OTL logfile created on: 10/30/2011 9:05:11 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Anon\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 63.10% Memory free
6.19 Gb Paging File | 4.92 Gb Available in Paging File | 79.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 147.58 Gb Total Space | 100.40 Gb Free Space | 68.03% Space Free | Partition Type: NTFS
Drive D: | 149.05 Gb Total Space | 148.94 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Computer Name: ANON-PC | User Name: Anon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/10/30 08:26:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Anon\Desktop\OTL.com
PRC - [2011/08/12 17:13:26 | 000,087,040 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011/08/05 12:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2009/09/25 13:51:04 | 000,906,496 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\ApVxdWin.exe
PRC - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrvx86.exe
PRC - [2009/09/07 17:40:04 | 000,198,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\AVENGINE.EXE
PRC - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\psksvc.exe
PRC - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrlS.exe
PRC - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe
PRC - [2009/08/10 14:45:48 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\PavBckPT.exe
PRC - [2009/04/23 13:31:16 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\WebProxy.exe
PRC - [2009/04/17 11:17:24 | 000,157,440 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files\Panda Security\Panda Internet Security 2010\FIREWALL\PSHost.exe
PRC - [2009/03/20 07:36:58 | 000,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2009/02/14 10:17:33 | 000,266,240 | ---- | M] () -- C:\Windows\System32\CSHelper.exe
PRC - [2008/06/27 14:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\SrvLoad.exe
PRC - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe
PRC - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Common Files\Panda Security\PavShld\PavPrSrv.exe
PRC - [2008/01/21 18:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/01/17 19:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007/12/03 20:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/11/14 12:08:48 | 000,027,400 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\upeksvr.exe
PRC - [2007/11/14 11:43:58 | 000,054,024 | ---- | M] (UPEK Inc.) -- C:\Program Files\Protector Suite QL\psqltray.exe
PRC - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2007/09/28 19:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/05/31 08:38:48 | 000,053,248 | ---- | M] (Tablet Driver) -- C:\Windows\System32\drivers\WTSrv.exe
PRC - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe
PRC - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ========== MOD - [2010/06/21 12:31:27 | 000,034,816 | ---- | M] () -- C:\Program Files\Google\Google Desktop Search\gzlib.dll
MOD - [2009/08/06 11:00:18 | 000,821,248 | ---- | M] () -- C:\Program Files\Panda Security\Panda Internet Security 2010\PLATCTRL.bpl
MOD - [2009/01/18 15:50:02 | 000,417,792 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\AdobeXMP.dll
MOD - [2007/11/16 16:02:18 | 000,479,232 | R--- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ccme_base.dll
MOD - [2007/11/16 16:02:18 | 000,401,408 | R--- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\cryptocme2.dll
MOD - [2004/05/19 12:33:12 | 000,507,904 | ---- | M] () -- C:\Program Files\Panda Security\Panda Internet Security 2010\LIBXML2.DLL
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (FontCache3.0.0.032)
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011/08/12 17:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/08/05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/10/23 13:31:44 | 000,401,920 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2009/09/17 13:17:32 | 000,293,120 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Internet Security 2010\pavsrvx86.exe -- (PAVSRV)
SRV - [2009/08/25 14:28:20 | 000,028,928 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Internet Security 2010\PskSvc.exe -- (PskSvcRetail)
SRV - [2009/08/10 14:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Internet Security 2010\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/08/10 14:45:52 | 000,169,216 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Internet Security 2010\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2009/04/17 11:17:24 | 000,157,440 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Internet Security 2010\TPSrv.exe -- (TPSrv)
SRV - [2009/04/08 11:56:24 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\program files\panda security\panda internet security 2010\firewall\PSHOST.EXE -- (PSHost)
SRV - [2009/02/14 10:17:33 | 000,266,240 | ---- | M] () [Auto | Running] -- C:\Windows\System32\CSHelper.exe -- (CSHelper)
