OTL logfile created on: 12/11/2011 21:49:09 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Andrew\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 41.21% Memory free
6.19 Gb Paging File | 3.59 Gb Available in Paging File | 57.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 464.48 Gb Total Space | 399.45 Gb Free Space | 86.00% Space Free | Partition Type: NTFS
Computer Name: ANDREW-PC | User Name: Andrew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/11/12 21:47:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew\Desktop\OTL.exe
PRC - [2011/11/12 01:48:40 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Andrew\AppData\Local\Akamai\netsession_win.exe
PRC - [2011/11/07 21:28:26 | 001,652,536 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/10/28 17:52:02 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/10/28 17:52:02 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/10/24 20:29:16 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/10/18 15:46:38 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe
PRC - [2011/10/18 06:14:54 | 001,229,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/01 04:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/01/13 02:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2010/05/05 18:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/29 18:27:38 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/09/08 10:10:20 | 000,450,560 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008/09/08 10:09:40 | 000,184,320 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2008/08/06 16:31:44 | 000,233,576 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
PRC - [2007/08/30 17:43:18 | 004,670,704 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2007/03/20 19:56:52 | 000,077,824 | ---- | M] () -- C:\Program Files\KWorld Multimedia\TV Tuner Card Utilities\HMCP3XCtl.exe
PRC - [2006/12/01 05:37:00 | 004,186,112 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/11/17 09:42:46 | 000,053,341 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTSched.exe
PRC - [2005/06/02 15:54:34 | 000,086,606 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
========== Modules (No Company Name) ========== MOD - [2011/10/30 20:57:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/08/14 13:52:43 | 000,516,368 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/04 01:26:14 | 000,181,592 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\SharedBin\LvApi11.dll
MOD - [2011/01/13 01:57:34 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll
MOD - [2011/01/13 01:55:28 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll
MOD - [2009/04/22 21:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 23:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 22:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 22:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 22:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 22:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 22:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 22:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 22:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 22:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 22:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll
MOD - [2007/08/30 17:43:20 | 000,081,920 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\Xmltok.dll
MOD - [2007/08/30 16:21:06 | 001,290,240 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\YCPFoundation.dll
MOD - [2007/08/30 16:21:06 | 000,757,760 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\YPluginRegistry.dll
MOD - [2007/08/30 16:21:06 | 000,041,472 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\YIniDom.dll
MOD - [2007/08/30 16:21:04 | 000,499,712 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\P2PCE.dll
MOD - [2007/08/30 16:17:42 | 000,053,248 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\XMLParse.dll
MOD - [2007/08/28 09:22:44 | 000,108,544 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
MOD - [2007/05/28 10:28:02 | 000,069,120 | ---- | M] () -- C:\Windows\System32\CmdRtr.DLL
MOD - [2007/03/20 19:56:52 | 000,077,824 | ---- | M] () -- C:\Program Files\KWorld Multimedia\TV Tuner Card Utilities\HMCP3XCtl.exe
========== Win32 Services (SafeList) ========== SRV - [2011/11/12 18:09:09 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_dac4cfd.dll -- (Akamai)
SRV - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/10/28 17:52:02 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/01 04:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/01/18 17:31:37 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2009/04/29 18:38:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/12/29 18:27:38 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/09/08 10:10:20 | 000,450,560 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008/09/08 10:09:40 | 000,184,320 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008/08/25 14:37:51 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2008/01/19 07:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005/06/02 15:54:34 | 000,086,606 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
