API tools faq
paste
Advertisement
a_guest

Untitled

a_guest
May 15th, 2011
176
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 46.52 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 5/15/2011 11:50:54 AM - Run 1
  2. OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Edward\Desktop
  3. 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.0.8112.16421)
  5. Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
  6.  
  7. 6.00 Gb Total Physical Memory | 5.00 Gb Available Physical Memory | 82.00% Memory free
  8. 12.00 Gb Paging File | 11.00 Gb Available in Paging File | 92.00% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 451.01 Gb Total Space | 346.29 Gb Free Space | 76.78% Space Free | Partition Type: NTFS
  13.  
  14. Computer Name: EDWARD-PC | User Name: Edward | Logged in as Administrator.
  15. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
  16. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  17.  
  18. [color=#E56717]========== Processes (SafeList) ==========[/color]
  19.  
  20. PRC - [2011/05/15 11:48:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.com
  21. PRC - [2011/05/02 15:38:11 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  22.  
  23.  
  24. [color=#E56717]========== Modules (SafeList) ==========[/color]
  25.  
  26. MOD - [2011/05/15 11:48:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.com
  27. MOD - [2010/11/20 04:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
  28.  
  29.  
  30. [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
  31.  
  32. SRV:[b]64bit:[/b] - [2011/03/22 08:36:20 | 002,421,384 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
  33. SRV:[b]64bit:[/b] - [2010/12/17 12:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
  34. SRV:[b]64bit:[/b] - [2010/12/17 12:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
  35. SRV:[b]64bit:[/b] - [2010/12/17 12:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
  36. SRV:[b]64bit:[/b] - [2010/11/29 13:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
  37. SRV:[b]64bit:[/b] - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
  38. SRV:[b]64bit:[/b] - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
  39. SRV:[b]64bit:[/b] - [2010/05/07 18:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
  40. SRV:[b]64bit:[/b] - [2009/11/17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
  41. SRV:[b]64bit:[/b] - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  42. SRV - [2011/04/26 15:45:51 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
  43. SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
  44. SRV - [2011/01/13 11:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
  45. SRV - [2010/12/20 16:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
  46. SRV - [2010/12/20 16:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
  47. SRV - [2010/11/29 19:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
  48. SRV - [2010/11/29 04:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
  49. SRV - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
  50. SRV - [2010/09/03 23:15:22 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
  51. SRV - [2010/09/03 23:14:26 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
  52. SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  53. SRV - [2009/08/23 00:00:00 | 000,042,280 | ---- | M] (Sage) [On_Demand | Stopped] -- C:\Program Files (x86)\winsim\TransactionManager2010 - CDN\Sage_SA.TransactionManager.exe -- (Simply Accounting Transaction Manager 2010 - CDN)
  54. SRV - [2009/08/23 00:00:00 | 000,029,992 | ---- | M] (Sage) [Auto | Stopped] -- C:\Program Files (x86)\winsim\ConnectionManager\SimplyConnectionManager.exe -- (Simply Accounting Database Connection Manager)
  55. SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  56.  
  57.  
  58. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  59.  
