OTL logfile created on: 7/9/2011 4:54:35 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = F:\
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
4.00 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 57.44% Memory free
8.00 Gb Paging File | 6.40 Gb Available in Paging File | 80.01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.52 Gb Total Space | 3.94 Gb Free Space | 5.29% Space Free | Partition Type: NTFS
Drive D: | 208.92 Gb Total Space | 208.69 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
Drive E: | 4.04 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 239.73 Mb Total Space | 4.51 Mb Free Space | 1.88% Space Free | Partition Type: FAT
Computer Name: EMMALINE-PC | User Name: Emmaline | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/09 16:41:54 | 000,579,584 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
PRC - [2011/07/08 14:16:21 | 000,382,976 | -H-- | M] (CACE Technologies, Inc.) -- C:\ProgramData\38133496.exe
PRC - [2011/07/08 14:06:15 | 000,475,136 | -H-- | M] (CACE Technologies, Inc.) -- C:\ProgramData\eHmcHPSHLtmC.exe
PRC - [2011/04/03 18:31:07 | 000,400,760 | -H-- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
PRC - [2011/01/20 19:20:12 | 001,305,408 | -H-- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/06/30 21:32:40 | 000,344,064 | -H-- | M] (SlipStream Data Inc.) -- C:\Program Files (x86)\Dodo Speed Accelerator\slipcore.exe
PRC - [2009/11/25 07:45:36 | 000,053,888 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/11/13 04:10:06 | 001,597,440 | -H-- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/11/10 13:20:36 | 000,096,896 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/10/27 14:29:32 | 006,998,656 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009/10/27 04:10:42 | 000,174,720 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009/10/10 22:59:00 | 000,239,720 | -H-- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvSCPAPISvr.exe
PRC - [2009/08/20 14:31:48 | 000,170,624 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009/07/14 11:14:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\attrib.exe
PRC - [2009/06/20 04:29:42 | 000,105,016 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/20 04:29:26 | 002,488,888 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 11:30:42 | 000,084,536 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/19 09:58:38 | 000,305,720 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/23 11:15:34 | 000,174,648 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/14 15:00:08 | 000,113,208 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/12/01 05:20:44 | 000,051,768 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
========== Modules (SafeList) ==========
MOD - [2011/07/09 16:41:54 | 000,579,584 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
MOD - [2010/08/21 15:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/11/09 02:52:56 | 000,836,504 | -H-- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV:64bit: - [2010/09/23 11:10:10 | 000,057,184 | -H-- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/09/18 05:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/30 00:06:07 | 000,570,632 | -H-- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV:64bit: - [2009/07/30 00:06:05 | 000,917,768 | -H-- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV:64bit: - [2009/07/30 00:05:42 | 000,595,960 | -H-- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/03/19 06:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/10 13:20:36 | 000,096,896 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/10/10 22:59:00 | 000,239,720 | -H-- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\SysWOW64\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009/09/15 11:03:42 | 000,044,312 | -H-- | M] () [Auto | Running] -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/06/16 11:30:42 | 000,084,536 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 20:55:48 | 000,225,280 | -H-- | M] (ASUSTek Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007/06/01 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/06/01 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/06/01 17:57:53 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 16:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 16:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/09/23 17:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/31 03:30:26 | 000,309,840 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
DRV:64bit: - [2010/07/31 03:30:20 | 000,042,576 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