========== Driver Services (SafeList) ========== DRV - [2011/11/07 21:30:20 | 000,227,312 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_32301.sys -- (RapportCerberus_32301)
DRV - [2011/11/07 21:28:40 | 000,071,440 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/11/07 21:28:38 | 000,164,112 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2011/11/07 21:28:38 | 000,056,208 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2011/10/28 17:52:04 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/10/28 17:52:02 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/14 13:52:43 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys -- (RapportIaso)
DRV - [2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 00:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 00:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 00:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/26 15:03:56 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2011/05/26 15:03:50 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2011/04/01 04:11:10 | 004,333,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 120(UVC)
DRV - [2011/02/23 07:27:00 | 010,468,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/05/05 20:29:18 | 001,178,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/05/05 20:29:10 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/05/05 20:29:02 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/05/05 20:28:54 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/05/05 20:24:44 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/05/05 20:24:34 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/05/05 20:24:24 | 000,526,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2010/05/05 20:24:14 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/05/05 20:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/05/05 20:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/05/05 20:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2010/01/19 11:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/01/19 11:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/01/19 11:49:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/08/18 11:06:44 | 000,009,216 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/03/30 02:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008/08/18 17:58:16 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2008/08/01 11:51:00 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/07/15 16:23:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2008/07/15 16:23:22 | 000,170,520 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2008/07/15 16:22:46 | 001,323,544 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2008/02/29 16:03:48 | 000,008,944 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2008/02/29 16:03:46 | 000,051,440 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/02/25 08:41:28 | 000,329,240 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2008/02/25 08:41:18 | 000,134,680 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2008/02/25 08:41:14 | 000,100,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2008/02/25 08:41:10 | 000,286,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2008/02/25 08:41:06 | 000,174,104 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2008/02/25 08:41:02 | 000,566,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2008/02/25 08:40:56 | 000,551,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2008/02/25 08:40:52 | 000,098,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2008/01/19 06:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/11/19 03:31:56 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2007/04/20 13:34:54 | 000,674,048 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2006/11/02 08:27:22 | 001,083,520 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)
DRV - [2006/10/30 03:31:58 | 000,043,648 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2006/10/18 19:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/10/18 05:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006/02/16 16:51:08 | 000,004,096 | R--- | M] (SuperAdBlocker, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2006/02/07 11:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2003/12/08 11:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003/12/08 11:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\alcaudsl.sys -- (alcaudsl)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-813452675-1282793062-151359363-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.talktalk.co.uk/IE - HKU\S-1-5-21-813452675-1282793062-151359363-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-813452675-1282793062-151359363-1000\..\URLSearchHook: CFBFAE00-17A6-11D0-99CB-00C04FD64497} - No CLSID value found
