OTL logfile created on: 24/11/2010 3:36:01 PM - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = F:\jb\ol 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: d/M/yyyy 4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free 8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195.21 Gb Total Space | 10.08 Gb Free Space | 5.16% Space Free | Partition Type: NTFS Drive D: | 175.78 Gb Total Space | 38.73 Gb Free Space | 22.03% Space Free | Partition Type: NTFS Drive E: | 5.56 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Drive F: | 1.86 Gb Total Space | 1.83 Gb Free Space | 98.18% Space Free | Partition Type: FAT Drive Q: | 490.00 Mb Total Space | 425.77 Mb Free Space | 86.89% Space Free | Partition Type: NTFS Drive X: | 100.00 Mb Total Space | 37.83 Mb Free Space | 37.83% Space Free | Partition Type: NTFS Computer Name: JOHN-64PC | User Name: John | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010/11/24 15:23:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\jb\ol\OTL.exe PRC - [2010/10/20 13:39:12 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.2.183.39\GoogleCrashHandler.exe PRC - [2010/09/17 13:47:58 | 000,087,336 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe PRC - [2010/08/23 12:07:02 | 002,324,848 | ---- | M] (GFI Software Ltd.) -- C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe PRC - [2010/08/23 12:07:01 | 002,195,824 | ---- | M] (GFI Software Ltd.) -- C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIAgent.exe PRC - [2010/08/02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010/08/02 16:09:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/08/02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010/07/22 20:58:31 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe PRC - [2010/07/22 20:58:20 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010/07/20 11:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe PRC - [2010/05/14 10:32:30 | 001,479,680 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe PRC - [2010/03/26 16:48:20 | 002,708,312 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit SmartDefrag\IObit SmartDefrag.exe PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2009/10/22 11:01:06 | 000,440,616 | ---- | M] (GFI Software Ltd.) -- C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe PRC - [2009/06/30 21:24:56 | 000,764,256 | ---- | M] (Microsoft Corporation ) -- C:\Windows\vVX6000.exe PRC - [2008/08/28 19:34:14 | 013,145,448 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010/11/24 15:23:42 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\jb\ol\OTL.exe MOD - [2010/08/21 13:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB) SRV:[b]64bit:[/b] - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:[b]64bit:[/b] - [2010/09/18 10:44:40 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2010/08/13 08:43:52 | 002,358,328 | ---- | M] (BitDefender S.R.L.) [Disabled | Stopped] -- C:\Program Files\BitDefender\BitDefender 2011 - Beta\vsserv.exe -- (VSSERV) SRV:[b]64bit:[/b] - [2010/06/30 01:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE) SRV:[b]64bit:[/b] - [2010/04/17 18:56:30 | 000,094,440 | ---- | M] (tzuk) [Disabled | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV:[b]64bit:[/b] - [2009/07/24 15:04:54 | 000,199,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV:[b]64bit:[/b] - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009/03/19 10:31:52 | 000,083,240 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost) SRV:[b]64bit:[/b] - [2009/02/05 16:17:04 | 000,254,760 | ---- | M] (Mentor Graphics Corporation) [Auto | Running] -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe -- (Remote Solver for Flow Simulation 2009) SRV - [2010/11/08 20:23:55 | 002,109,440 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe -- (CwAltaService20) SRV - [2010/10/09 14:32:28 | 000,411,432 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010/09/23 10:05:54 | 002,950,744 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_062a651.dll -- (Akamai) SRV - [2010/09/17 13:47:58 | 000,087,336 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService) SRV - [2010/09/04 00:54:40 | 000,202,048 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper) SRV - [2010/08/23 12:07:02 | 002,324,848 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe -- (GFIBckHSched) SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/08/02 16:10:00 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/08/02 16:09:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/07/22 20:58:31 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB) SRV - [2010/07/22 20:58:20 