SRV - [2008/07/02 15:09:36 | 000,060,160 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Internet Security 2010\GWMsrv.dll -- (Gwmsrv)
SRV - [2008/06/19 13:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Internet Security 2010\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/02/04 18:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
SRV - [2008/01/21 18:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 19:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007/12/03 20:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/09/28 19:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/05/31 08:38:48 | 000,053,248 | ---- | M] (Tablet Driver) [Auto | Running] -- C:\Windows\System32\Drivers\WTSRV.EXE -- (WinTabService)
SRV - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/10/05 15:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Running] -- -- (PavTPK.sys)
DRV - File not found [Kernel | On_Demand | Running] -- -- (PavSRK.sys)
DRV - File not found [File_System | On_Demand | Running] -- -- (AvFlt)
DRV - [2011/10/30 08:23:18 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2010/06/23 10:23:46 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2009/11/20 22:24:46 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\COMFiltr.sys -- (ComFiltr)
DRV - [2009/10/01 00:07:44 | 000,075,016 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\APPFLT.SYS -- (APPFLT)
DRV - [2009/09/09 11:29:18 | 000,199,432 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\neti1639.sys -- (NETIMFLT01060039)
DRV - [2009/09/02 04:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/08/06 13:29:16 | 000,049,160 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\amm8660.sys -- (AmFSM)
DRV - [2009/07/23 13:42:00 | 009,814,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/06/30 18:17:12 | 000,163,336 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PavProc.sys -- (PavProc)
DRV - [2009/06/30 11:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/06/16 14:33:02 | 000,046,728 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\wnmflt.sys -- (WNMFLT)
DRV - [2009/06/16 14:33:00 | 000,159,112 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | System | Running] -- C:\Windows\System32\drivers\NETFLTDI.SYS -- (NETFLTDI)
DRV - [2009/06/16 14:32:58 | 000,193,800 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\idsflt.sys -- (IDSFLT)
DRV - [2009/06/16 14:32:58 | 000,053,128 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\dsaflt.sys -- (DSAFLT)
DRV - [2009/06/10 15:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/06/01 07:58:52 | 000,009,728 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/10/09 16:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/05/06 17:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/03/28 12:25:06 | 000,022,072 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\fnetmon.sys -- (FNETMON)
DRV - [2008/03/04 16:59:42 | 000,041,144 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\ShlDrv51.sys -- (ShldDrv)
DRV - [2008/01/21 17:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007/11/09 17:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/09/26 08:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/06/07 12:16:28 | 000,018,944 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PTSimBus.sys -- (PTSimBus)
DRV - [2007/05/31 12:33:44 | 000,012,800 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\UCTblHid.sys -- (UCTblHid)
DRV - [2007/04/23 10:28:56 | 000,018,432 | ---- | M] (Tablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TClass2k.sys -- (TClass2k)
DRV - [2007/04/23 10:28:56 | 000,010,752 | ---- | M] (PenTablet Driver) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTSimHid.sys -- (PTSimHid)
DRV - [2007/04/16 12:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/01/24 17:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 18:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/09 00:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 00:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/04 21:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/07/28 19:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2005/10/04 04:16:22 | 000,007,936 | ---- | M] (M Three Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\keychain.sys -- (keychain)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.toshibadirect.com/dpdstart IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-172382132-1955810624-3325907670-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.toshibadirect.com/dpdstartIE - HKU\S-1-5-21-172382132-1955810624-3325907670-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://msnbc.com/IE - HKU\S-1-5-21-172382132-1955810624-3325907670-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-172382132-1955810624-3325907670-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "
http://www.jillcataldo.com/"FF - prefs.js..extensions.enabledItems:
[email protected]:1.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5
FF - prefs.js..extensions.enabledItems: {37153479-1976-43c3-a1ee-557513977b64}:3.7.0.6
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@artistscope.com/ArtistScope plugin 42,version=4.2.0.0: C:\Program Files\Mozilla Firefox\plugins
pArtistScope42.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Anon\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\
[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@artistscope.com/ArtistScope plugin 42,version=4.2.0.0: C:\Program Files\Mozilla Firefox\plugins
pArtistScope42.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/30 12:32:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/30 12:32:15 | 000,000,000 | ---D | M]
[2009/07/17 00:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anon\AppData\Roaming\Mozilla\Extensions
[2009/07/17 00:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anon\AppData\Roaming\Mozilla\Extensions\
[email protected][2011/10/30 08:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anon\AppData\Roaming\Mozilla\Firefox\Profiles\dpxalv9g.default\extensions
[2011/10/02 14:31:42 | 000,000,000 | ---D | M] (Coupons.com Community Toolbar) -- C:\Users\Anon\AppData\Roaming\Mozilla\Firefox\Profiles\dpxalv9g.default\extensions\{37153479-1976-43c3-a1ee-557513977b64}
[2011/10/02 14:31:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Anon\AppData\Roaming\Mozilla\Firefox\Profiles\dpxalv9g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/06/26 22:01:18 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Anon\AppData\Roaming\Mozilla\Firefox\Profiles\dpxalv9g.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(23)
[2010/07/31 23:00:01 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Anon\AppData\Roaming\Mozilla\Firefox\Profiles\dpxalv9g.default\extensions\
[email protected][2011/09/24 19:11:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{2F3A21C4-CE26-4C78-AC60-8970B64E1906}
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{4D6F9453-60F7-40C6-9F44-1997A8F90997}
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{6C69851A-6DDD-4590-80E2-0CCF607F6F31}
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{6F5D109A-72A0-4FD2-B75A-BFA5BFE3A2C6}
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{7B7F9BD5-4788-4F66-A981-C1ED76F79B1D}
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{8B8478BD-BA96-4782-9322-DA6937A1D8EC}
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{8CFB5AE1-C409-4A33-9838-288AF6E70DE7}
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{AD64D9DD-4C12-499E-BD17-DA04735AADD5}
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{C2D851AC-D793-4C9B-95B8-7757964E3B3C}
File not found (No name found) -- C:\USERS\ANON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPXALV9G.DEFAULT\EXTENSIONS\{C417FACB-24F6-43EB-936B-804067B1588F}
[2009/01/15 13:53:03 | 000,616,448 | ---- | M] (ArtistScope) -- C:\Program Files\mozilla firefox\plugins\npArtistScope42.dll
[2011/03/13 15:33:54 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/03/13 15:33:54 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 12:33:21 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 12:33:22 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2008/09/01 00:07:42 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\mozilla firefox\plugins\NPTURNMED.dll
[2007/03/09 18:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
========== Chrome ========== CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
O1 HOSTS File: ([2011/10/30 08:49:56 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files\Panda Security\Panda Internet Security 2010\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [PSQLLauncher] C:\Program Files\Protector Suite QL\launcher.exe (UPEK Inc.)
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files\Panda Security\Panda Internet Security 2010\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-172382132-1955810624-3325907670-1000..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; Zune 3.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"
http://207.245.65.10...?SKU=99154&RGB=[244,242,180]&DisplayShockwave=1" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\S-1-5-21-172382132-1955810624-3325907670-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-172382132-1955810624-3325907670-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-172382132-1955810624-3325907670-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-172382132-1955810624-3325907670-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.72.134 68.87.77.134
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4D89EECA-1E1C-4E4E-A056-26367852D582}: DhcpNameServer = 68.87.72.134 68.87.77.134
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) -C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\avldr: DllName - (avldr.dll) - C:\Windows\System32\avldr.dll (Panda Security, S.L.)