IE - HKU\S-1-5-21-813452675-1282793062-151359363-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-813452675-1282793062-151359363-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/12 13:35:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/11/05 14:42:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/07/01 09:22:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/12 13:35:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter
O1 HOSTS File: ([2009/03/30 14:31:32 | 000,303,871 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1
www.007guard.comO1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1
www.008k.comO1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
www.00hq.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1
www.032439.comO1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
www.0scan.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1
www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
www.1001namen.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
www.100888290cs.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1
www.100sexlinks.comO1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1
www.10sek.comO1 - Hosts: 127.0.0.1
www.1-2005-search.comO1 - Hosts: 10469 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTXFIREG] C:\Windows\System32\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-813452675-1282793062-151359363-1000..\Run: [Akamai NetSession Interface] C:\Users\Andrew\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-813452675-1282793062-151359363-1000..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-813452675-1282793062-151359363-1000..\Run: [CTRegRun] C:\Windows\Ctregrun.exe (Creative Technology Ltd )
O4 - HKU\S-1-5-21-813452675-1282793062-151359363-1000..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9}
http://208.0.229.146/SysCamInst.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F}
http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
http://dlm.tools.akamai.com/dlmanager/v ... .2.4.1.cab (Reg Error: Key error.)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE}
http://www.nvidia.com/content/DriverDow ... eqlab2.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD}
http://www.superadblocker.com/activex/sabspx.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E}
http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF}
http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {EBB176D2-AF75-4706-832F-4C8448F72757}
http://www.shopandscan.com/TNSClickrc.CAB (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1959AE1-AFC8-478C-941A-8EF2494678C9}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{92f6db4e-e154-11e0-9c69-aa69ae32db9e}\Shell - "" = AutoRun
O33 - MountPoints2\{92f6db4e-e154-11e0-9c69-aa69ae32db9e}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{a85b0c49-e5e6-11e0-9f15-8484b8e9019e}\Shell - "" = AutoRun
O33 - MountPoints2\{a85b0c49-e5e6-11e0-9f15-8484b8e9019e}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a85b0c6d-e5e6-11e0-9f15-8484b8e9019e}\Shell - "" = AutoRun
O33 - MountPoints2\{a85b0c6d-e5e6-11e0-9f15-8484b8e9019e}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/11/12 21:47:27 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Andrew\Desktop\OTL.exe
[2011/11/12 18:43:18 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{D904D508-9CD4-46E6-A1A1-611D478B3F85}
[2011/11/12 18:42:52 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{885ACB43-BA97-4161-A61A-0DD3806E4BB3}
[2011/11/12 00:46:27 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{38039A0E-4F1A-4270-A512-0B1C1345D923}
[2011/11/12 00:46:02 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{849285E3-797A-4A65-8BE5-F107CFF2922F}
[2011/11/10 19:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\HPSSUPPLY
[2011/11/10 18:26:19 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{CC6B28D2-71DB-40EE-B857-90755C4DB5FB}
[2011/11/10 18:25:54 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{A67B5204-D6A8-4343-B0ED-40C8DCA964D4}
[2011/11/10 17:32:45 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\Akamai
[2011/11/09 15:42:34 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/11/09 15:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/11/09 15:09:10 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{A23CAC28-84D3-41F2-A8E0-6F385C26E579}
[2011/11/09 15:08:46 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{6AF1B1F3-8D05-4152-A520-DA9D434A2E4C}
[2011/11/08 16:35:38 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{EF222308-C4EC-49EE-B35E-91BAD94E2772}
[2011/11/08 16:35:13 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{FD27AADF-33A9-4175-B119-3FCD0FA4D962}
[2011/11/07 21:28:38 | 000,056,208 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2011/11/07 14:42:01 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{5DFA08CB-1A25-4B52-AD18-0D3F5537B761}
[2011/11/07 14:41:35 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{324B4BD2-3116-429D-8C2B-4C487871506E}
[2011/11/06 15:50:08 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{D6C22428-6FEA-4898-8832-58BEDF1623EE}
[2011/11/06 15:49:43 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{7102C03E-93D2-4794-AF76-E11C43534C09}