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/06/14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/02/18 10:53:10 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/02/06 20:59:09 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service) SRV - [2009/10/22 11:01:06 | 000,440,616 | ---- | M] (GFI Software Ltd.) [Auto | Running] -- C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe -- (GFIBckHAtt) SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64modem.sys -- (USBModem) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64diag.sys -- (UsbDiag) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64bus.sys -- (usbbus) DRV:[b]64bit:[/b] - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys -- (SABKUTIL) DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CESG502.sys -- (PVUSB) DRV:[b]64bit:[/b] - File not found [File_System | Boot | Stopped] -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys -- (bdfsfltr) DRV:[b]64bit:[/b] - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2010/08/02 16:10:08 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:[b]64bit:[/b] - [2010/08/02 16:10:08 | 000,081,584 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2010/06/23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2010/04/17 18:56:26 | 000,134,760 | ---- | M] (tzuk) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV:[b]64bit:[/b] - [2010/02/26 14:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2010/02/26 14:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2010/02/26 14:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64) DRV:[b]64bit:[/b] - [2010/02/26 14:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64) DRV:[b]64bit:[/b] - [2010/02/18 02:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV:[b]64bit:[/b] - [2010/02/18 02:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV:[b]64bit:[/b] - [2010/01/20 16:53:04 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:[b]64bit:[/b] - [2010/01/20 16:53:04 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:[b]64bit:[/b] - [2009/12/04 07:36:08 | 000,037,392 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3) DRV:[b]64bit:[/b] - [2009/12/02 12:20:56 | 000,137,608 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EuDisk.sys -- (EuDisk) DRV:[b]64bit:[/b] - [2009/07/14 09:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009/07/14 09:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 09:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/14 08:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:[b]64bit:[/b] - [2009/07/14 08:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009/07/14 08:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2009/06/30 21:24:56 | 002,143,600 | ---- | M] (Microsoft Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VX6000Xp.sys -- (VX6000) DRV:[b]64bit:[/b] - [2009/06/11 04:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2008/08/28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2005/03/29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2010/11/24 14:04:25 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\sggmngjr.sys -- (vmxjv) DRV - [2010/02/17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM) DRV - [2010/01/20 16:53:06 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2010/01/20 16:53:04 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009/12/02 12:21:00 | 000,026,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eufs.sys -- (EUFS) DRV - [2009/12/02 12:20:58 | 000,017,800 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\eudskacs.sys -- (EUDSKACS) DRV - [2009/12/02 12:20:56 | 000,030,600 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\sysWow64\drivers\eubakup.sys -- (EUBAKUP) DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen) DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) DRV - [2002/06/12 22:50:00 | 000,040,672 | ---- | M] (Hitachi Semiconductor and Devices Sales Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\CESG502.sys -- (PVUSB) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com.au/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C 93 0E DD 3B B4 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: en-AU@dictionaries.addons.mozilla.org:2.1.1 FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: multipletab@piro.sakura.ne.jp:0.5.2010070301 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/03/06 09:30:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/08/11 19:01:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/11/02 19:44:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/28 22:50:24 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/03 12:40:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/11/02 19:44:33 | 000,000,000 | ---D | M] [2010/02/06 20:59:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla\Extensions [2010/11/24 14:58:16 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aq13g1j5.default\extensions [2010/02/25 17:06:34 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aq13g1j5.