OTL logfile created on: 21/06/2011 12:42:54 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Di's\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 57.44% Memory free
3.84 Gb Paging File | 3.13 Gb Available in Paging File | 81.64% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 99.51 Gb Total Space | 59.64 Gb Free Space | 59.94% Space Free | Partition Type: NTFS
Drive D: | 11.25 Gb Total Space | 1.36 Gb Free Space | 12.10% Space Free | Partition Type: FAT32
Computer Name: DIANNE | User Name: Di's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/06/21 00:02:51 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Di's\Desktop\OTL.exe
PRC - [2011/04/01 17:07:39 | 000,389,288 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
PRC - [2011/03/28 16:15:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:15:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/01/04 16:51:20 | 000,689,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe
PRC - [2011/01/04 16:51:14 | 004,318,520 | ---- | M] (Rogers) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe
PRC - [2010/06/07 15:09:06 | 000,382,208 | ---- | M] (Rogers) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe
PRC - [2010/06/07 13:46:12 | 000,120,048 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe
PRC - [2010/06/07 13:46:08 | 001,053,936 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe
PRC - [2009/11/02 16:26:48 | 005,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/08/17 13:20:06 | 000,054,512 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
PRC - [2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/23 16:51:22 | 000,478,968 | ---- | M] (Rogers Cable Communications) -- C:\Program Files\Rogers\SelfHealing\RogersAgent.exe
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2006/06/27 19:31:34 | 000,102,400 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe
PRC - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006/03/03 15:18:10 | 000,200,704 | ---- | M] (Yahoo!, Inc.) -- C:\Program Files\Yahoo!\browser\ycommon.exe
PRC - [2006/02/10 08:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
========== Modules (SafeList) ==========
MOD - [2011/06/21 00:02:51 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Di's\Desktop\OTL.exe
MOD - [2006/08/25 11:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - [2011/04/13 22:20:06 | 000,315,392 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\scan.dll -- (scan)
SRV - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/01/04 16:51:20 | 000,689,464 | ---- | M] (Radialpoint Inc.) [Auto | Running] -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe -- (ServicepointService)
SRV - [2010/06/07 15:10:06 | 000,166,944 | ---- | M] (Rogers) [Auto | Stopped] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe -- (Radialpoint Security Services)
SRV - [2010/06/07 15:09:06 | 000,382,208 | ---- | M] (Rogers) [Auto | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe -- (RP_FWS)
SRV - [2010/06/07 13:46:12 | 000,120,048 | ---- | M] (Radialpoint SafeCare Inc.) [Auto | Running] -- C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe -- (VaultClientUpgrade)
SRV - [2010/06/07 13:46:08 | 001,053,936 | ---- | M] (Radialpoint SafeCare Inc.) [Auto | Running] -- C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe -- (VaultClientSRV)
SRV - [2009/11/02 16:26:48 | 005,832,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe -- (RadialpointIDSAgent)
SRV - [2009/06/08 12:07:50 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009/06/08 12:07:48 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2006/06/12 16:27:28 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)
SRV - [2006/03/03 21:03:10 | 000,069,632 | ---- | M] (HP) [Unknown | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/04/13 22:01:49 | 000,053,192 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rp_skt32.sys -- (RPSKT) Security Services Driver (x86)
DRV - [2011/04/01 17:07:59 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/04/01 17:07:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/11/26 10:50:32 | 000,039,808 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\trufos.sys -- (Trufos)
DRV - [2009/11/26 10:50:32 | 000,014,720 | ---- | M] (BitDefender S.R.L.) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\profos.sys -- (Profos)
DRV - [2009/11/02 16:27:02 | 000,122,376 | ---- | M] (AVG Technologies ) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys -- (RadialpointIDSDriver)
DRV - [2009/11/02 16:27:02 | 000,030,216 | ---- | M] (AVG Technologies ) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys -- (RadialpointIDSFilter)
DRV - [2009/11/02 16:27:02 | 000,025,736 | ---- | M] (AVG Technologies ) [Kernel | On_Demand | Running] -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys -- (RadialpointIDSShim)
DRV - [2009/11/02 16:27:02 | 000,025,608 | ---- | M] (AVG Technologies ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (RadialpointIDSEH)
DRV - [2009/10/23 14:25:54 | 000,285,704 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2009/06/22 07:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2009/06/08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009/04/01 00:35:02 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/05/08 08:28:49 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2006/07/06 11:28:58 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2006/06/06 16:39:56 | 000,061,952 | ---- | M] (Ricoh) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\5U870CAP.sys -- (5U870CAP_VID_1262&PID_25FD)
DRV - [2006/06/02 11:02:36 | 000,572,928 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/05/12 16:05:02 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/04/21 13:06:24 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2006/04/20 12:03:20 | 000,995,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/04/20 12:02:40 | 000,208,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/04/20 12:02:36 | 000,727,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/03/16 00:00:00 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2006/03/16 00:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2006/03/16 00:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2005/12/22 13:02:22 | 000,051,840 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/11/16 16:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/11/01 14:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/09/19 17:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 17:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 17:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://ca.red.client.../search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://rogers.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ca.red.client...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://rogers.my.yahoo.com/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {c55f5517-246e-4426-b745-ee25b08eb8b4} - C:\Program Files\TranslatorBar_3.2\prxtbTra0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2010/03/06 23:32:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.0.3.4\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2011/06/08 20:54:20 | 000,000,000 | ---D | M]