[2011/11/05 15:18:52 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{5A7FD7F9-8F26-499B-8823-38DAE12E44AC}
[2011/11/05 15:18:28 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{2195A6AD-DB89-4EE8-B0CA-4BC91744F369}
[2011/11/03 16:39:55 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{F34C520B-019C-4A60-9CB0-F58B43BC8D49}
[2011/11/03 16:39:31 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{F1E4E918-89BE-408E-89B7-9C7F504DEFE1}
[2011/11/02 15:39:24 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{18F65507-4E68-422C-82E4-BE59C461CCB5}
[2011/11/02 15:39:04 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{D4A14420-23AD-497B-B09E-D7ADB4D8BD2C}
[2011/11/01 14:02:30 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{AA442ED1-182B-4E03-A686-A5BE14707694}
[2011/11/01 14:02:06 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{B213EB9D-B177-4742-9324-C650FABFBEE0}
[2011/10/31 14:08:52 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{716715A3-A189-4D0B-89A8-36B75CE45B0E}
[2011/10/31 14:08:28 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{260C7E3D-3C7B-4831-A166-FA94332CF66E}
[2011/10/30 16:39:40 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{4725A41A-753E-47B9-91D0-E27021FCCBB4}
[2011/10/30 16:39:14 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{BDFEDA76-EF2B-4500-B094-75BA866EDB2F}
[2011/10/30 00:23:15 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{705D5638-EA34-4D20-9A80-16C75C384B81}
[2011/10/30 00:23:00 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{16268287-0A59-41BE-B491-778F744505E9}
[2011/10/28 15:02:48 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{0F4B240A-8DB4-4C61-9798-8E095F5E50BF}
[2011/10/28 15:02:23 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{24E1E2A9-90F9-4481-8C44-19B485D5B712}
[2011/10/27 16:29:19 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{11AD192E-62C2-436C-A360-835247DA7A26}
[2011/10/27 16:29:04 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{7C7318D2-9FDB-4FCE-BFB4-77C703FBD1E2}
[2011/10/26 12:30:19 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{4896DDA1-A288-42DA-9707-B0E36A625DBA}
[2011/10/26 12:29:55 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{66EB016B-75EC-4E5E-A798-6C5D87A98DE0}
[2011/10/25 14:20:42 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{DDE9A041-B567-4EB6-A76D-A3D4BAA16667}
[2011/10/25 14:20:17 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{8EBF8509-09AD-4199-B46A-DEBA3C6388B0}
[2011/10/24 14:47:47 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{4FBD9F03-EF29-4267-B6B3-C5427FA4C00E}
[2011/10/24 14:47:23 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{92B8F7D2-5E8A-432B-B09B-5ADAF37CA6DF}
[2011/10/23 13:44:09 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{DF50F562-2476-4391-88F7-D00E6557B121}
[2011/10/23 13:43:45 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{62388C01-98D6-4B4B-A420-C6FF7E3571B1}
[2011/10/22 23:19:11 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{EE2348BE-C585-43F6-87C0-087ADCE4930A}
[2011/10/22 23:18:57 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{929C0908-7CF0-4186-A196-C8DBA2C2836D}
[2011/10/21 17:37:38 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{8D364B1F-52EB-410A-9563-87D072F1031B}
[2011/10/21 17:37:13 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{D4BA33D9-1AB0-4AE9-BBC7-FD1716904B38}
[2011/10/20 20:16:27 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{82034118-6970-4628-AFCA-0F66EB1186C3}
[2011/10/20 20:16:03 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{DA955E07-CAF6-4CB7-9BEE-6737E8859981}
[2011/10/19 17:55:07 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{14191A9A-E2FE-4648-8840-107FC3993728}
[2011/10/19 17:54:39 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{6F7C4A17-13E1-436B-8CF8-B97C609C9571}
[2011/10/19 17:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/10/19 17:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/19 17:19:36 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/19 13:54:44 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{0369512F-A3C7-4D4B-8CF8-DE767B0FA371}
[2011/10/18 16:20:18 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{30B6AF64-05CE-4ABE-97EA-289FE8C4E671}
[2011/10/18 16:19:53 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{07C67F24-C592-4BA0-A641-7D4CC17A6250}
[2011/10/17 15:12:58 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{9EDC1422-CB76-402D-BCBD-F5F91C8B8C13}
[2011/10/17 15:12:42 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{D8256A35-5C04-4618-B830-0D319B000905}
[2011/10/16 22:30:18 | 000,000,000 | ---D | C] -- C:\Users\Andrew\Desktop\Asda
[2011/10/16 19:24:10 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{367F9468-3D02-4AB3-A9EC-73ABAE57C065}
[2011/10/16 19:23:45 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{A7B36555-DD33-423D-8098-E79E3ED083AE}
[2011/10/16 15:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011/10/16 15:57:55 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Roaming\AVG2012