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12} [2010/08/04 09:07:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aq13g1j5.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010/08/02 20:15:28 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aq13g1j5.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010/02/19 10:30:15 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aq13g1j5.default\extensions\en-AU@dictionaries.addons.mozilla.org [2010/09/18 23:11:46 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aq13g1j5.default\extensions\multipletab@piro.sakura.ne.jp [2010/09/18 23:11:46 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aq13g1j5.default\extensions\staged-xpis [2010/11/13 10:34:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/03/27 23:25:15 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010/06/17 20:26:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/06/17 20:26:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2009/12/09 04:58:24 | 000,274,432 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npEModelPlugin.dll O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [VX6000] C:\Windows\vVX6000.exe (Microsoft Corporation ) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) O4 - HKCU..\Run: [] File not found O4 - HKCU..\Run: [AdobeBridge] C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe (Adobe Systems, Inc.) O4 - HKCU..\Run: [fsm] File not found O4 - HKCU..\Run: [GFI Backup 2009 - Home Edition] C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIAgent.exe (GFI Software Ltd.) O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\cwalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\cwalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\cwalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\cwalsp.dll File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysNative\cwalsp.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\cwalsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\cwalsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\cwalsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\cwalsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\cwalsp.dll () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/09/18 10:25:22 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2009/04/30 10:57:32 | 000,054,544 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2008/10/22 07:48:37 | 000,000,045 | R--- | M] () - E:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{4c6bc491-afd8-11df-9ed6-00248ce8e9b5}\Shell - "" = AutoRun O33 - MountPoints2\{4c6bc491-afd8-11df-9ed6-00248ce8e9b5}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\{8e482404-1394-11df-83ca-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8e482404-1394-11df-83ca-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2009/04/30 10:57:32 | 000,054,544 | R--- | M] (Electronic Arts) O33 - MountPoints2\{a488969c-233d-11df-925a-00248ce8e9b5}\Shell - "" = AutoRun O33 - MountPoints2\{a488969c-233d-11df-925a-00248ce8e9b5}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/11/13 10:41:23 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\Malwarebytes [2010/11/13 10:40:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010/11/13 10:40:26 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010/11/13 10:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010/11/13 10:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/11/08 20:25:44 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010/11/07 13:48:47 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\motorola [2010/11/07 13:48:41 | 000,000,000 | ---D | C] -- C:\Users\John\Documents\Podcast [2010/11/07 13:48:41 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Motorola [2010/11/06 13:52:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Womble Multimedia [2010/11/06 13:51:49 | 001,381,622 | ---- | C] (Womble Multimedia, Inc. ) -- C:\Users\John\Desktop\womble-vcr-12454033.exe [2010/11/06 13:50:57 | 000,000,000 | ---D | C] -- C:\Temp [2010/11/06 13:50:57 | 000,000,000 | ---D | C] -- C:\Users\John\.thumb [2010/11/06 13:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDStyler [2010/11/06 13:48:33 | 008,632,742 | ---- | C] ( ) -- C:\Users\John\Desktop\DVDStyler-1.8.1-win32.exe [2010/11/03 