O20 - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/10/30 08:49:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/10/30 08:25:59 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Anon\Desktop\OTL.com
[2011/10/30 08:20:00 | 000,000,000 | ---D | C] -- C:\Users\Anon\Desktop\RK_Quarantine
[2011/10/29 22:10:03 | 001,932,256 | ---- | C] (Symantec Corporation) -- C:\Users\Anon\Desktop\FixTDSS.exe
[2011/10/29 12:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Software
[2011/10/20 17:37:09 | 000,000,000 | ---D | C] -- C:\Users\Anon\Documents\dictator deaths
[2011/09/30 16:58:04 | 000,000,000 | ---D | C] -- C:\Users\Anon\Documents\My Photos
[2011/09/30 16:58:04 | 000,000,000 | ---D | C] -- C:\Users\Anon\Documents\My Documents
[2011/09/30 16:57:31 | 000,000,000 | ---D | C] -- C:\Users\Anon\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011/09/30 16:53:36 | 000,000,000 | ---D | C] -- C:\Users\Anon\AppData\Local\Htc
[2011/09/30 16:49:22 | 000,000,000 | ---D | C] -- C:\Users\Anon\AppData\Roaming\HTC
[2011/09/30 16:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync
[2011/09/30 16:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
[2011/09/30 16:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\Spirent Communications
[2011/09/30 16:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\HTC
========== Files - Modified Within 30 Days ========== [2011/10/30 09:09:01 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/10/30 09:02:42 | 000,372,536 | ---- | M] () -- C:\Windows\System32\drivers\APPFCONT.DAT.bck
[2011/10/30 09:02:42 | 000,372,536 | ---- | M] () -- C:\Windows\System32\drivers\APPFCONT.DAT
[2011/10/30 09:02:42 | 000,001,132 | ---- | M] () -- C:\Windows\System32\drivers\APPFLTR.CFG.bck
[2011/10/30 09:02:42 | 000,001,132 | ---- | M] () -- C:\Windows\System32\drivers\APPFLTR.CFG
[2011/10/30 09:02:42 | 000,000,252 | ---- | M] () -- C:\Windows\System32\drivers\etc\IdsFlt.cfg.bck
[2011/10/30 09:02:42 | 000,000,252 | ---- | M] () -- C:\Windows\System32\drivers\etc\IdsFlt.cfg
[2011/10/30 09:02:42 | 000,000,092 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetLoc.wlt.bck
[2011/10/30 09:02:42 | 000,000,092 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetLoc.wlt
[2011/10/30 09:02:42 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetFlt.cfg.bck
[2011/10/30 09:02:42 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetFlt.cfg
[2011/10/30 09:02:42 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\WnmFlt.cfg.bck
[2011/10/30 09:02:42 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\WnmFlt.cfg
[2011/10/30 09:02:42 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.cfg.bck
[2011/10/30 09:02:42 | 000,000,056 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.cfg
[2011/10/30 09:02:39 | 000,303,044 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.rls.bck
[2011/10/30 09:02:39 | 000,303,044 | ---- | M] () -- C:\Windows\System32\drivers\etc\DsaFlt.rls
[2011/10/30 08:56:35 | 000,607,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/30 08:56:35 | 000,105,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/30 08:52:33 | 000,000,136 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAdapt.cfg.bck
[2011/10/30 08:52:33 | 000,000,136 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAdapt.cfg
[2011/10/30 08:52:29 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAR.wlt.bck
[2011/10/30 08:52:29 | 000,000,068 | ---- | M] () -- C:\Windows\System32\drivers\etc\NetAR.wlt
[2011/10/30 08:52:06 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/30 08:51:55 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/30 08:51:55 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/30 08:51:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/30 08:49:56 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/10/30 08:49:10 | 000,001,356 | ---- | M] () -- C:\Users\Anon\AppData\Local\d3d9caps.dat
[2011/10/30 08:26:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Anon\Desktop\OTL.com
[2011/10/30 08:23:18 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2011/10/30 08:19:30 | 000,725,504 | ---- | M] () -- C:\Users\Anon\Desktop\RogueKiller.exe
[2011/10/30 07:53:02 | 000,079,872 | ---- | M] () -- C:\Users\Anon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/30 07:51:43 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/30 00:03:07 | 000,002,569 | ---- | M] () -- C:\Users\Anon\Desktop\Microsoft Office Word 2003.lnk
[2011/10/29 22:24:38 | 000,804,304 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/10/29 22:10:03 | 001,932,256 | ---- | M] (Symantec Corporation) -- C:\Users\Anon\Desktop\FixTDSS.exe
