Hi maliprog
Here is the OTL file, the Extras.txt is next, regards Robert
OTL logfile created on: 22/05/2012 13:49:22 - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = I:\Users\Robert\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16443)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.49 Gb Total Physical Memory | 2.24 Gb Available Physical Memory | 64.12% Memory free
8.73 Gb Paging File | 7.41 Gb Available in Paging File | 84.92% Paging File free
Paging file location(s): i:\pagefile.sys 5362 10725 [binary data]
%SystemDrive% = I: | %SystemRoot% = I:\Windows | %ProgramFiles% = I:\Program Files
Drive E: | 76.32 Gb Total Space | 48.37 Gb Free Space | 63.37% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 166.38 Gb Free Space | 71.45% Space Free | Partition Type: NTFS
Drive I: | 465.75 Gb Total Space | 396.31 Gb Free Space | 85.09% Space Free | Partition Type: NTFS
Computer Name: BLACKBESS | User Name: Robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/05/22 10:38:56 | 000,595,968 | ---- | M] (OldTimer Tools) -- I:\Users\Robert\Desktop\OTL.scr
PRC - [2012/03/11 22:13:21 | 001,983,232 | ---- | M] (COMODO) -- I:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012/03/11 14:48:36 | 001,652,536 | ---- | M] (Trusteer Ltd.) -- I:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2012/03/11 14:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- I:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/03/07 00:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- I:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- I:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/01/04 15:26:46 | 001,606,488 | ---- | M] (IObit) -- I:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011/11/23 11:27:04 | 001,052,472 | ---- | M] (COMODO) -- I:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
PRC - [2011/09/22 15:20:28 | 000,437,248 | ---- | M] (Realtek Semiconductor Corporation) -- I:\Program Files\Realtek\RtkDashClientInstaller\RtkDashClient.exe
PRC - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- I:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/05/21 06:01:00 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- I:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011/04/19 07:44:40 | 000,291,896 | ---- | M] (Secunia) -- I:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- I:\Windows\explorer.exe
PRC - [2010/11/20 22:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- I:\Windows\System32\taskhost.exe
PRC - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- I:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/09/30 13:02:48 | 000,268,824 | R--- | M] (Intel Corporation) -- I:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2008/07/07 10:42:02 | 000,809,296 | ---- | M] (Safer Networking Ltd.) -- I:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
========== Modules (No Company Name) ========== MOD - [2012/03/11 14:50:38 | 000,516,368 | ---- | M] () -- I:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2011/12/22 20:23:07 | 000,748,544 | ---- | M] () -- I:\Windows\System32\protector.dll
MOD - [2011/11/10 17:11:00 | 000,557,056 | ---- | M] () -- I:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/08/19 17:33:28 | 000,047,960 | ---- | M] () -- I:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Running] -- I:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/05/17 09:57:10 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- I:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/14 17:26:52 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- I:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/03/11 22:13:21 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- I:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012/03/11 14:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- I:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- I:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/15 14:25:06 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- I:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/23 05:43:08 | 000,092,592 | ---- | M] (TomTom) [Disabled | Stopped] -- I:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/12/22 20:23:07 | 000,803,328 | ---- | M] (bProtector) [Disabled | Stopped] -- I:\ProgramData\bProtector\bProtect.exe -- (bProtector)
SRV - [2011/11/23 11:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- I:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2011/05/21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- I:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Disabled | Stopped] -- I:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/04/19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Disabled | Stopped] -- I:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/05/20 15:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- I:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/05/05 18:58:30 | 000,053,248 | ---- | M] () [Disabled | Stopped] -- I:\Program Files\D-Link\DWA-140 Driver\ALPBCSVC.exe -- (ALPBCSVC)
SRV - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- I:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Disabled | Stopped] -- I:\Program Files\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009/09/30 13:02:50 | 002,320,920 | R--- | M] (Intel Corporation) [Disabled | Stopped] -- I:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/09/30 13:02:48 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- I:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- I:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- I:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- I:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- I:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/06/17 16:13:06 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- I:\Program Files\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Unknown] -- I:\Users\Robert\AppData\Local\Temp\pwddqpod.sys -- (pwddqpod)
DRV - [2012/05/21 13:10:50 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- I:\Windows\gdrv.sys -- (gdrv)
DRV - [2012/03/11 22:13:36 | 000,039,640 | ---- | M] (COMODO) [Kernel | System | Running] -- I:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012/03/11 22:13:35 | 000,491,816 | ---- | M] (COMODO) [File_System | System | Running] -- I:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012/03/11 14:50:38 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- i:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys -- (RapportIaso)