21:23:07 | 000,000,000 | ---D | C] -- C:\Nothing [2010/11/03 20:23:29 | 000,000,000 | ---D | C] -- C:\ProgramData\motorola [2010/11/03 20:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2010/11/03 20:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2010/11/03 20:20:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola Media Link [2010/11/03 20:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Inc [2010/11/03 20:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared [2010/11/03 20:19:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motorola [2010/11/03 17:10:03 | 000,000,000 | ---D | C] -- C:\Users\John\Documents\Any Video Converter Professional [2010/11/03 17:10:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010/11/03 17:09:38 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\AnvSoft [2010/11/03 17:09:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft [2010/11/03 12:39:51 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\Avira [2010/11/03 12:38:42 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\BitDefender [2010/11/03 10:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender [2010/11/03 10:03:30 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010/11/03 10:03:30 | 000,081,584 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010/11/03 10:03:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010/11/03 10:03:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010/11/02 21:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia [2010/11/02 21:31:37 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\NokiaAccount [2010/11/02 19:44:23 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys [2010/11/02 19:44:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution [2010/11/01 22:19:35 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Topalt [2010/11/01 22:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Topalt [2010/11/01 22:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Outlook Security Manager [2010/11/01 22:18:55 | 000,825,824 | ---- | C] (Topalt.com ) -- C:\Users\John\Desktop\vcie_setup.exe [2010/11/01 22:13:05 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\C2OutlookExport [2010/11/01 22:12:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CodeTwo [2010/11/01 22:11:41 | 003,691,216 | ---- | C] (CodeTwo (R)) -- C:\Users\John\Desktop\OutlookExportSetupEN.exe [2010/11/01 22:11:14 | 006,093,520 | ---- | C] (CodeTwo (R)) -- C:\Users\John\Desktop\OutlookExportSetupENx64.exe [2010/11/01 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\John\Desktop\OutlookExport [2010/11/01 22:08:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechHit.com [2010/11/01 22:08:18 | 000,737,504 | ---- | C] (TechHit) -- C:\Users\John\Desktop\setup_messagesave_mac.eval.exe [2010/11/01 22:00:32 | 000,000,000 | ---D | C] -- C:\Users\John\Documents\contacts [2010/11/01 21:45:03 | 000,000,000 | ---D | C] -- C:\Users\John\Desktop\contacts [2010/11/01 21:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache [2010/10/31 13:43:19 | 000,000,000 | ---D | C] -- C:\Users\John\Documents\Electronic Arts [2010/10/30 18:32:47 | 000,000,000 | ---D | C] -- C:\Users\John\Desktop\2010-10-30 [2010/10/30 17:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2010/10/30 17:37:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2010/10/30 13:29:28 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\BitTorrent [2010/10/30 11:43:07 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Roaming\NVIDIA [2010/10/28 17:41:24 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\Dassault_Systèmes_SolidWo [2010/10/25 20:53:19 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010/10/25 17:53:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/11/24 14:14:18 | 000,013,456 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/11/24 14:14:18 | 000,013,456 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/11/24 14:11:44 | 000,742,438 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010/11/24 14:11:44 | 000,635,170 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010/11/24 14:11:44 | 000,110,550 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010/11/24 14:05:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/11/24 14:05:26 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2010/11/24 14:04:25 | 000,061,440 | ---- | M] () -- C:\Windows\SysWow64\drivers\sggmngjr.sys [2010/11/24 14:04:25 | 000,000,833 | ---- | M] () -- C:\backup.reg [2010/11/13 10:25:45 | 000,755,184 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/11/08 20:23:55 | 001,884,160 | ---- | M] () -- C:\Windows\SysWow64\AltaRecovery.exe [2010/11/08 