  60. DRV:[b]64bit:[/b] - [2011/04/13 15:04:38 | 000,045,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
  61. DRV:[b]64bit:[/b] - [2011/03/30 17:40:51 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
  62. DRV:[b]64bit:[/b] - [2011/03/19 07:11:54 | 000,107,912 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  63. DRV:[b]64bit:[/b] - [2011/03/19 07:11:54 | 000,027,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  64. DRV:[b]64bit:[/b] - [2011/03/19 07:11:23 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
  65. DRV:[b]64bit:[/b] - [2011/01/21 07:36:02 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  66. DRV:[b]64bit:[/b] - [2011/01/12 18:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
  67. DRV:[b]64bit:[/b] - [2010/12/22 02:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
  68. DRV:[b]64bit:[/b] - [2010/12/17 10:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
  69. DRV:[b]64bit:[/b] - [2010/12/15 10:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
  70. DRV:[b]64bit:[/b] - [2010/12/13 10:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
  71. DRV:[b]64bit:[/b] - [2010/12/12 07:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
  72. DRV:[b]64bit:[/b] - [2010/12/01 03:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
  73. DRV:[b]64bit:[/b] - [2010/11/29 19:04:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
  74. DRV:[b]64bit:[/b] - [2010/11/29 13:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
  75. DRV:[b]64bit:[/b] - [2010/11/29 06:23:18 | 012,252,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  76. DRV:[b]64bit:[/b] - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  77. DRV:[b]64bit:[/b] - [2010/11/19 11:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
  78. DRV:[b]64bit:[/b] - [2010/11/19 11:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
  79. DRV:[b]64bit:[/b] - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
  80. DRV:[b]64bit:[/b] - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
  81. DRV:[b]64bit:[/b] - [2010/10/15 09:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
  82. DRV:[b]64bit:[/b] - [2010/08/20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
  83. DRV:[b]64bit:[/b] - [2010/08/12 08:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
  84. DRV:[b]64bit:[/b] - [2010/07/30 16:36:38 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
  85. DRV:[b]64bit:[/b] - [2010/07/12 19:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
  86. DRV:[b]64bit:[/b] - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
  87. DRV:[b]64bit:[/b] - [2010/05/14 15:02:14 | 006,465,760 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech HD Webcam C270(UVC)
  88. DRV:[b]64bit:[/b] - [2010/05/14 15:00:52 | 000,329,952 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
  89. DRV:[b]64bit:[/b] - [2010/05/14 15:00:28 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
  90. DRV:[b]64bit:[/b] - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
  91. DRV:[b]64bit:[/b] - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
  92. DRV:[b]64bit:[/b] - [2010/04/28 08:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
  93. DRV:[b]64bit:[/b] - [2010/03/19 01:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
  94. DRV:[b]64bit:[/b] - [2010/02/27 00:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
  95. DRV:[b]64bit:[/b] - [2010/02/25 16:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
  96. DRV:[b]64bit:[/b] - [2010/02/11 08:04:54 | 000,130,696 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\keyscrambler.sys -- (KeyScrambler)
  97. DRV:[b]64bit:[/b] - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
  98. DRV:[b]64bit:[/b] - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  99. DRV:[b]64bit:[/b] - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  100. DRV:[b]64bit:[/b] - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  101. DRV:[b]64bit:[/b] - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  102. DRV:[b]64bit:[/b] - [2009/06/10 13:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
  103. DRV:[b]64bit:[/b] - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  104. DRV:[b]64bit:[/b] - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  105. DRV:[b]64bit:[/b] - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  106. DRV:[b]64bit:[/b] - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  107. DRV:[b]64bit:[/b] - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
  108. DRV:[b]64bit:[/b] - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
  109. DRV:[b]64bit:[/b] - [2006/11/01 10:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
  110.  
  111. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  112.  
  113.  
  114. [color=#E56717]========== Internet Explorer ==========[/color]
  115.  
  116. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  117.  
  118. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.ca.dell.com/content/default.aspx?c=ca&l=en&s=gen
  119. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
  120. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  121. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
  122.  
  123. [color=#E56717]========== FireFox ==========[/color]
  124.  
  125. FF - prefs.js..browser.startup.homepage: "about:home"
  126.  