DRV:64bit: - [2010/07/31 03:24:14 | 001,988,176 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
DRV:64bit: - [2009/10/15 19:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/10/06 02:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/11 09:31:56 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009/09/05 09:13:24 | 000,216,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009/08/22 07:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/08/21 14:24:03 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/08/19 04:44:19 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/30 00:06:59 | 000,339,984 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmwfp)
DRV:64bit: - [2009/07/30 00:06:59 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2009/07/30 00:06:58 | 000,200,720 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (tmlwf)
DRV:64bit: - [2009/07/21 03:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 10:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/11 06:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 06:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/06 04:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/19 08:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/14 03:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/02/20 03:10:14 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zgwhsnmea.sys -- (zgwhsnmea)
DRV:64bit: - [2009/02/20 03:10:10 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zgwhsmdm.sys -- (zgwhsmdm)
DRV:64bit: - [2009/02/20 03:10:06 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zgwhsdiag.sys -- (zgwhsdiag)
DRV:64bit: - [2008/05/24 11:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/04/24 05:30:34 | 000,005,632 | -H-- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/03 11:36:14 | 000,015,416 | -H-- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {5b99c55c-ae59-4d93-bc3b-ed0c8df4da08} - C:\Program Files (x86)\freetrialdownloads-EN\tbfree.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files (x86)\Max_EN\tbMax_.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 61 C7 C3 65 B7 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {5b99c55c-ae59-4d93-bc3b-ed0c8df4da08} - C:\Program Files (x86)\freetrialdownloads-EN\tbfree.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files (x86)\Max_EN\tbMax_.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2010/02/19 14:16:25 | 000,000,000 | -H-D | M]
[2010/03/17 10:02:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Emmaline\AppData\Roaming\Mozilla\Extensions
[2010/03/17 10:02:28 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Emmaline\AppData\Roaming\Mozilla\Extensions\[email protected]
O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (ALOT Toolbar Helper) - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll (Vertro)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O2 - BHO: (freetrialdownloads-EN Toolbar) - {5b99c55c-ae59-4d93-bc3b-ed0c8df4da08} - C:\Program Files (x86)\freetrialdownloads-EN\tbfree.dll (Conduit Ltd.)
O2 - BHO: (Max EN Toolbar) - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files (x86)\Max_EN\tbMax_.dll (Conduit Ltd.)
O2 - BHO: (NOW!Imaging) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files (x86)\Dodo Speed Accelerator\components\NOWImaging.dll (SlipStream Data Inc.)
O2 - BHO: (Prefetch) - {A66AA08A-9BF0-4e87-99E6-6972731D6B99} - C:\Program Files (x86)\Dodo Speed Accelerator\Prefetch.dll (SlipStream Data Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ALOT Toolbar) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll (Vertro)
O3 - HKLM\..\Toolbar: (freetrialdownloads-EN Toolbar) - {5b99c55c-ae59-4d93-bc3b-ed0c8df4da08} - C:\Program Files (x86)\freetrialdownloads-EN\tbfree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Max EN Toolbar) - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files (x86)\Max_EN\tbMax_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (freetrialdownloads-EN Toolbar) - {5B99C55C-AE59-4D93-BC3B-ED0C8DF4DA08} - C:\Program Files (x86)\freetrialdownloads-EN\tbfree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Max EN Toolbar) - {867DD841-5BF7-44CA-8426-C5A6EDA00735} - C:\Program Files (x86)\Max_EN\tbMax_.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Setwallpaper] File not found
O4 - HKLM..\Run: [SlipStream] C:\Program Files (x86)\Dodo Speed Accelerator\slipcore.exe (SlipStream Data Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [eHmcHPSHLtmC] C:\ProgramData\eHmcHPSHLtmC.exe (CACE Technologies, Inc.)