20:23:55 | 001,013,248 | ---- | M] () -- C:\Windows\SysNative\cwalsp64.dll [2010/11/08 20:23:55 | 000,720,384 | ---- | M] () -- C:\Windows\SysWow64\cwalsp.dll [2010/11/08 20:09:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3711179531-204242306-3643511365-1001UA.job [2010/11/08 19:44:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010/11/08 13:44:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010/11/08 08:09:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3711179531-204242306-3643511365-1001Core.job [2010/11/07 22:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job [2010/11/06 14:15:55 | 000,015,981 | ---- | M] () -- C:\Users\John\Desktop\X-Ray_Scanner_New.jar [2010/11/06 13:52:02 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\MPEG-VCR.lnk [2010/11/06 13:51:52 | 001,381,622 | ---- | M] (Womble Multimedia, Inc. ) -- C:\Users\John\Desktop\womble-vcr-12454033.exe [2010/11/06 13:50:52 | 000,001,035 | ---- | M] () -- C:\Users\John\Desktop\DVDStyler.lnk [2010/11/06 13:48:54 | 008,632,742 | ---- | M] ( ) -- C:\Users\John\Desktop\DVDStyler-1.8.1-win32.exe [2010/11/06 12:37:13 | 008,896,012 | ---- | M] () -- C:\Users\John\Desktop\maps_installer_3.04_10wk32_b03_s60_3.2(2).sis [2010/11/03 20:31:46 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2010/11/03 20:20:29 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\MOTOROLA MEDIA LINK.lnk [2010/11/03 18:07:19 | 000,174,851 | ---- | M] () -- C:\Users\John\Desktop\56362_452545431805_711036805_5903117_3679342_o.jpg [2010/11/03 17:09:46 | 000,001,189 | ---- | M] () -- C:\Users\John\Desktop\Any Video Converter Professional.lnk [2010/11/03 12:40:11 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/11/03 10:03:34 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/11/03 10:02:55 | 053,123,856 | ---- | M] () -- C:\Users\John\Desktop\avira_antivir_personal_en(2).exe [2010/11/02 20:21:44 | 000,057,624 | ---- | M] () -- C:\DC6810xp-001.raw [2010/11/02 19:45:41 | 000,002,063 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk [2010/11/02 19:31:44 | 008,896,012 | ---- | M] () -- C:\Users\John\Desktop\maps_installer_3.04_10wk32_b03_s60_3.2.sis [2010/11/02 17:06:10 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Play BF2 SF Online Now!.lnk [2010/11/02 17:06:10 | 000,002,188 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 2 Special Forces.lnk [2010/11/02 16:41:06 | 000,002,104 | ---- | M] () -- C:\Users\Public\Desktop\Play BF2 Online Now!.lnk [2010/11/02 16:41:06 | 000,002,082 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 2.lnk [2010/11/01 22:48:33 | 000,023,040 | ---- | M] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/01 22:18:58 | 000,825,824 | ---- | M] (Topalt.com ) -- C:\Users\John\Desktop\vcie_setup.exe [2010/11/01 22:11:49 | 003,691,216 | ---- | M] (CodeTwo (R)) -- C:\Users\John\Desktop\OutlookExportSetupEN.exe [2010/11/01 22:11:26 | 006,093,520 | ---- | M] (CodeTwo (R)) -- C:\Users\John\Desktop\OutlookExportSetupENx64.exe [2010/11/01 22:08:21 | 000,737,504 | ---- | M] (TechHit) -- C:\Users\John\Desktop\setup_messagesave_mac.eval.exe [2010/11/01 22:03:15 | 000,038,429 | ---- | M] () -- C:\Users\John\AppData\Roaming\Comma Separated Values (DOS).ADR [2010/11/01 21:57:41 | 000,038,427 | ---- | M] () -- C:\Users\John\AppData\Roaming\Comma Separated Values (Windows).ADR [2010/10/30 17:52:53 | 000,001,131 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk [2010/10/30 17:51:57 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk [2010/10/30 11:33:26 | 000,446,183 | ---- | M] () -- C:\Users\John\Desktop\doodlejump_h21je3vk.jar [2010/10/30 11:29:01 | 036,721,175 | ---- | M] () -- C:\Users\John\Desktop\37 1 Th 5 16.mp3 [2010/10/30 11:25:40 | 044,561,257 | ---- | M] () -- C:\Users\John\Desktop\36 1 Th 5 15.mp3 [2010/10/26 14:22:59 | 000,019,536 | ---- | M] () -- C:\Users\John\Desktop\prog_johnbills.pdf [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/11/24 14:04:25 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\sggmngjr.sys [2010/11/24 14:04:25 | 000,000,833 | ---- | C] () -- C:\backup.reg [2010/11/24 14:04:25 | 000,000,372 | ---- | C] () -- C:\Program Files (x86)\pbdrxnod.txt [2010/11/08 20:24:01 | 001,013,248 | ---- | C] () -- C:\Windows\SysNative\cwalsp64.dll [2010/11/08 20:24:01 | 000,720,384 | ---- | C] () -- C:\Windows\SysWow64\cwalsp.dll [2010/11/08 20:23:59 | 001,884,160 | ---- | C] () -- C:\Windows\SysWow64\AltaRecovery.exe [2010/11/06 14:15:55 | 000,015,981 | ---- | C] () -- C:\Users\John\Desktop\X-Ray_Scanner_New.jar [2010/11/06 13:52:02 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\MPEG-VCR.lnk [2010/11/06 13:50:52 | 000,001,035 | ---- | C] () -- C:\Users\John\Desktop\DVDStyler.lnk [2010/11/06 12:36:59 | 008,896,012 | ---- | C] () -- C:\Users\John\Desktop\maps_installer_3.04_10wk32_b03_s60_3.2(2).sis [2010/11/03 20:26:24 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010/11/03 20:20:29 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\MOTOROLA MEDIA LINK.lnk [2010/11/03 18:07:18 | 000,174,851 | ---- | C] () -- C:\Users\John\Desktop\56362_452545431805_711036805_5903117_3679342_o.jpg [2010/11/03 17:09:46 | 000,001,189 | ---- | C] () -- C:\Users\John\Desktop\Any Video Converter Professional.lnk [2010/11/03 12:40:11 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/11/03 10:03:34 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/11/03 10:00:56 | 053,123,856 | ---- | C] () -- C:\Users\John\Desktop\avira_antivir_personal_en(2).exe [2010/11/02 19:45:41 | 000,002,063 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk [2010/11/02 19:31:29 | 008,896,012 | ---- | C] () -- C:\Users\John\Desktop\maps_installer_3.04_10wk32_b03_s60_3.2.sis [2010/11/02 17:06:10 | 000,002,210 | ---- | C] () -- C:\Users\Public\Desktop\Play BF2 SF Online Now!.lnk [2010/11/02 17:06:10 | 000,002,188 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 2 Special Forces.lnk [2010/11/02 16:41:06 | 000,002,104 | ---- | C] () -- C:\Users\Public\Desktop\Play BF2 Online Now!.lnk [2010/11/02 16:41:06 | 000,002,082 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 2.lnk [2010/11/01 22:03:15 | 000,038,429 | ---- | C] () -- C:\Users\John\AppData\Roaming\Comma Separated Values (DOS).ADR [2010/10/30 17:52:53 | 000,001,131 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk [2010/10/30 17:51:57 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk [2010/10/30 11:33:25 | 000,446,183 | ---- | C] () -- C:\Users\John\Desktop\doodlejump_h21je3vk.jar [2010/10/30 11:25:43 | 036,721,175 | ---- | C] () -- C:\Users\John\Desktop\37 1 Th 5 16.mp3 [2010/10/30 11:21:48 | 044,561,257 | ---- | C] () -- C:\Users\John\Desktop\36 1 Th 5 15.mp3 [2010/10/26 14:22:55 | 000,019,536 | ---- | C] () -- C:\Users\John\Desktop\prog_johnbills.pdf [2010/10/13 21:37:47 | 000,755,184 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/10/12 21:52:28 | 000,975,872 | ---- | C] () -- C:\Windows\SysWow64\libxml2_CW.dll [2010/10/12 21:52:27 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\libexpat.dll [2010/10/12 21:52:22 | 001,073,152 | ---- | C] () -- C:\Windows\SysWow64\wxcode_msw28u_wxcurl_CW.dll [2010/10/12 21:52:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\wxcode_msw28u_wxjson_CW.dll [2010/10/11 19:51:19 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_xrc_vc_CW.dll [2010/10/11 19:51:19 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_media_vc_CW.dll [2010/10/11 19:51:18 | 002,916,352 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_core_vc_CW.dll [2010/10/11 19:51:18 | 000,716,800 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_adv_vc_CW.dll [2010/10/11 19:51:18 | 000,499,712 | ---- | C] () -- C:\Windows\SysWow64\wxmsw28u_html_vc_CW.dll [2010/10/11 19:51:17 | 001,236,992 | ---- | C] () -- C:\Windows\SysWow64\wxbase28u_vc_CW.dll [2010/10/11 19:51:17 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\wxbase28u_xml_vc_CW.dll [2010/10/11 19:51:17 | 000,135,168 | ---- | C] () -- C:\Windows\SysWow64\wxbase28u_net_vc_CW.dll [2010/10/04 19:15:19 | 000,001,141 | ---- | C] () -- C:\Users\John\AppData\Local\TempswxJRNL.swj [2010/05/31 21:43:37 | 000,001,548 | ---- | C] () -- C:\Windows\Sandboxie.ini [2010/05/05 12:38:57 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2010/04/18 23:51:47 | 000,038,427 | ---- | C] () -- C:\Users\John\AppData\Roaming\Comma Separated Values (Windows).ADR [2010/04/18 23:01:40 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll [2010/04/18 23:01:40 | 000,002,412 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini [2010/04/08 21:51:04 | 000,007,596 | ---- | C] () -- C:\Users\John\AppData\Local\Resmon.ResmonCfg [2010/04/08 19:45:51 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2010/04/02 16:05:57 | 000,000,066 | ---- | C] () -- C:\Users\John\AppData\Roaming\isfree5_1.txt [2010/04/01 22:52:56 | 000,055,364 | ---- | C] () -- C:\Users\John\AppData\Roaming\isfree5_0.txt [2010/03/02 22:50:30 | 000,023,040 | ---- | C] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/03/02 22:40:06 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010/03/02 22:40:06 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010/02/19 10:00:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/02/17 17:14:44 | 000,000,777 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010/02/17 17:14:44 