  127. FF - HKLM\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/03/30 11:43:40 | 000,000,000 | ---D | M]
  128. FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/02 15:38:14 | 000,000,000 | ---D | M]
  129. FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  130.  
  131. [2011/03/29 13:37:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\Mozilla\Extensions
  132. [2011/04/09 20:00:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\Mozilla\Firefox\Profiles\89ny2aal.default\extensions
  133. [2011/04/09 20:00:11 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Users\Edward\AppData\Roaming\Mozilla\Firefox\Profiles\89ny2aal.default\extensions\ChoiceGuard@Microsoft
  134. [2011/03/30 17:40:42 | 000,002,059 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\Mozilla\Firefox\Profiles\89ny2aal.default\searchplugins\daemon-search.xml
  135. [2011/03/29 22:52:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
  136. [2011/03/29 22:52:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
  137. File not found (No name found) --
  138. () (No name found) -- C:\USERS\EDWARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\89NY2AAL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
  139. [2011/05/02 15:38:11 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
  140. [2011/05/02 15:38:12 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
  141. [2011/05/02 15:38:12 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml
  142. [2011/05/02 15:38:12 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
  143. [2011/05/02 15:38:12 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
  144. [2011/05/02 15:38:12 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
  145.  
  146. O1 HOSTS File: ([2011/04/08 17:36:04 | 000,001,539 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  147. O1 - Hosts: 127.0.0.1 localhost
  148. O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
  149. O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
  150. O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
  151. O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
  152. O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
  153. O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
  154. O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
  155. O1 - Hosts: 127.0.0.1 sls.microsoft.com
  156. O1 - Hosts: 127.0.0.1 genuine.microsoft.com
  157. O1 - Hosts: 127.0.0.1 wat.microsoft.com
  158. O1 - Hosts: 127.0.0.1 mpa.microsoft.com
  159. O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
  160. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  161. O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  162. O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  163. O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  164. O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  165. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
  166. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  167. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  168. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  169. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  170. O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  171. O4:[b]64bit:[/b] - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
  172. O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
  173. O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
  174. O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
  175. O4:[b]64bit:[/b] - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
  176. O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
  177. O4:[b]64bit:[/b] - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
  178. O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
  179. O4:[b]64bit:[/b] - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
  180. O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
  181. O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
  182. O4 - HKLM..\Run: [] File not found
  183. O4 - HKLM..\Run: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
  184. O4 - HKCU..\Run: [AquaSnap] C:\Program Files (x86)\AquaSnap\AquaSnap.Daemon.exe (http://www.nurgo-software.com)
  185. O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
  186. O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
  187. O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
  188. O4 - Startup: C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = File not found
  189. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
  190. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  191. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  192. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  193. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  194. O8:[b]64bit:[/b] - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  195. O8:[b]64bit:[/b] - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  196. O8:[b]64bit:[/b] - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  197. O8:[b]64bit:[/b] - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  198. O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  199. O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  200. O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  201. O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
  202. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
  203. O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
  204. O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  205. O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  206. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
  207. O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
  208. O13 - gopher Prefix: missing
  209. O13 - gopher Prefix: missing
  210. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
  211. O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
  212. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
  213. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
  214. O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
  215. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
  216. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.144.90 64.59.144.91 64.59.150.134
  217. O18:[b]64bit:[/b] - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Key error. File not found
  218. O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
  219. O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
  220. O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
  221. O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
  222. O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
  223. O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
  224. O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
  225. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  226. O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  227. O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
  228. O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
  229. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  230. O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
  231. O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  232. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  233. O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  234. O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
  235. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
  236. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
  237. O32 - HKLM CDRom: AutoRun - 1
  238. O34 - HKLM BootExecute: (autocheck autochk *) - File not found
  239. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  240. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  241. O35 - HKLM\..comfile [open] -- "%1" %*
  242. O35 - HKLM\..exefile [open] -- "%1" %*
  243. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  244. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  245. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  246. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  247.  
  248. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  249.  