DRV - [2012/03/11 14:48:52 | 000,071,440 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- I:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2012/03/11 14:48:50 | 000,164,112 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- I:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2012/03/11 14:48:50 | 000,056,208 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Stopped] -- I:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2012/03/07 00:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- I:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 00:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- I:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 00:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- I:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/03/07 00:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- I:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 00:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- I:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/03/07 00:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- I:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/02/09 22:43:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- I:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/12/19 18:59:16 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- I:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011/12/15 18:22:16 | 000,228,208 | ---- | M] () [Kernel | System | Running] -- I:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys -- (RapportCerberus_34302)
DRV - [2011/10/01 19:52:16 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- I:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2011/09/19 15:05:56 | 000,035,432 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- I:\Windows\System32\drivers\RtDashPt.sys -- (RtDashPt)
DRV - [2010/11/26 19:02:20 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- I:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- I:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- I:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- I:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- I:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- I:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- I:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- I:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- I:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/09/01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- I:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/05/20 15:27:26 | 001,961,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- I:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2010/04/27 11:56:44 | 000,019,496 | ---- | M] () [Kernel | System | Running] -- I:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010/02/12 17:42:42 | 000,844,064 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- I:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/09/17 05:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- I:\Windows\System32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- I:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,bProtectorDefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" =
http://www.goonsearc...q={searchTerms}IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.talktalk.co.uk/IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {4642AD93-C30A-4FEF-833B-F7431F3C954D}
IE - HKCU\..\SearchScopes,DefaultScope = {37C74BF5-79CE-454D-A1CD-B2BF21CBB710}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKCU\..\SearchScopes\{37C74BF5-79CE-454D-A1CD-B2BF21CBB710}: "URL" =
http://www.talktalk....y={searchTerms}IE - HKCU\..\SearchScopes\{4642AD93-C30A-4FEF-833B-F7431F3C954D}: "URL" =
http://www.google.co...utputEncoding?}IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: I:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: I:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: I:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: I:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: I:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: i:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: I:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: I:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: I:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: I:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
[2012/04/13 10:52:15 | 000,000,000 | ---D | M] (No name found) -- I:\Users\Robert\AppData\Roaming\Mozilla\Extensions
[2011/10/18 19:23:35 | 000,000,000 | ---D | M] (No name found) -- I:\Users\Robert\AppData\Roaming\Mozilla\Extensions\
[email protected][2011/09/08 00:02:24 | 000,000,000 | ---D | M] (No name found) -- I:\Users\Robert\AppData\Roaming\Mozilla\Extensions\
[email protected][2012/04/13 10:52:17 | 000,000,000 | ---D | M] ("English (GB) Language Pack") -- I:\USERS\ROBERT\APPDATA\ROAMING\POSTBOX\PROFILES\BKXVXGIV.DEFAULT\EXTENSIONS\
[email protected] ========== Chrome ========== CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url =
http://dts.search-re...q={searchTerms}CHR - default_search_provider: suggest_url = ,
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = I:\Program Files\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = I:\Program Files\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = I:\Program Files\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = I:\Users\Robert\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Chrome SVD extension (Enabled) = I:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.0.4_0\lib/npdownloaderchrome.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = I:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = I:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = I:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U4 (Enabled) = I:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = I:\Windows\system32\npDeployJava1.dll
CHR - plugin: VLC Web Plugin (Enabled) = I:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Activation Technologies (Enabled) = I:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = i:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = I:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = I:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SpeedBit Video Downloader = I:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.0.4_0\
CHR - Extension: avast! WebRep = I:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: SpeedBit Search Predict = I:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledcpigomgblcmofccnacobhmcdkpiea\2.0.2_0\
CHR - Extension: Gmail = I:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - I:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - I:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - I:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (jZip Webmail plugin) - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - I:\Program Files\jZip\WebmailPlugin.dll (Discordia Limited)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - I:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (SBCONVERT Class) - {92A9ACF4-9333-43AE-9698-DB283326F87F} - I:\Program Files\SpeedBit Video Downloader\TBUB9\tbcore3.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - I:\Program Files\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - No CLSID value found.