[2011/10/16 15:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011/10/16 00:57:38 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{58F27ABC-6F20-46DC-93CF-916C052562B2}
[2011/10/15 12:57:07 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{6326E40E-C299-440E-9EE1-B8412A046DBA}
[2011/10/15 12:56:52 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{4ACD0233-D43B-48DB-A1BA-14A6580B8B5F}
[2011/10/14 22:35:41 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{1C7000F6-9210-42CF-8186-AE8B54106E0B}
[2011/10/14 22:35:12 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\{3ECD6B98-19BF-48BF-AFF5-97CAB9788C2C}
[2010/05/05 18:59:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[2010/05/05 18:38:18 | 000,012,800 | ---- | C] ( ) -- C:\Windows\System32\killapps.exe
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/11/12 21:47:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew\Desktop\OTL.exe
[2011/11/12 21:22:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/12 21:22:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/12 20:08:52 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/12 20:08:51 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/12 18:15:58 | 000,674,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/12 18:15:58 | 000,133,164 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/12 18:13:17 | 109,500,619 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/11/12 18:11:37 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/11/12 18:09:46 | 000,056,021 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/11/12 18:09:45 | 000,056,021 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/11/12 18:09:16 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011/11/12 18:08:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/12 18:08:34 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/11/12 01:28:52 | 000,054,760 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000003-00000000-00000006-00001102-00000005-00311102}.rfx
[2011/11/12 01:28:52 | 000,054,760 | ---- | M] () -- C:\Windows\System32\BMXState-{00000003-00000000-00000006-00001102-00000005-00311102}.rfx
[2011/11/12 01:28:52 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000003-00000000-00000006-00001102-00000005-00311102}.rfx
[2011/11/12 00:46:09 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/11/12 00:46:09 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/11/09 16:07:30 | 000,190,509 | ---- | M] () -- C:\Users\Andrew\Desktop\MalWare Removal • View topic - Emails are being sent from my email account_php.mht
[2011/11/09 15:42:34 | 000,001,950 | ---- | M] () -- C:\Users\Andrew\Desktop\HiJackThis.lnk
[2011/11/07 21:28:38 | 000,056,208 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2011/11/07 15:49:57 | 000,071,582 | ---- | M] () -- C:\Users\Andrew\Desktop\IMG_0652.JPG
[2011/11/03 16:24:31 | 294,832,668 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/30 16:39:52 | 000,016,432 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2011/10/28 17:52:04 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2011/10/19 17:23:04 | 000,001,674 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/10/18 16:50:48 | 000,002,033 | ---- | M] () -- C:\Users\Andrew\Desktop\Sky Go Desktop.lnk
[2011/10/18 15:46:38 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/10/14 22:30:25 | 002,416,528 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/11/12 18:11:33 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/11/09 16:07:27 | 000,190,509 | ---- | C] () -- C:\Users\Andrew\Desktop\MalWare Removal • View topic - Emails are being sent from my email account_php.mht
[2011/11/09 15:42:34 | 000,001,950 | ---- | C] () -- C:\Users\Andrew\Desktop\HiJackThis.lnk
[2011/11/07 15:49:57 | 000,071,582 | ---- | C] () -- C:\Users\Andrew\Desktop\IMG_0652.JPG
[2011/10/19 17:23:04 | 000,001,674 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/10/18 16:50:48 | 000,002,063 | ---- | C] () -- C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sky Go Desktop.lnk
[2011/10/18 16:50:48 | 000,002,033 | ---- | C] () -- C:\Users\Andrew\Desktop\Sky Go Desktop.lnk
[2011/10/05 20:46:24 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011/09/18 20:20:07 | 000,024,064 | ---- | C] () -- C:\Users\Andrew\AppData\Roaming\UserTile.png
[2011/05/16 13:07:30 | 000,003,584 | ---- | C] () -- C:\Users\Andrew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/13 09:14:13 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/04/13 09:14:13 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/04/01 04:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/04/01 04:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/04/01 04:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/04/01 03:56:00 | 000,027,872 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/03/22 22:58:22 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/10/15 15:01:48 | 000,164,775 | ---- | C] () -- C:\Windows\hpoins30.dat.temp
[2010/10/15 15:01:48 | 000,000,844 | ---- | C] () -- C:\Windows\hpomdl30.dat.temp