  250. [2011/05/15 11:48:15 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.com
  251. [2011/05/15 11:13:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
  252. [2011/05/15 11:13:32 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
  253. [2011/05/08 18:53:45 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\FIFA 11
  254. [2011/05/08 18:47:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Sports
  255. [2011/05/08 10:01:13 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\ElevatedDiagnostics
  256. [2011/05/04 17:47:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\NearRealityCachev111
  257. [2011/05/03 21:36:29 | 000,000,000 | R--D | C] -- C:\Users\Edward\Documents\Scanned Documents
  258. [2011/05/03 21:36:29 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Fax
  259. [2011/05/03 16:19:30 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
  260. [2011/05/03 16:19:30 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
  261. [2011/05/03 16:19:30 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
  262. [2011/05/03 16:19:29 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
  263. [2011/05/03 16:19:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
  264. [2011/05/03 16:18:11 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
  265. [2011/05/03 16:18:11 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll
  266. [2011/05/03 16:18:11 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll
  267. [2011/05/03 16:18:11 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll
  268. [2011/05/03 16:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
  269. [2011/05/03 16:18:10 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax
  270. [2011/05/03 16:18:10 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\MatroskaDX.ax
  271. [2011/05/03 16:18:10 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax
  272. [2011/05/03 16:18:10 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax
  273. [2011/05/03 16:18:10 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax
  274. [2011/05/03 16:18:10 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax
  275. [2011/05/03 16:18:10 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax
  276. [2011/05/03 16:18:09 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax
  277. [2011/05/03 16:18:09 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax
  278. [2011/05/03 16:17:48 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Real
  279. [2011/05/03 16:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
  280. [2011/05/02 17:19:12 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
  281. [2011/04/30 08:20:10 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\FLEXnet
  282. [2011/04/29 21:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
  283. [2011/04/29 21:55:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\BrFaxRx
  284. [2011/04/29 21:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browny02
  285. [2011/04/29 21:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4
  286. [2011/04/29 21:55:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlCenter4
  287. [2011/04/29 21:53:13 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\InstallShield
  288. [2011/04/29 21:51:23 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Nuance
  289. [2011/04/29 21:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ScanSoft
  290. [2011/04/29 21:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Nuance
  291. [2011/04/29 21:50:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nuance
  292. [2011/04/29 21:50:34 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\MyWebPages
  293. [2011/04/29 21:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
  294. [2011/04/27 20:16:19 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Guide
  295. [2011/04/26 16:47:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DownloadToolz
  296. [2011/04/26 15:54:32 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
  297. [2011/04/26 15:54:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
  298. [2011/04/22 21:43:16 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Reallusion
  299. [2011/04/22 21:26:07 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\ZoomBrowser EX
  300. [2011/04/22 21:23:12 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\CANON INC
  301. [2011/04/22 21:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
  302. [2011/04/22 21:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
  303. [2011/04/22 21:04:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
  304. [2011/04/22 21:02:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon
  305. [2011/04/19 17:50:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
  306. [2011/04/19 17:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
  307. [2011/04/19 17:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
  308. [2011/04/19 17:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
  309. [2011/04/19 17:49:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
  310. [2011/04/19 17:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
  311. [2011/04/19 17:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
  312. [2011/04/18 16:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
  313. [2011/04/18 16:57:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
  314. [2011/04/18 15:13:02 | 000,000,000 | ---D | C] -- C:\Users\Edward\Desktop\botclient
  315.  
  316. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  317.  