O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - Startup: C:\Users\Emmaline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Dodo Speed Accelerator\sliplsp.dll (SlipStream Data Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\Dodo Speed Accelerator\sliplsp.dll (SlipStream Data Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Dodo Speed Accelerator\sliplsp.dll (SlipStream Data Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\Dodo Speed Accelerator\sliplsp.dll (SlipStream Data Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1b2e6a27-5c3a-11e0-ad7c-001e101f63cf}\Shell - "" = AutoRun
O33 - MountPoints2\{1b2e6a27-5c3a-11e0-ad7c-001e101f63cf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{61618c62-1d0c-11df-87cc-e0cb4e68cf9e}\Shell - "" = AutoRun
O33 - MountPoints2\{61618c62-1d0c-11df-87cc-e0cb4e68cf9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{61618c67-1d0c-11df-87cc-e0cb4e68cf9e}\Shell - "" = AutoRun
O33 - MountPoints2\{61618c67-1d0c-11df-87cc-e0cb4e68cf9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{616190ad-1d0c-11df-87cc-001e101f1ed9}\Shell - "" = AutoRun
O33 - MountPoints2\{616190ad-1d0c-11df-87cc-001e101f1ed9}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{616190af-1d0c-11df-87cc-001e101f1ed9}\Shell - "" = AutoRun
O33 - MountPoints2\{616190af-1d0c-11df-87cc-001e101f1ed9}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9a13ccc4-7cf3-11e0-94c9-e0cb4e68cf9e}\Shell - "" = AutoRun
O33 - MountPoints2\{9a13ccc4-7cf3-11e0-94c9-e0cb4e68cf9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a5de1273-60dd-11e0-9440-e0cb4e68cf9e}\Shell - "" = AutoRun
O33 - MountPoints2\{a5de1273-60dd-11e0-9440-e0cb4e68cf9e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/07/08 14:16:48 | 000,000,000 | -H-D | C] -- C:\Users\Emmaline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Fix
[2011/07/08 14:16:21 | 000,382,976 | -H-- | C] (CACE Technologies, Inc.) -- C:\ProgramData\38133496.exe
[2011/07/08 14:07:08 | 000,475,136 | -H-- | C] (CACE Technologies, Inc.) -- C:\ProgramData\eHmcHPSHLtmC.exe
[2011/06/30 14:20:37 | 000,000,000 | -H-D | C] -- C:\Users\Emmaline\AppData\Local\{1EC2DE02-C53E-45CB-84AB-67886C192C60}
[2011/06/26 23:30:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
[2011/06/26 23:30:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\DVD Shrink
[2011/06/26 23:30:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\DVD Shrink
[2011/06/24 14:48:47 | 000,000,000 | -H-D | C] -- C:\Users\Emmaline\AppData\Local\YoYo_Games_Ltd
[2011/06/15 15:13:31 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/15 15:12:55 | 000,000,000 | -H-D | C] -- C:\Program Files\iTunes
[2011/06/15 15:12:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\iTunes
[2011/06/15 15:12:55 | 000,000,000 | -H-D | C] -- C:\Program Files\iPod
[2011/05/17 10:42:41 | 000,413,696 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2011/05/17 10:42:40 | 001,224,704 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2011/05/17 10:42:40 | 000,991,232 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2011/05/17 10:42:40 | 000,696,320 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2011/05/17 10:42:40 | 000,684,032 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2011/05/17 10:42:40 | 000,643,072 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2011/05/17 10:42:40 | 000,585,728 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2011/05/17 10:42:40 | 000,537,256 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkcoms.exe
[2011/05/17 10:42:40 | 000,421,888 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2011/05/17 10:42:40 | 000,397,312 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2011/05/17 10:42:40 | 000,385,704 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkih.exe
[2011/05/17 10:42:40 | 000,381,608 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkcfg.exe
[2011/05/17 10:42:40 | 000,180,904 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkppls.exe
[2011/05/17 10:42:40 | 000,163,840 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2011/05/17 10:42:40 | 000,094,208 | -H-- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
========== Files - Modified Within 30 Days ==========