[2010/01/04 12:01:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Di's\Application Data\Mozilla\Extensions
[2010/01/04 12:01:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Di's\Application Data\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2006/03/16 00:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (MyPlayCity Toolbar) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll (Conduit Ltd.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (TranslatorBar 3.2 Toolbar) - {c55f5517-246e-4426-b745-ee25b08eb8b4} - C:\Program Files\TranslatorBar_3.2\prxtbTra0.dll (Conduit Ltd.)
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll (Yahoo! Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MyPlayCity Toolbar) - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TranslatorBar 3.2 Toolbar) - {c55f5517-246e-4426-b745-ee25b08eb8b4} - C:\Program Files\TranslatorBar_3.2\prxtbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MyPlayCity Toolbar) - {4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - C:\Program Files\MyPlayCity\tbMyP0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (TranslatorBar 3.2 Toolbar) - {C55F5517-246E-4426-B745-EE25B08EB8B4} - C:\Program Files\TranslatorBar_3.2\prxtbTra0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [RogersServicepointAgent.exe] C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKCU..\Run: [RogersAgent] c:\Program Files\Rogers\SelfHealing\RogersAgent.exe (Rogers Cable Communications)
O4 - HKCU..\Run: [SHS] C:\Program Files\Rogers\SelfHealing\SHS.exe (Rogers Cable Communications)
O4 - HKCU..\Run: [Update Manager] C:\Program Files\Rogers\Update Manager\UpdateManager.exe (Rogers Cable Communications Inc. )
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10p_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\HP Pavilion Webcam Tray Icon.lnk = C:\Program Files\Hewlett-Packard\HP Pavilion Webcam\HPWebcam.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O9 - Extra Button: Rogers Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {48369DA6-2508-4F08-8716-336190B071A7} http://www6.mississa...apViewerCtl.cab (MapViewer Class)
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} http://www.facebook....ls/contactx.dll (ContactExtractor Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Quest%202/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Wave.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Wave.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - Unable to obtain root file information for disk D:\
O33 - MountPoints2\{9a6cf5b5-a49a-11db-9e83-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9a6cf5b5-a49a-11db-9e83-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9a6cf5b5-a49a-11db-9e83-806d6172696f}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
O34 - HKLM BootExecute: (PDBoot.exe) - C:\WINDOWS\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/21 00:27:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Di's\Application Data\Avira
[2011/06/21 00:02:47 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Di's\Desktop\OTL.exe
[2011/06/20 23:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2011/06/20 23:30:15 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Di's\Desktop\HijackThis.exe
[2011/06/20 23:22:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/06/20 23:22:38 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/06/20 23:22:37 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/06/20 23:22:37 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/06/20 23:22:37 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/06/20 23:22:37 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/06/20 23:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/06/20 23:22:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/06/20 23:02:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/06/20 22:58:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Di's\Application Data\Malwarebytes
[2011/06/20 22:33:23 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/20 22:33:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/20 22:33:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/06/20 22:33:19 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/06/20 22:33:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/20 22:18:21 | 000,000,000 | ---D | C] -- C:\_200750_
[2011/06/20 22:12:52 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2007/01/15 10:05:39 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnp2uvc.dll
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/21 00:41:42 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\dkjh.sys
[2011/06/21 00:03:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/21 00:02:51 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Di's\Desktop\OTL.exe
[2011/06/21 00:01:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/06/20 23:30:16 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Di's\Desktop\HijackThis.exe
[2011/06/20 23:22:53 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/06/20 23:03:09 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2011/06/20 23:02:56 | 001,443,760 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/20 23:02:56 | 000,459,118 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/20 23:00:34 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/20 23:00:22 | 000,001,153 | ---- | M] () -- C:\hpqp.ini
[2011/06/20 22:58:07 | 000,000,039 | ---- | M] () -- C:\XP_TV.ini
[2011/06/20 22:58:03 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/20 22:58:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/20 22:57:58 | 2137,051,136 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/20 22:33:23 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/18 09:17:21 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Di's\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/08 20:54:22 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/06/21 00:41:42 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\dkjh.sys