  318. [2011/05/15 11:48:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.com
  319. [2011/05/15 11:42:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  320. [2011/05/15 11:42:54 | 469,372,927 | -HS- | M] () -- C:\hiberfil.sys
  321. [2011/05/15 11:41:26 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
  322. [2011/05/15 11:30:20 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  323. [2011/05/15 11:30:20 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  324. [2011/05/15 11:23:30 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-627088810-2221379440-2252410484-1001UA.job
  325. [2011/05/11 16:33:11 | 000,725,663 | ---- | M] () -- C:\Users\Edward\Desktop\RSBot-241.jar
  326. [2011/05/10 17:10:20 | 001,260,747 | ---- | M] () -- C:\Users\Edward\Desktop\RSBot-239.jar
  327. [2011/05/07 20:44:15 | 000,004,608 | ---- | M] () -- C:\Users\Edward\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  328. [2011/05/07 17:23:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-627088810-2221379440-2252410484-1001Core.job
  329. [2011/05/07 12:36:44 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
  330. [2011/05/06 19:51:32 | 000,876,010 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  331. [2011/05/06 19:51:32 | 000,733,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  332. [2011/05/06 19:51:32 | 000,151,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  333. [2011/05/05 20:28:25 | 000,000,020 | ---- | M] () -- C:\Windows\øù¼
  334. [2011/05/03 21:39:02 | 000,007,597 | ---- | M] () -- C:\Users\Edward\AppData\Local\Resmon.ResmonCfg
  335. [2011/05/03 21:32:18 | 067,025,044 | ---- | M] () -- C:\Users\Edward\Documents\VIDEO0005.3gp
  336. [2011/05/03 20:54:51 | 000,000,008 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\RSBuddy Login.ini
  337. [2011/05/03 16:20:01 | 003,072,449 | ---- | M] () -- C:\Users\Edward\Desktop\dictée.amr.MP3
  338. [2011/05/03 15:13:10 | 000,307,206 | ---- | M] () -- C:\Users\Edward\Desktop\dictée.amr
  339. [2011/04/26 15:45:51 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe
  340. [2011/04/26 15:45:51 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\srvany.exe
  341. [2011/04/26 15:24:04 | 000,000,074 | ---- | M] () -- C:\Users\Edward\authcheck_md5.properties
  342. [2011/04/25 10:26:21 | 000,000,093 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\RSBot_Accounts.ini
  343. [2011/04/24 17:46:49 | 003,806,448 | ---- | M] () -- C:\Users\Edward\Desktop\RSBuddy.jar
  344. [2011/04/23 13:06:39 | 000,000,173 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\RSBuddy_PorygonX.ini
  345. [2011/04/22 21:22:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
  346. [2011/04/19 17:50:56 | 000,002,515 | ---- | M] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
  347. [2011/04/19 16:51:56 | 081,907,883 | ---- | M] () -- C:\Users\Edward\Documents\facebook-4REALZBRO.zip
  348. [2011/04/19 12:57:39 | 000,462,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  349.  
  350. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  351.  
  352. [2011/05/10 17:10:19 | 001,260,747 | ---- | C] () -- C:\Users\Edward\Desktop\RSBot-239.jar
  353. [2011/05/08 11:13:29 | 000,725,663 | ---- | C] () -- C:\Users\Edward\Desktop\RSBot-241.jar
  354. [2011/05/07 20:44:05 | 000,004,608 | ---- | C] () -- C:\Users\Edward\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  355. [2011/05/05 20:28:24 | 000,000,020 | ---- | C] () -- C:\Windows\øù¼
  356. [2011/05/03 16:20:01 | 003,072,449 | ---- | C] () -- C:\Users\Edward\Desktop\dictée.amr.MP3
  357. [2011/05/03 16:19:30 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
  358. [2011/05/03 16:18:10 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax
  359. [2011/05/03 16:18:10 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax
  360. [2011/05/03 16:18:10 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax
  361. [2011/05/03 16:18:10 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax
  362. [2011/05/03 16:18:10 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax
  363. [2011/05/03 16:18:09 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
  364. [2011/05/03 16:18:09 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax
  365. [2011/05/03 16:18:09 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
  366. [2011/05/03 15:58:18 | 000,307,206 | ---- | C] () -- C:\Users\Edward\Desktop\dictée.amr
  367. [2011/05/02 17:18:44 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-627088810-2221379440-2252410484-1001UA.job
  368. [2011/05/02 17:18:44 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-627088810-2221379440-2252410484-1001Core.job
  369. [2011/04/26 15:46:06 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe
  370. [2011/04/26 15:46:06 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
  371. [2011/04/26 15:22:10 | 000,000,074 | ---- | C] () -- C:\Users\Edward\authcheck_md5.properties
  372. [2011/04/24 09:32:47 | 000,000,008 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\RSBuddy Login.ini
  373. [2011/04/22 21:22:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