[2011/07/09 16:45:41 | 000,736,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/09 16:45:41 | 000,635,506 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/09 16:45:41 | 000,113,400 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/09 16:15:53 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/09 16:15:53 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/09 16:08:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/09 16:08:19 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/08 14:23:20 | 000,002,038 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/07/08 14:16:52 | 000,000,232 | -H-- | M] () -- C:\ProgramData\~38133496
[2011/07/08 14:16:52 | 000,000,176 | -H-- | M] () -- C:\ProgramData\~38133496r
[2011/07/08 14:16:48 | 000,000,627 | -H-- | M] () -- C:\Users\Emmaline\Desktop\Windows 7 Fix.lnk
[2011/07/08 14:16:26 | 000,000,344 | -H-- | M] () -- C:\ProgramData\38133496
[2011/07/08 14:16:21 | 000,382,976 | -H-- | M] (CACE Technologies, Inc.) -- C:\ProgramData\38133496.exe
[2011/07/08 14:06:15 | 000,475,136 | -H-- | M] (CACE Technologies, Inc.) -- C:\ProgramData\eHmcHPSHLtmC.exe
[2011/07/04 14:52:10 | 000,482,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/23 20:24:17 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/06/17 17:54:55 | 000,005,632 | -H-- | M] () -- C:\Users\Emmaline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Files Created - No Company Name ==========
[2011/07/08 14:16:52 | 000,000,176 | -H-- | C] () -- C:\ProgramData\~38133496r
[2011/07/08 14:16:51 | 000,000,232 | -H-- | C] () -- C:\ProgramData\~38133496
[2011/07/08 14:16:48 | 000,000,627 | -H-- | C] () -- C:\Users\Emmaline\Desktop\Windows 7 Fix.lnk
[2011/07/08 14:16:26 | 000,000,344 | -H-- | C] () -- C:\ProgramData\38133496
[2011/05/17 10:42:41 | 000,274,432 | -H-- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2011/05/17 10:42:40 | 000,413,696 | -H-- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2011/03/03 05:23:29 | 000,005,632 | -H-- | C] () -- C:\Users\Emmaline\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/24 05:43:16 | 000,722,802 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/24 05:26:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/04/24 05:19:39 | 000,005,632 | -H-- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/01/15 21:00:47 | 000,131,368 | -H-- | C] () -- C:\ProgramData\FullRemove.exe
[2010/01/15 20:49:55 | 000,053,248 | -H-- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/10/26 13:38:20 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/10/10 22:59:00 | 000,095,848 | -H-- | C] () -- C:\Windows\SysWow64\nvimage.dll
[2009/08/19 18:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 18:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 15:20:40 | 000,000,010 | -H-- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 15:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 12:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 10:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 09:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 07:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 07:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2010/02/20 10:31:45 | 000,000,000 | -HSD | M] -- C:\Users\Emmaline\AppData\Roaming\.#
[2010/02/19 15:00:22 | 000,000,000 | -H-D | M] -- C:\Users\Emmaline\AppData\Roaming\Asus WebStorage
[2011/07/09 16:57:34 | 000,000,000 | -H-D | M] -- C:\Users\Emmaline\AppData\Roaming\BitTorrent
[2011/06/01 18:02:15 | 000,000,000 | -H-D | M] -- C:\Users\Emmaline\AppData\Roaming\DAEMON Tools Lite
[2011/07/04 20:50:59 | 000,000,000 | -H-D | M] -- C:\Users\Emmaline\AppData\Roaming\FrostWire
[2010/02/20 02:37:54 | 000,000,000 | -H-D | M] -- C:\Users\Emmaline\AppData\Roaming\GameConsole
[2011/05/20 21:08:16 | 000,000,000 | -H-D | M] -- C:\Users\Emmaline\AppData\Roaming\GameMaker
[2011/06/01 22:41:30 | 000,000,000 | -H-D | M] -- C:\Users\Emmaline\AppData\Roaming\ImgBurn
[2010/12/18 04:39:35 | 000,000,000 | -H-D | M] -- C:\Users\Emmaline\AppData\Roaming\Samsung
[2010/11/05 10:40:19 | 000,000,000 | -H-D | M] -- C:\Users\Emmaline\AppData\Roaming\Uniblue
[2011/02/04 02:42:30 | 000,032,628 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:15024E60
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:734E442A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:A724744F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:B88E99C8
< End of report >