[2010/09/28 12:34:12 | 000,000,031 | -H-- | C] () -- C:\Windows\UKCpInfo.sys
[2010/05/11 20:54:01 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2010/05/11 20:54:01 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2010/05/11 20:54:01 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2010/05/11 20:51:49 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010/05/11 20:51:49 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/05/05 19:37:52 | 000,021,204 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2010/05/05 18:56:46 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll
[2010/05/05 18:41:30 | 000,016,384 | ---- | C] () -- C:\Windows\System32\regplib.exe
[2010/05/05 18:38:22 | 000,007,680 | ---- | C] () -- C:\Windows\System32\enlocstr.exe
[2010/02/08 12:02:02 | 000,000,131 | ---- | C] () -- C:\Windows\wininit.ini
[2010/01/19 11:49:54 | 000,466,944 | ---- | C] () -- C:\Windows\System32\RemoveDevice.dll
[2010/01/12 13:35:01 | 000,023,113 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009/12/22 10:47:55 | 000,077,377 | ---- | C] () -- C:\Windows\hpqins05.dat
[2009/09/14 17:13:39 | 000,056,021 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/14 17:11:07 | 000,056,021 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/09/11 13:04:09 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/11 13:04:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/08/02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/08/02 23:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/08/02 23:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/05/27 08:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini
[2009/02/10 21:59:56 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2008/12/02 21:33:42 | 000,164,874 | ---- | C] () -- C:\Windows\hpoins30.dat
[2008/08/11 10:04:38 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/11 15:22:30 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2008/07/11 14:40:54 | 000,321,512 | ---- | C] () -- C:\Windows\System32\ctdlang.dat
[2008/07/11 14:40:54 | 000,056,509 | ---- | C] () -- C:\Windows\System32\ctdnlstr.dat
[2008/06/18 06:22:38 | 000,000,844 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2008/06/05 07:58:26 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/02/20 20:00:12 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CTBURST.DLL
[2008/02/20 19:58:46 | 000,037,888 | ---- | C] () -- C:\Windows\System32\PSCONV.EXE
[2008/02/20 19:46:20 | 000,149,838 | ---- | C] () -- C:\Windows\System32\CTBAS2W.DAT
[2008/02/20 19:44:34 | 000,274,587 | ---- | C] () -- C:\Windows\System32\CTSBAS2W.DAT
[2008/02/20 19:44:26 | 000,241,084 | ---- | C] () -- C:\Windows\System32\CTSBASW.DAT
[2008/02/20 19:44:26 | 000,115,166 | ---- | C] () -- C:\Windows\System32\CTBASICW.DAT
[2008/02/20 19:44:10 | 000,313,207 | ---- | C] () -- C:\Windows\System32\CTSTATIC.DAT
[2008/02/20 19:44:10 | 000,053,932 | ---- | C] () -- C:\Windows\System32\CTDAUGHT.DAT
[2008/02/04 21:59:29 | 000,000,510 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/01/24 17:50:08 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI
[2008/01/21 18:58:00 | 000,002,478 | ---- | C] () -- C:\Users\Andrew\AppData\Roaming\wklnhst.dat
[2008/01/18 22:45:43 | 000,005,606 | ---- | C] () -- C:\Windows\System32\stci.dll
[2008/01/18 12:35:26 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/01/18 11:27:43 | 000,001,324 | ---- | C] () -- C:\Windows\TVP3XDrv.ini
[2008/01/18 11:27:12 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2008/01/18 10:53:04 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll
[2008/01/18 10:53:04 | 000,012,664 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2008/01/18 10:53:01 | 000,012,096 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2008/01/18 10:53:01 | 000,010,304 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2008/01/17 21:47:22 | 000,000,907 | R--- | C] () -- C:\Windows\System32\AsusSetup.ini
[2008/01/17 21:47:22 | 000,000,263 | R--- | C] () -- C:\Windows\System32\raidmgmt.ini
[2008/01/17 21:45:50 | 000,008,307 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008/01/17 21:45:50 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2008/01/17 21:45:44 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2008/01/17 21:21:14 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL
[2008/01/17 21:20:04 | 000,108,544 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2008/01/17 21:20:04 | 000,069,120 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2007/10/11 09:01:42 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2007/08/13 20:45:02 | 000,077,824 | ---- | C] () -- C:\Windows\System32\CTMMACTL.DLL
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 002,416,528 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,674,566 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,133,164 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
========== Alternate Data Streams ========== @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:0B4227B4
< End of report >