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - I:\Program Files\SpeedBit Video Downloader\TBUB9\Grabber.dll (SpeedBit)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - I:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - I:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - I:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [avast] I:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] I:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - Startup: I:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TalkTalk Setup CD Reporting Tool.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: computeractive.co.uk ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: secunia.com ([]https in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9547F408-0CEE-42E5-87F0-D38FB133271B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9547F408-0CEE-42E5-87F0-D38FB133271B}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2674B42-430A-4A43-B95D-B6A5F751A3A8}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - I:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (protector.dll) - I:\Windows\System32\protector.dll ()
O20 - AppInit_DLLs: (i:\windows\system32\guard32.dll) - I:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (I:\Windows\system32\userinit.exe) - I:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - I:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/01 21:26:54 | 000,000,000 | ---D | M] - G:\Auto data -- [ NTFS ]
O32 - AutoRun File - [2011/08/23 09:48:18 | 000,000,000 | ---- | M] () - G:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - I:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SmartDefragBootTime.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2012/05/22 13:35:04 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{E5C908D0-58B8-4B26-9241-F8232E155C19}
[2012/05/22 13:34:54 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{D24946D8-B776-4142-AA20-F8200C457487}
[2012/05/22 10:38:54 | 000,595,968 | ---- | C] (OldTimer Tools) -- I:\Users\Robert\Desktop\OTL.scr
[2012/05/21 23:56:31 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{38275344-EB51-48B9-95F1-4308EF29BB04}
[2012/05/21 23:56:20 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{FE1C66B0-537B-412C-8BE7-F494A4A08976}
[2012/05/21 21:01:02 | 000,000,000 | ---D | C] -- I:\New Folder
[2012/05/21 14:56:29 | 000,000,000 | ---D | C] -- I:\Users\Robert\Documents\Pending doc's
[2012/05/21 10:08:59 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{21CEE890-05BA-4B28-A3F3-1855B421E727}
[2012/05/21 10:08:44 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{1F775DC4-4458-4041-A759-640A6B80D1F1}
[2012/05/20 13:02:03 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{EB4D1158-B26E-48CC-90DE-828CF111CF29}
[2012/05/20 13:01:50 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{5A5C3ED6-6811-4833-8649-00C3AF61FE07}
[2012/05/20 00:27:17 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{26D8EF3C-E91A-4590-9758-D8194924688C}
[2012/05/20 00:27:08 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{056C4185-5B2F-4DDE-83E9-019907FA476F}
[2012/05/19 11:20:08 | 000,000,000 | ---D | C] -- I:\Users\Robert\Documents\New folder
[2012/05/19 10:07:34 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{1A08FC77-CAB6-4FFB-B7C0-37F18F35A6DD}
[2012/05/19 10:07:23 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{45858EB9-E2FC-4FE2-8E22-090B3E239319}
[2012/05/18 19:00:35 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{DD9E6883-5AAE-4AEF-89FE-9AFE1D0CF170}
[2012/05/18 19:00:25 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{BF216367-8236-43C9-8823-C4D308A7BA4A}
[2012/05/18 10:21:05 | 000,000,000 | ---D | C] -- I:\Program Files\Oracle
[2012/05/17 22:04:06 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{C74C6EA7-ACBE-42FB-AD67-BDCBC4635026}
[2012/05/17 22:03:53 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{BAE8DDF3-9AE8-4805-B8FC-B321826B217D}
[2012/05/17 09:33:57 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{EC5E8C17-ECD5-4750-B0FA-8AD31F9C4F50}