[2011/10/29 21:31:51 | 000,302,592 | ---- | M] () -- C:\Users\Anon\Desktop\mbqkq3c7.exe
[2011/10/29 17:03:01 | 000,046,986 | ---- | M] () -- C:\Users\Anon\Desktop\bookmarks-2011-10-29.json
[2011/10/29 16:37:49 | 000,015,714 | ---- | M] () -- C:\Users\Anon\AppData\Roaming\wklnhst.dat
[2011/10/28 10:55:45 | 000,008,627 | ---- | M] () -- C:\Windows\System32\PAV_FOG.OPC
[2011/09/30 16:56:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2011/09/30 16:49:12 | 000,000,942 | ---- | M] () -- C:\Users\Anon\Application Data\Microsoft\Internet Explorer\Quick Launch\HTC Sync.lnk
========== Files Created - No Company Name ========== [2011/10/30 08:20:00 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2011/10/30 08:19:30 | 000,725,504 | ---- | C] () -- C:\Users\Anon\Desktop\RogueKiller.exe
[2011/10/29 21:31:50 | 000,302,592 | ---- | C] () -- C:\Users\Anon\Desktop\mbqkq3c7.exe
[2011/10/29 17:03:01 | 000,046,986 | ---- | C] () -- C:\Users\Anon\Desktop\bookmarks-2011-10-29.json
[2011/09/30 16:56:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2011/09/30 16:49:12 | 000,000,942 | ---- | C] () -- C:\Users\Anon\Application Data\Microsoft\Internet Explorer\Quick Launch\HTC Sync.lnk
[2011/07/08 12:03:45 | 000,004,397 | ---- | C] () -- C:\Users\Anon\AppData\Roaming\E0FA.BD8
[2011/02/22 12:09:28 | 000,000,145 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/02/25 21:11:15 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2010/02/20 23:45:01 | 000,000,141 | ---- | C] () -- C:\Windows\asym.ini
[2009/12/06 18:45:16 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/12/06 18:45:16 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/11/20 22:24:46 | 000,013,880 | ---- | C] () -- C:\Windows\System32\drivers\COMFiltr.sys
[2009/11/20 22:24:30 | 000,000,262 | ---- | C] () -- C:\Windows\System32\PavCPL.dat
[2009/11/20 22:24:26 | 000,372,536 | ---- | C] () -- C:\Windows\System32\drivers\APPFCONT.DAT.bck
[2009/11/20 22:24:26 | 000,372,536 | ---- | C] () -- C:\Windows\System32\drivers\APPFCONT.DAT
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/23 22:22:50 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/06/09 23:34:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/09 23:34:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/05/10 14:16:15 | 000,118,784 | ---- | C] () -- C:\Windows\ShowBmp.exe
[2009/05/10 14:16:15 | 000,014,381 | ---- | C] () -- C:\Windows\Tw533a.ini
[2009/05/10 14:16:15 | 000,001,325 | ---- | C] () -- C:\Windows\Remove.ini
[2009/03/05 07:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/02/14 10:17:33 | 000,266,240 | ---- | C] () -- C:\Windows\System32\CSHelper.exe
[2009/01/23 15:17:30 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/09/06 21:37:29 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/09/06 21:37:29 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/07/24 06:05:36 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/05 15:48:38 | 000,000,067 | ---- | C] () -- C:\Windows\swupdate.INI
[2008/07/04 17:56:47 | 000,031,007 | ---- | C] () -- C:\Users\Anon\AppData\Roaming\UserTile.png
[2008/07/04 14:58:43 | 000,001,356 | ---- | C] () -- C:\Users\Anon\AppData\Local\d3d9caps.dat
[2008/07/02 22:33:30 | 000,079,872 | ---- | C] () -- C:\Users\Anon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/02 21:16:24 | 000,027,240 | ---- | C] () -- C:\Users\Anon\AppData\Roaming\nvModes.001
[2008/07/02 20:30:09 | 000,015,714 | ---- | C] () -- C:\Users\Anon\AppData\Roaming\wklnhst.dat
[2008/07/02 19:46:05 | 000,027,240 | ---- | C] () -- C:\Users\Anon\AppData\Roaming\nvModes.dat
[2008/07/02 19:13:13 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/07/02 17:00:44 | 000,000,016 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2008/02/21 13:34:55 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2008/02/21 13:34:55 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2008/02/21 13:34:55 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008/02/21 13:34:55 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008/02/18 19:56:41 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/02/18 19:56:41 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/02/18 19:56:41 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/02/18 19:56:41 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/02/18 19:56:41 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/02/18 19:56:41 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/02/18 19:04:21 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/02/18 18:57:50 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2008/02/18 18:55:00 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008/02/18 18:55:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008/02/18 18:55:00 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008/02/18 18:55:00 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/02/18 17:53:20 | 000,157,040 | ---- | C] () -- C:\Windows\fdbpinger.exe