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI [2010/02/15 19:12:36 | 000,000,025 | ---- | C] () -- C:\Users\John\AppData\Roaming\bdfvconp.ini [2010/02/07 12:40:51 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll [2010/02/07 12:40:51 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys [2010/02/07 12:40:51 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys [2010/02/06 23:46:07 | 000,000,000 | ---- | C] () -- C:\Users\John\AppData\Local\Temptable.xml [2010/02/06 21:00:59 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI [2009/07/28 03:54:46 | 003,209,216 | ---- | C] () -- C:\Users\John\AppData\Local\mfm2_v201_win.dat [2009/07/14 07:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/14 05:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/26 17:24:18 | 000,015,497 | ---- | C] () -- C:\Windows\VX6KStd.ini [2008/01/15 05:31:00 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx14_ic.ini [2007/12/29 15:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS [2007/08/21 19:46:34 | 000,059,160 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll [2004/11/18 09:16:42 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\nktwab.dll [1997/06/14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [color=#E56717]========== LOP Check ==========[/color] [2010/11/03 17:09:38 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\AnvSoft [2010/09/27 17:52:10 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Audacity [2010/09/18 20:07:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Autodesk [2010/11/03 12:38:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\BitDefender [2010/10/30 13:29:28 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\BitTorrent [2010/11/01 22:13:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\C2OutlookExport [2010/04/08 19:48:07 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Canneverbe Limited [2010/02/20 21:04:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Canon [2010/06/02 19:23:10 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\CircuitWorks [2010/04/13 18:43:36 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DassaultSystemes [2010/05/06 09:56:17 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\EDrawings [2010/05/13 19:48:50 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\EndNote [2010/11/06 14:36:24 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\FileZilla [2010/02/24 11:04:50 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\GetRightToGo [2010/10/24 21:21:03 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\gtk-2.0 [2010/04/05 15:04:01 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HDRsoft [2010/02/07 00:28:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IM [2010/02/07 13:51:39 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\ImgBurn [2010/02/18 10:54:49 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\inkscape [2010/02/07 13:55:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\IObit [2010/04/01 22:54:13 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\iSpring Solutions [2010/02/19 22:54:23 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\KeePass [2010/04/02 16:40:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\KompoZer [2010/04/18 23:40:00 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\LG Electronics [2010/02/07 00:18:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Luxology [2010/11/07 13:48:47 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\motorola [2010/08/28 20:09:17 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\MP3SkypeRecorder [2010/04/18 23:48:31 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\mresreg [2010/11/02 21:36:54 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Nokia [2010/02/25 15:07:34 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Notepad++ [2010/02/25 08:19:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Opera [2010/10/30 11:33:26 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PC Suite [2010/02/18 13:58:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PDF Writer [2010/08/06 18:15:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\QuickScan [2010/06/21 15:12:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\SendBlaster2 [2010/05/31 10:51:41 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\SmartDraw [2010/06/01 17:05:52 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Software Informer [2010/06/01 21:30:42 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\YCanPDF [2010/11/24 14:05:36 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2010/11/07 22:00:00 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:661DFA1C < End of report >