[2012/05/17 09:33:46 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{1F58AEE5-5762-4073-ABA6-54981F20F3DF}
[2012/05/16 21:32:04 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{57C512A9-4DE4-4016-A140-07FEAD47C5CC}
[2012/05/16 21:31:51 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{BE47556B-9CEF-4934-B55B-109F6ECBD338}
[2012/05/16 09:31:26 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{C1DA2010-EDCC-47E9-8B99-9699670C57BA}
[2012/05/16 09:31:15 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{F553B805-66BE-49A4-9531-6F2C22F5BEF3}
[2012/05/15 15:35:54 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{D23375AA-6A1F-4A2D-A805-B40242622186}
[2012/05/15 15:35:43 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{44BCA1B4-F475-4DDF-BC85-F8C0780DB300}
[2012/05/14 23:29:47 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{39589F5D-3CFF-44DC-BF4D-7341D013FE25}
[2012/05/14 23:29:36 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{3528144E-6485-471B-ADB4-CE7F457664DB}
[2012/05/13 22:10:52 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{0A1736D3-DCA4-4E0F-8FE1-01818310A281}
[2012/05/13 22:10:41 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{E085C2F1-BE1A-46C3-9AA5-91B9BF46E2C1}
[2012/05/13 20:48:57 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Movie Player
[2012/05/13 19:16:20 | 000,000,000 | ---D | C] -- I:\ProgramData\McAfee
[2012/05/13 09:44:11 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{BE5CEADB-7B17-433D-91F6-5347770A7F93}
[2012/05/13 09:44:00 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{AF25ABB4-CE77-4DB1-AA7F-F204ED52CE62}
[2012/05/12 15:32:31 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{432F4755-EECB-4219-8823-DDF6BC8D8CDE}
[2012/05/12 15:32:20 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{23F15876-D66A-46C7-99B2-75E7BC02D35D}
[2012/05/11 14:45:34 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{0DC05435-EE9E-47BE-8B23-71E94463106C}
[2012/05/11 14:45:23 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{C46BF6FF-CF8C-406F-A189-C57F6BD4AE9E}
[2012/05/10 23:06:44 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012/05/10 22:20:04 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{08F21B2A-A40E-4401-BE52-274EDFE59BF2}
[2012/05/10 22:19:53 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{80A5165C-D6A3-4E26-B04F-6E75C1AC0749}
[2012/05/10 10:56:38 | 000,000,000 | ---D | C] -- I:\Users\Public\Documents\COMODO
[2012/05/10 10:37:08 | 000,000,000 | ---D | C] -- I:\ProgramData\CPA_VA
[2012/05/10 10:12:08 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\Comodo
[2012/05/09 22:07:43 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{59D72107-E3C0-4103-9FAB-4A2638854E8B}
[2012/05/09 22:07:32 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{E5CF08F2-0408-4C57-802A-D53FA73AC351}
[2012/05/09 10:07:06 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{43C055A4-0085-4C46-A5EB-FE63505D89D8}
[2012/05/09 10:06:55 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{D5846A2F-BB12-4C72-8AD2-50B1B5649E32}
[2012/05/09 00:58:48 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{05753801-FB5C-4D13-9624-46268623FE29}
[2012/05/08 10:09:06 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{9F09D7E0-24DB-4621-A570-9899C28A09EE}
[2012/05/08 10:08:51 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{0E5D1C94-02D8-40BE-83C4-9A003AC00278}
[2012/05/08 00:50:38 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Roaming\Google
[2012/05/08 00:47:13 | 000,000,000 | ---D | C] -- I:\ProgramData\Google
[2012/05/07 00:04:33 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{BDEDCA5A-F9D0-443D-8568-4DFDE2645778}
[2012/05/07 00:04:22 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{718B7F89-66CF-47B3-84B8-DBA7E6A1F0E3}
[2012/05/06 11:06:24 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{9DA2CC67-1DD7-4D43-ABA4-826AAB6D5BBF}
[2012/05/06 11:06:14 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{CC0147E1-7A51-40AD-B7F1-11B4E44511F4}
[2012/05/05 11:30:38 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{3D2C6EDC-C377-43FD-AF80-B9673EA5BD1A}