[2011/06/20 23:22:53 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/06/20 22:57:58 | 2137,051,136 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/20 22:33:23 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/08 20:54:21 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/06/08 20:54:20 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
[2011/04/04 13:47:39 | 000,000,196 | ---- | C] () -- C:\Documents and Settings\Di's\Application Data\wklnhst.dat
[2010/09/27 12:13:12 | 000,000,562 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2010/09/27 12:04:06 | 000,117,186 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2009/10/21 14:20:08 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen_x86.sys
[2009/04/16 10:19:04 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2009/04/16 09:34:15 | 065,952,800 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/04/16 09:34:15 | 001,059,104 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2008/07/22 20:44:30 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2008/04/30 10:14:41 | 000,000,148 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2008/04/30 08:49:56 | 000,116,764 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp
[2008/04/30 08:49:56 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp
[2007/10/02 15:50:10 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Di's\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/19 19:14:31 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2007/01/26 17:00:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/01/23 10:18:41 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007/01/15 10:05:40 | 000,102,400 | ---- | C] () -- C:\WINDOWS\HPWebcam.exe
[2007/01/15 09:31:47 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Di's\Local Settings\Application Data\fusioncache.dat
[2006/09/14 03:15:17 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/09/14 03:15:17 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/09/14 03:01:25 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/14 02:48:27 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/07/14 15:35:46 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\WBCustomizer.dll
[2006/07/06 06:28:58 | 000,047,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2006/06/29 15:18:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/06/29 15:18:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/06/29 14:49:18 | 000,087,268 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/06/29 14:46:56 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/06/29 14:43:40 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/06/29 14:27:08 | 001,443,760 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/06/29 14:27:08 | 000,459,118 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/06/29 14:18:06 | 000,251,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/29 14:13:00 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/06/29 14:08:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/03/16 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/03/16 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/03/16 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/03/16 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/03/16 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/03/16 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/16 00:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/03/16 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/03/04 03:07:34 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/12/02 14:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2005/05/06 14:06:32 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2004/09/16 16:24:26 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2003/01/07 18:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/28 17:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 17:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
========== LOP Check ==========
[2008/08/04 15:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\cerasus.media
[2007/06/19 01:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear
[2007/07/14 21:06:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2007/06/23 22:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2011/04/13 21:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2009/04/16 09:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rogers Online Protection
[2007/06/23 22:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games
[2010/07/25 20:27:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008/08/16 01:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2007/01/26 17:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo
[2010/03/06 23:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/08/04 15:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Di's\Application Data\cerasus.media
[2007/06/21 21:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Di's\Application Data\Gaijin Ent
[2007/06/25 19:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Di's\Application Data\GameHouse
[2008/08/13 12:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Di's\Application Data\iWin
[2011/06/20 22:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Di's\Application Data\LimeWire
[2007/06/23 22:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Di's\Application Data\PlayFirst
[2011/04/13 21:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Di's\Application Data\Rogers Online Protection
[2007/05/19 22:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Di's\Application Data\SpinTop
[2011/04/04 13:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Di's\Application Data\Template
[2011/06/21 00:01:01 | 000,000,232 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4A9220C3
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D68FBF6D
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:751C6A80
@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94C67BE8
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F9D83120
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3297EEFA
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0CE0AE44
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:083BD81C
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C085630F
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:57B4E612
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2BD3451
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:11DA80B5
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AF0F33E9
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CA7766D
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DA18FD1D
@Alternate Data Stream - 102 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:211ED887
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56CBCB34
< End of report >