[2007/12/21 19:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/04/24 14:31:12 | 000,010,240 | ---- | C] () -- C:\Windows\System32\ucinst32.dll
[2007/04/24 13:22:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\MFT_anet.dll
[2007/03/06 18:54:04 | 000,995,328 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,804,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,607,406 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,105,014 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 12:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/11/23 17:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/07/23 00:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2004/05/10 10:33:46 | 000,036,864 | ---- | C] () -- C:\Windows\System32\lhtool.exe
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== LOP Check ========== [2010/08/21 22:14:41 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Anarchy
[2010/07/08 19:09:28 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Avanquest
[2011/03/13 15:33:55 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Catalina Marketing Corp
[2010/01/12 23:37:16 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\com.comcast.access.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
[2010/02/27 14:53:51 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\com.zipeg
[2008/07/08 12:27:19 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Downloaded Installations
[2009/12/06 01:20:26 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\GTM_Bodie
[2010/09/02 22:04:41 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\HamsterSoft
[2011/09/30 17:02:24 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\HTC
[2011/09/30 16:57:31 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2009/12/02 23:46:31 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\IronCode
[2008/07/03 15:23:11 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\iWin
[2009/10/24 19:08:23 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Meridian93
[2009/03/29 10:45:38 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Neopets Toolbar
[2009/10/26 22:30:53 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Oberonv1001
[2009/10/24 00:54:56 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Oberonv1002
[2009/01/05 22:40:32 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\OpenOffice.org
[2009/12/02 01:47:30 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Orbit
[2010/08/21 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Orneon
[2009/11/20 22:22:42 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Panda Security
[2008/07/04 17:56:47 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\PeerNetworking
[2009/11/29 00:51:15 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\PlayFirst
[2009/12/06 00:56:37 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Playrix Entertainment
[2009/10/27 22:46:33 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Princess Isabella
[2008/08/05 10:39:10 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\SecondLife
[2009/10/24 18:38:51 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Sudden Games
[2008/07/02 20:30:10 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Template
[2009/11/29 20:08:50 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\TheScruffs
[2010/03/12 21:59:58 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\toshiba
[2008/07/02 22:14:44 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\WinBatch
[2010/02/27 14:56:41 | 000,000,000 | ---D | M] -- C:\Users\Anon\AppData\Roaming\Zipeg
[2011/10/04 13:17:34 | 000,000,000 | ---D | M] -- C:\Users\gas\AppData\Roaming\HTC
[2011/10/30 08:08:31 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\Anon\Documents\MVI_0127.AVI:TOC.WMV
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:2FAFBD6A
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:C7F08EA3
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:860D9052
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:A6D6E537
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6CE0638C
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:580E04D8
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:AECF4772
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:4E158DDD
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:0AC32449
< End of report >