19 22:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/02/18 19:53:56 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/01/20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/11/16 00:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 14:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 04:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/09/08 13:55:33 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/05/10 08:06:14 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/12/30 10:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 18:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2008/02/29 11:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.conduit.com?SearchSource=10&ctid=CT3227980
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.search.yahoo.com?type=937811&fr=spigot-yhp-ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/iat/us_ca.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 5D AB 19 2C 44 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {0cc09160-108c-4759-bab1-5c12c216e005} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {ad708c09-d51b-45b3-9d28-4eba2681febf} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Free YouTube Downloader DB Toolbar Toolbar\tbhelper.dll ()
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll (Yahoo! Inc.)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\7.0\ytdToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*;*.local
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/11 06:51:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013/02/18 19:54:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/11 06:51:55 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012/09/08 16:06:32 | 000,001,279 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: Wrote:127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\7.0\ytdToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Free YouTube Downloader DB Toolbar Toolbar\tbcore3.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - {0cc09160-108c-4759-bab1-5c12c216e005} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Free YouTube Downloader DB Toolbar Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Free YouTube Downloader DB Toolbar Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\7.0\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0CC09160-108C-4759-BAB1-5C12C216E005} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B2ED7FAF-72A0-46D1-9D9D-602226F5CB9F} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - Startup: C:\Users\Shahid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\3.1.5.7613\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/03/19 10:05:31 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Shahid\Desktop\tdsskiller.exe
[2013/03/14 22:31:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013/03/14 03:02:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/03/14 03:02:02 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/03/14 03:02:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/03/14 03:02:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/03/14 03:01:59 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/03/14 03:01:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/03/14 03:01:58 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/03/14 03:01:56 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/03/14 03:01:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/03/14 03:01:53 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/03/12 08:38:56 | 000,000,000 | ---D | C] -- C:\Users\Shahid\Desktop\Zain
[2013/03/11 21:24:11 | 000,000,000 | ---D | C] -- C:\Users\Shahid\AppData\Roaming\NVIDIA
[2013/03/11 19:25:11 | 000,000,000 | ---D | C] -- C:\Users\Shahid\Desktop\Karachi
[2013/03/09 23:58:36 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2013/03/09 23:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\YTD Toolbar
[2013/03/09 23:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2013/03/09 21:48:47 | 002,557,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2013/03/09 21:47:12 | 000,000,000 | ---D | C] -- C:\temp
[2013/03/09 17:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
[2013/03/09 17:51:33 | 000,000,000 | ---D | C] -- C:\Users\Shahid\AppData\Roaming\SearchProtect
[2013/03/09 17:50:17 | 000,000,000 | ---D | C] -- C:\Users\Shahid\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/03/09 17:49:01 | 000,000,000 | ---D | C] -- C:\Users\Shahid\AppData\Roaming\DVDVideoSoft
[2013/03/09 17:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013/03/09 17:48:58 | 000,000,000 | ---D | C] -- C:\Users\Shahid\AppData\Roaming\OpenCandy
[2013/03/09 17:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013/03/08 09:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/02/28 00:28:38 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2013/02/28 00:28:28 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/02/28 00:28:23 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/28 00:28:23 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/28 00:28:23 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/28 00:28:20 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013/02/28 00:28:19 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/28 00:28:19 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/28 00:28:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/28 00:28:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/28 00:28:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/28 00:28:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/28 00:28:18 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2013/02/28 00:28:18 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/02/28 00:28:18 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/02/28 00:28:18 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2013/02/28 00:28:18 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/02/28 00:28:18 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/02/28 00:28:17 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/02/28 00:28:17 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/02/28 00:28:17 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/02/28 00:28:16 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/02/28 00:28:16 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013/02/28 00:28:16 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2013/02/28 00:28:09 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/02/19 22:32:56 | 006,162,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013/02/19 22:32:54 | 010,919,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013/02/19 22:32:52 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013/02/19 22:32:30 | 002,577,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013/02/19 22:32:30 | 001,869,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013/02/19 22:32:20 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll
[2013/02/19 22:32:18 | 001,010,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2013/02/19 22:32:12 | 007,754,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013/02/19 22:32:10 | 019,915,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/03/19 11:32:08 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/19 11:32:06 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/19 10:05:43 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Shahid\Desktop\tdsskiller.exe
[2013/03/19 09:32:57 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 09:32:57 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/19 09:31:58 | 000,627,066 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/19 09:31:58 | 000,107,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/03/19 09:27:46 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/19 09:27:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/19 09:27:26 | 1602,859,008 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/19 09:27:24 | 302,503,816 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/19 08:11:47 | 010,027,610 | ---- | M] () -- C:\Users\Shahid\Desktop\SHEHR E QUAID MY KARACHI.ppsx
[2013/03/14 15:35:29 | 000,001,106 | ---- | M] () -- C:\Users\Shahid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
[2013/03/14 00:32:35 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/03/14 00:32:35 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/09 23:57:13 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013/03/09 17:53:20 | 000,000,009 | ---- | M] () -- C:\END
[2013/03/08 10:25:14 | 000,123,883 | ---- | M] () -- C:\Users\Shahid\Desktop\10_tips_word2007.pdf
[2013/02/19 22:32:56 | 006,162,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013/02/19 22:32:54 | 010,919,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013/02/19 22:32:52 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013/02/19 22:32:52 | 002,446,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2013/02/19 22:32:30 | 002,577,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013/02/19 22:32:30 | 001,869,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013/02/19 22:32:22 | 015,413,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2013/02/19 22:32:20 | 000,892,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll
[2013/02/19 22:32:18 | 001,010,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll
[2013/02/19 22:32:12 | 007,754,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013/02/19 22:32:10 | 019,915,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2013/02/19 22:32:10 | 000,012,724 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2013/02/18 19:53:56 | 000,033,112 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/03/19 08:10:25 | 010,027,610 | ---- | C] () -- C:\Users\Shahid\Desktop\SHEHR E QUAID MY KARACHI.ppsx
[2013/03/18 22:12:32 | 003,756,991 | ---- | C] () -- C:\Users\Shahid\Desktop\Manzil.pdf
[2013/03/09 23:57:13 | 000,001,247 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013/03/08 10:25:04 | 000,123,883 | ---- | C] () -- C:\Users\Shahid\Desktop\10_tips_word2007.pdf
[2013/03/06 09:13:47 | 302,503,816 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/07/30 12:12:54 | 000,027,520 | ---- | C] () -- C:\Users\Shahid\AppData\Local\dt.dat
[2011/11/23 09:38:17 | 001,961,472 | ---- | C] () -- C:\Windows\System32\qtcore4.dll
[2011/06/29 12:42:05 | 000,000,000 | ---- | C] () -- C:\Users\Shahid\AppData\Local\{A7371D9E-99BD-4C2C-8389-839EB7DA49F7}
[2011/06/28 18:55:18 | 000,000,000 | ---- | C] () -- C:\Users\Shahid\AppData\Local\{EFBB83E8-B02B-46A2-9544-6E526A8DB510}
[2011/06/01 17:49:03 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/06/01 17:46:21 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/03/23 09:23:00 | 000,000,120 | ---- | C] () -- C:\Users\Shahid\AppData\Local\Qkusapev.dat
[2011/03/23 09:23:00 | 000,000,000 | ---- | C] () -- C:\Users\Shahid\AppData\Local\Ikuvamecusur.bin
[2010/11/08 09:16:46 | 000,005,632 | ---- | C] () -- C:\Users\Shahid\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/20 10:00:27 | 000,007,605 | ---- | C] () -- C:\Users\Shahid\AppData\Local\Resmon.ResmonCfg
[2010/07/20 20:43:47 | 127,611,835 | ---- | C] () -- C:\Windows\System32\xa4152933.exe
[2010/07/20 20:43:42 | 127,611,835 | ---- | C] () -- C:\Windows\System32\xa4148050.exe
[2010/07/20 20:35:32 | 127,611,835 | ---- | C] () -- C:\Windows\System32\xa3658005.exe
[2010/07/20 20:35:27 | 127,611,835 | ---- | C] () -- C:\Windows\System32\xa3653325.exe
[2009/12/15 12:23:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/10 11:22:25 | 000,000,332 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/11/03 17:59:00 | 000,000,043 | ---- | C] () -- C:\Windows\FFS20ChtReg.ini
[2009/08/31 14:00:22 | 000,021,504 | ---- | C] () -- C:\Windows\System32\WBCustomizer.dll
[2009/08/31 14:00:21 | 000,185,344 | ---- | C] () -- C:\Windows\System32\MemWarp.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 003,807,968 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,627,066 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,107,382 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2004/07/28 19:19:46 | 000,175,104 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 320 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 1068 bytes -> C:\ProgramData\TEMP:CFAFAA98

< End of report >