[2012/05/05 11:30:28 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{72C32E02-2F63-40AC-850C-219CE5A0D149}
[2012/05/04 09:44:10 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{FCE20D5E-CD1B-4ED9-8A44-2B03DEC46EA5}
[2012/05/04 09:43:59 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{A2B7B9C0-0042-4A5E-BEB2-7C36251BBFA7}
[2012/05/03 16:24:07 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{C68D1D2F-D064-4F5E-871E-A854BA55A127}
[2012/05/03 16:23:57 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{798C8A85-E4C8-4D05-A801-424A168921F4}
[2012/05/03 10:13:53 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinpkFilter
[2012/05/02 22:27:29 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{87844FE5-4006-4E5C-B138-D6E086A6F349}
[2012/05/02 22:27:18 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{312D78EF-4526-450D-A519-C401DE5BC6A3}
[2012/05/02 10:26:47 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{285FC9EC-2624-4308-8A86-B6CE224A97A6}
[2012/05/02 10:26:36 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{CA9D2999-6C31-42C3-92E6-F497B58FD7D2}
[2012/05/01 11:42:29 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{F7F3AE42-D526-43E0-B882-9CCF6786FDB6}
[2012/05/01 11:42:14 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{ED07AACC-E135-4898-B7D0-03A9A22F1B45}
[2012/04/30 08:53:25 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{B4F8AAC1-8326-4131-A921-E42BB141CB7E}
[2012/04/30 08:53:15 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{5D700B43-9A1E-4EBA-9BE8-0B9794077C4D}
[2012/04/29 15:35:45 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{2E852820-AD04-49E3-952C-A26A61665B56}
[2012/04/29 15:35:34 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{0EBE2B19-BD4A-4E75-B933-BD1E2B69EE33}
[2012/04/27 08:58:52 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{320B7FAF-A9B0-4BEF-A176-04F1B5B6545F}
[2012/04/27 08:58:41 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{F1C73DEF-06B5-41F6-BC10-8CDFA1C46F71}
[2012/04/26 15:19:36 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit
[2012/04/26 14:04:11 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{39D65FDB-35A7-4B0D-8A9A-6DF101022BB0}
[2012/04/26 14:04:01 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{73DDC856-DFAD-4843-A9BB-68C49FAE483A}
[2012/04/25 13:44:46 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{6C388EFD-7860-4E3A-A884-FCCB6EADEC33}
[2012/04/25 13:44:36 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{BF3AA28B-FB6E-46B3-A3FF-5B01B9B7D94B}
[2012/04/24 21:58:36 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{366E122D-FAAF-431C-BEB6-7F305D209DD4}
[2012/04/24 21:58:25 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{7059DAAD-C32A-4976-941A-5E4789FC9F65}
[2012/04/24 09:29:05 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{8C3A8027-30BC-4801-B2AD-FD72673AFFF4}
[2012/04/24 09:28:55 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{948038DB-259A-4E4F-B0DE-23BE8711AF43}
[2012/04/23 12:03:57 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{AB215320-57B6-4378-B4CC-6E2816B4543A}
[2012/04/23 12:03:46 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{A7C1626B-392D-4266-903D-FCCDD348EC19}
[2012/04/22 23:25:55 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{C6C9A368-3B2E-4F67-A03D-A7D3A512460C}
[2012/04/22 23:25:44 | 000,000,000 | ---D | C] -- I:\Users\Robert\AppData\Local\{4A40CC98-3662-459E-9008-61A74DF24E46}
[2011/12/30 01:12:35 | 000,086,016 | ---- | C] (3 Techies in a Box) -- I:\Program Files\txtclean.exe
========== Files - Modified Within 30 Days ========== [2012/05/22 13:30:00 | 000,000,830 | ---- | M] () -- I:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/22 13:03:00 | 000,000,886 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/22 10:47:05 | 000,302,592 | ---- | M] () -- I:\d8eno89y.exe
[2012/05/22 10:38:56 | 000,595,968 | ---- | M] (OldTimer Tools) -- I:\Users\Robert\Desktop\OTL.scr