  374. [2011/04/22 11:18:46 | 003,806,448 | ---- | C] () -- C:\Users\Edward\Desktop\RSBuddy.jar
  375. [2011/04/19 17:50:56 | 000,002,515 | ---- | C] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
  376. [2011/04/19 17:50:56 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
  377. [2011/04/19 16:50:06 | 081,907,883 | ---- | C] () -- C:\Users\Edward\Documents\facebook-4REALZBRO.zip
  378. [2011/04/06 17:18:49 | 000,020,605 | ---- | C] () -- C:\Windows\HL-4040CDN.INI
  379. [2011/04/06 17:18:38 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\bd404cdn.dat
  380. [2011/04/06 17:18:38 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI
  381. [2011/04/06 17:18:10 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
  382. [2011/04/05 21:35:42 | 000,000,305 | ---- | C] () -- C:\Windows\BRVIDEO.INI
  383. [2011/04/05 21:35:42 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
  384. [2011/04/05 21:35:30 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
  385. [2011/04/05 21:35:30 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2140.DAT
  386. [2011/04/05 21:35:25 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\brlmw03a.ini
  387. [2011/04/05 21:35:24 | 000,009,853 | ---- | C] () -- C:\Windows\HL-2140.INI
  388. [2011/04/05 21:34:35 | 000,000,240 | ---- | C] () -- C:\Windows\Brownie.ini
  389. [2011/04/05 20:37:42 | 000,007,597 | ---- | C] () -- C:\Users\Edward\AppData\Local\Resmon.ResmonCfg
  390. [2011/03/31 19:26:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
  391. [2011/03/31 16:46:01 | 000,853,170 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  392. [2011/03/31 15:55:15 | 000,000,111 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
  393. [2011/03/31 14:50:01 | 000,000,312 | ---- | C] () -- C:\Windows\ODBC.INI
  394. [2011/03/31 14:48:21 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
  395. [2011/03/30 13:43:33 | 000,000,173 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\RSBuddy_PorygonX.ini
  396. [2011/03/30 12:39:10 | 000,000,093 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\RSBot_Accounts.ini
  397. [2011/03/19 06:59:24 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
  398. [2011/03/19 06:58:48 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
  399. [2011/03/19 06:58:46 | 000,206,952 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
  400. [2011/03/19 06:58:44 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
  401. [2010/05/14 14:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
  402. [2010/05/14 14:56:06 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
  403. [2010/05/14 14:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
  404. [2009/08/23 00:00:00 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\AISAWFileMap.dll
  405. [2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
  406. [2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
  407. [2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
  408. [2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
  409. [2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
  410. [2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
  411. [2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
  412. [2007/08/09 14:59:54 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\myodbc3i.exe
  413. [2007/08/09 14:59:54 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\myodbc3m.exe
  414. [2007/05/18 00:00:00 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\Implode.dll
  415.  
  416. [color=#E56717]========== LOP Check ==========[/color]
  417.  
  418. [2011/04/07 19:55:33 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\.minecraft
  419. [2011/03/30 17:42:03 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\DAEMON Tools Lite
  420. [2011/04/25 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\FrostWire
  421. [2011/03/31 21:15:43 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\HTC
  422. [2011/03/31 21:27:45 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
  423. [2011/03/31 19:16:07 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\Leadertech
  424. [2011/03/29 15:05:03 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\LolClient
  425. [2011/04/09 17:55:02 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\My Games
  426. [2011/05/15 11:21:34 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\Notepad++
  427. [2011/03/30 10:30:07 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\nswb
  428. [2011/04/29 21:51:23 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\Nuance
  429. [2011/03/29 15:52:04 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\PCDr
  430. [2011/05/15 11:21:34 | 000,000,000 | ---D | M] -- C:\Users\Edward\AppData\Roaming\uTorrent
  431. [2011/05/07 12:36:44 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
  432. [2011/05/01 19:12:31 | 000,024,830 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
  433. [2011/05/15 11:41:26 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
  434.  
  435. [color=#E56717]========== Purity Check ==========[/color]
  436.  
  437.  
  438.  
  439. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!