[2012/05/22 10:07:36 | 000,031,104 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/22 10:07:36 | 000,031,104 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/22 10:04:50 | 000,628,024 | ---- | M] () -- I:\Windows\System32\perfh009.dat
[2012/05/22 10:04:50 | 000,110,208 | ---- | M] () -- I:\Windows\System32\perfc009.dat
[2012/05/22 10:00:25 | 000,000,882 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/22 10:00:25 | 000,000,296 | ---- | M] () -- I:\Windows\tasks\RtlDashSrvStart.job
[2012/05/22 10:00:06 | 000,067,584 | --S- | M] () -- I:\Windows\bootstat.dat
[2012/05/22 10:00:01 | 2811,879,424 | -HS- | M] () -- I:\hiberfil.sys
[2012/05/20 00:20:46 | 000,007,620 | ---- | M] () -- I:\Users\Robert\AppData\Local\resmon.resmoncfg
[2012/05/19 15:56:53 | 000,000,000 | ---- | M] () -- I:\Users\Robert\winpkflt_rtl
[2012/05/19 15:55:04 | 000,000,000 | ---- | M] () -- I:\Users\Robert\userinit.exe
[2012/05/14 17:57:34 | 000,009,662 | ---- | M] () -- I:\Windows\EPISME00.SWB
[2012/05/10 23:07:15 | 000,000,414 | ---- | M] () -- I:\Windows\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2012/05/10 19:44:40 | 000,001,421 | ---- | M] () -- I:\Users\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/10 10:53:58 | 000,001,236 | ---- | M] () -- I:\Users\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk
[2012/05/10 09:27:49 | 000,440,872 | ---- | M] () -- I:\Windows\System32\FNTCACHE.DAT
[2012/05/03 10:16:21 | 000,001,105 | ---- | M] () -- I:\Users\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/05/01 17:20:21 | 000,724,711 | ---- | M] () -- I:\Users\Robert\Documents\Reply from D f T.pdf
[2012/04/30 16:32:30 | 000,026,776 | ---- | M] () -- I:\Users\Robert\Documents\Australian letter to parliament.odt
[2012/04/30 09:10:34 | 000,019,862 | ---- | M] () -- I:\Users\Robert\Documents\Irish interpretation, AND_Oh, Audi partner-ph.eml
[2012/04/26 15:19:36 | 000,001,047 | ---- | M] () -- I:\Users\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk
========== Files Created - No Company Name ========== [2012/05/22 13:41:58 | 000,302,592 | ---- | C] () -- I:\d8eno89y.exe
[2012/05/19 15:56:53 | 000,000,000 | ---- | C] () -- I:\Users\Robert\winpkflt_rtl
[2012/05/19 15:54:14 | 000,000,000 | ---- | C] () -- I:\Users\Robert\userinit.exe
[2012/05/17 09:57:11 | 000,000,830 | ---- | C] () -- I:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/10 10:54:01 | 000,000,414 | ---- | C] () -- I:\Windows\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2012/05/10 10:53:58 | 000,001,236 | ---- | C] () -- I:\Users\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk
[2012/05/08 11:46:44 | 000,001,427 | ---- | C] () -- I:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/05/08 11:46:44 | 000,001,421 | ---- | C] () -- I:\Users\Robert\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/01 17:53:19 | 000,724,711 | ---- | C] () -- I:\Users\Robert\Documents\Reply from D f T.pdf
[2012/04/30 16:32:28 | 000,026,776 | ---- | C] () -- I:\Users\Robert\Documents\Australian letter to parliament.odt
[2012/04/30 09:10:33 | 000,019,862 | ---- | C] () -- I:\Users\Robert\Documents\Irish interpretation, AND_Oh, Audi partner-ph.eml
[2012/04/19 15:07:19 | 000,007,620 | ---- | C] () -- I:\Users\Robert\AppData\Local\resmon.resmoncfg
[2012/01/28 18:13:28 | 000,084,444 | ---- | C] () -- I:\Windows\UNINST.EXE
[2012/01/28 18:13:28 | 000,001,198 | ---- | C] () -- I:\Windows\Onflash.ini
[2012/01/27 18:39:44 | 000,176,128 | ---- | C] () -- I:\Windows\Dit.DLL
[2012/01/27 18:39:44 | 000,000,236 | ---- | C] () -- I:\Windows\Dit.INI
[2012/01/27 18:39:43 | 000,081,920 | ---- | C] () -- I:\Windows\Dit.exe
[2012/01/27 18:39:39 | 000,061,440 | ---- | C] () -- I:\Windows\DitExp.exe
[2012/01/11 10:53:58 | 000,015,672 | ---- | C] () -- I:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/12/30 18:43:16 | 000,000,193 | ---- | C] () -- I:\Windows\System32\account.dat
[2011/12/22 20:23:07 | 000,748,544 | ---- | C] () -- I:\Windows\System32\protector.dll
[2011/11/16 14:39:38 | 000,129,024 | ---- | C] () -- I:\Windows\System32\AVERM.dll
[2011/11/16 14:39:38 | 000,028,672 | ---- | C] () -- I:\Windows\System32\AVEQT.dll
[2011/10/10 19:20:51 | 000,000,025 | ---- | C] () -- I:\Windows\CDE DX4800EFGIPSD.ini
[2011/10/10 09:53:23 | 000,089,430 | ---- | C] () -- I:\Windows\System32\EPPICPrinterDB.dat
[2011/10/10 09:53:23 | 000,026,154 | ---- | C] () -- I:\Windows\System32\EPPICPattern1.dat
[2011/10/10 09:53:23 | 000,024,903 | ---- | C] () -- I:\Windows\System32\EPPICPattern3.dat
[2011/10/10 09:53:23 | 000,021,390 | ---- | C] () -- I:\Windows\System32\EPPICPattern5.dat
[2011/10/10 09:53:23 | 000,020,148 | ---- | C] () -- I:\Windows\System32\EPPICPattern2.dat
[2011/10/10 09:53:23 | 000,011,811 | ---- | C] () -- I:\Windows\System32\EPPICPattern4.dat
[2011/10/10 09:53:23 | 000,004,943 | ---- | C] () -- I:\Windows\System32\EPPICPattern6.dat
[2011/10/10 09:53:23 | 000,001,146 | ---- | C] () -- I:\Windows\System32\EPPICPresetData_DU.dat
[2011/10/10 09:53:23 | 000,001,139 | ---- | C] () -- I:\Windows\System32\EPPICPresetData_PT.dat
[2011/10/10 09:53:23 | 000,001,139 | ---- | C] () -- I:\Windows\System32\EPPICPresetData_BP.dat
[2011/10/10 09:53:23 | 000,001,136 | ---- | C] () -- I:\Windows\System32\EPPICPresetData_ES.dat
[2011/10/10 09:53:23 | 000,001,129 | ---- | C] () -- I:\Windows\System32\EPPICPresetData_FR.dat
[2011/10/10 09:53:23 | 000,001,129 | ---- | C] () -- I:\Windows\System32\EPPICPresetData_CF.dat
[2011/10/10 09:53:23 | 000,001,120 | ---- | C] () -- I:\Windows\System32\EPPICPresetData_IT.dat
[2011/10/10 09:53:23 | 000,001,107 | ---- | C] () -- I:\Windows\System32\EPPICPresetData_GE.dat
[2011/10/10 09:53:23 | 000,001,104 | ---- | C] () -- I:\Windows\System32\EPPICPresetData_EN.dat
[2011/10/10 09:53:23 | 000,000,099 | ---- | C] () -- I:\Windows\System32\PICSDK.ini
[2011/10/05 16:26:55 | 000,001,324 | ---- | C] () -- I:\Windows\System32\.ini
[2011/10/04 11:16:25 | 001,294,449 | ---- | C] () -- I:\Windows\System32\drivers\sfi.dat
[2011/10/01 20:34:36 | 000,021,412 | ---- | C] () -- I:\Windows\System32\emptyregdb.dat
[2011/09/30 14:53:11 | 000,080,416 | ---- | C] () -- I:\Windows\System32\RtNicProp32.dll
[2011/09/29 19:56:24 | 000,024,944 | ---- | C] () -- I:\Windows\System32\drivers\GVTDrv.sys
[2011/09/29 17:33:01 | 000,208,896 | ---- | C] () -- I:\Windows\System32\CommCmd.dll
[2011/09/29 17:28:44 | 000,031,272 | ---- | C] () -- I:\Windows\System32\AppleChargerSrv.exe
[2011/09/29 17:28:44 | 000,019,496 | ---- | C] () -- I:\Windows\System32\drivers\AppleCharger.sys
[2011/09/29 17:23:36 | 000,000,010 | ---- | C] () -- I:\Windows\GSetup.ini
[2011/09/24 02:05:08 | 000,012,800 | ---- | C] () -- I:\Windows\System32\drivers\anodlwf.sys
[2011/09/24 02:05:03 | 000,013,931 | ---- | C] () -- I:\Windows\System32\RaCoInst.dat
[2011/09/10 17:16:56 | 000,000,090 | ---- | C] () -- I:\Windows\System32\ftm31.dat
[2011/09/10 14:55:12 | 000,253,008 | ---- | C] () -- I:\Windows\adirasx64.exe
[2011/09/10 14:55:10 | 000,152,126 | ---- | C] () -- I:\Windows\System32\drivers\L1E9P2.BIN
[2011/09/10 14:55:10 | 000,024,576 | ---- | C] () -- I:\Windows\enddisk32.exe
[2011/09/10 14:55:09 | 000,152,308 | ---- | C] () -- I:\Windows\System32\drivers\L1E4I2.BIN
[2011/09/10 14:55:09 | 000,152,306 | ---- | C] () -- I:\Windows\System32\drivers\L1E4I1.BIN
[2011/09/10 14:55:09 | 000,152,306 | ---- | C] () -- I:\Windows\System32\drivers\L1E4I0.BIN
[2011/09/10 14:55:09 | 000,152,126 | ---- | C] () -- I:\Windows\System32\drivers\L1E9P1.BIN
[2011/09/10 14:55:09 | 000,152,126 | ---- | C] () -- I:\Windows\System32\drivers\L1E9P0.BIN
[2011/09/10 14:55:09 | 000,152,126 | ---- | C] () -- I:\Windows\System32\drivers\L1E9I2.BIN
[2011/09/10 14:55:09 | 000,152,126 | ---- | C] () -- I:\Windows\System32\drivers\L1E9I1.BIN
[2011/09/10 14:55:09 | 000,152,126 | ---- | C] () -- I:\Windows\System32\drivers\L1E9I0.BIN
[2011/09/10 14:55:08 | 000,152,146 | ---- | C] () -- I:\Windows\System32\drivers\L1E4P2.BIN
[2011/09/10 14:55:08 | 000,152,145 | ---- | C] () -- I:\Windows\System32\drivers\L1E4P1.BIN
[2011/09/10 14:55:08 | 000,152,145 | ---- | C] () -- I:\Windows\System32\drivers\L1E4P0.BIN
[2011/09/10 14:55:08 | 000,152,036 | ---- | C] () -- I:\Windows\System32\drivers\L1E4D2.BIN
[2011/09/10 14:55:08 | 000,152,034 | ---- | C] () -- I:\Windows\System32\drivers\L1E4D1.BIN
[2011/09/10 14:55:08 | 000,152,034 | ---- | C] () -- I:\Windows\System32\drivers\L1E4D0.BIN
[2011/09/08 13:36:08 | 000,000,014 | ---- | C] () -- I:\Windows\adiras.ini
[2011/08/11 08:00:08 | 000,100,728 | ---- | C] () -- I:\Windows\System32\rsslink.dll
[2010/11/20 22:29:26 | 000,066,048 | ---- | C] () -- I:\Windows\System32\PrintBrmUi.exe
========== LOP Check ========== [2012/04/13 10:52:09 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\10-strike
[2012/04/13 10:52:09 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\AMS Software
[2012/04/13 10:52:09 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Ashampoo
[2012/04/13 10:52:09 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Auslogics
[2012/04/13 10:52:09 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\CBS Interactive
[2012/04/13 10:52:09 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\EPSON
[2011/11/06 19:02:58 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Firetrust
[2012/04/13 10:52:10 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Foxit
[2012/04/13 10:52:10 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Foxit Software
[2012/04/13 10:52:10 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Foxmail
[2012/04/13 10:52:10 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\FreeFixer
[2011/10/05 02:01:11 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\GrabPro
[2012/04/13 10:52:10 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\gtk-2.0
[2011/10/23 11:39:17 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\ieSpell
[2012/04/13 10:52:10 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\IObit
[2012/04/13 10:52:10 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\KeePass
[2012/04/13 10:52:10 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\LibreOffice
[2012/04/13 10:52:12 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\MailWasherFree
[2012/04/13 10:52:12 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\MailWasherPro
[2012/04/13 10:52:15 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\OpenCandy
[2012/04/13 10:52:15 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Opera
[2012/04/30 18:46:48 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Orbit
[2012/04/13 10:52:17 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Pegasus Mail
[2011/12/23 00:25:13 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\PerformerSoft
[2012/04/13 10:52:17 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Postbox
[2012/04/13 10:52:17 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\ProgSense
[2012/04/13 10:52:17 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\QFX Software
[2012/04/13 10:52:18 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\TalkTalk
[2011/12/05 19:09:23 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\temp
[2012/04/13 10:52:18 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Thunderbird
[2012/04/13 10:52:19 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\tinySpell
[2012/04/13 10:52:19 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\TomTom
[2012/04/14 17:15:25 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\uTorrent
[2012/04/13 10:52:19 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\VSO
[2012/04/13 10:52:20 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Windows Live Writer
[2012/04/13 10:52:20 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\WinPatrol
[2012/04/13 10:52:20 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Xilisoft Corporation
[2012/04/13 10:52:20 | 000,000,000 | ---D | M] -- I:\Users\Robert\AppData\Roaming\Zoner
[2012/05/22 10:00:25 | 000,000,296 | ---- | M] () -- I:\Windows\Tasks\RtlDashSrvStart.job
[2009/07/14 05:53:46 | 000,030,896 | ---- | M] () -- I:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 778 bytes -> I:\Users\Robert\Documents\Irish interpretation, AND_Oh, Audi partner-ph.eml:OECustomProperty
@Alternate Data Stream - 734 bytes -> I:\Users\Robert\Documents\Has Europe ever had a will for war_.eml:OECustomProperty
< End of report >