OTL logfile created on: 5/2/2011 8:20:56 AM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\My Documents\My Downloads Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 69.00% Memory free 7.00 Gb Paging File | 7.00 Gb Available in Paging File | 90.00% Paging File free Paging file location(s): C:\pagefile.sys 4606 4606 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 465.76 Gb Total Space | 259.82 Gb Free Space | 55.78% Space Free | Partition Type: NTFS Drive D: | 186.89 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive I: | 14.99 Gb Total Space | 7.00 Gb Free Space | 46.68% Space Free | Partition Type: FAT32 Computer Name: STORMYS2NDLIFE | User Name: Stormy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/05/02 08:20:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\My Documents\My Downloads\OTL.exe PRC - [2011/05/02 00:28:00 | 000,249,856 | ---- | M] (Mrhankeys) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\svsh0sted.exe PRC - [2011/04/18 10:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011/01/07 04:15:20 | 002,443,120 | ---- | M] (Driver-Soft Inc.) -- C:\Program Files\Driver-Soft\DriverGenius\DriverGenius.exe PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010/07/30 00:39:24 | 000,365,936 | ---- | M] (Driver-Soft Inc.) -- C:\Program Files\Driver-Soft\DriverGenius\LiveUpdate.exe PRC - [2010/04/05 19:41:14 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009/04/12 04:57:07 | 001,172,992 | ---- | M] (Vitalwerks LLC) -- C:\Program Files\No-IP\DUC20.exe PRC - [2008/10/20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2008/05/27 17:37:54 | 000,106,496 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\My Documents\My Downloads\Intel_Chipset_V9111019_XPVistaWin7\Driver\Usbcopy\USBCopy2.exe PRC - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE PRC - [2006/02/28 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/05/02 08:20:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\My Documents\My Downloads\OTL.exe MOD - [2011/04/18 10:25:09 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll MOD - [2010/08/20 16:39:35 | 000,983,552 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\My Documents\My Downloads\setupapi.dll MOD - [2006/08/25 08:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll MOD - [2006/02/28 05:00:00 | 000,378,368 | ---- | M] () -- C:\WINDOWS\ixalilahacaf.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (NBService) SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus(R) SRV - File not found [Disabled | Stopped] -- -- (Boonty Games) SRV - [2011/04/18 10:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010/02/08 09:11:00 | 000,271,856 | ---- | M] (Turbine, Inc.) [On_Demand | Stopped] -- C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe -- (LiveTurbineMessageService) SRV - [2010/02/08 09:11:00 | 000,218,608 | ---- | M] (Turbine, Inc.) [On_Demand | Stopped] -- C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe -- (LiveTurbineNetworkService) SRV - [2009/12/03 16:29:00 | 003,377,880 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2008/10/20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2007/01/11 04:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/04/18 10:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2011/04/18 10:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011/04/18 10:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011/04/18 10:16:06 | 000,102,488 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011/04/18 10:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011/04/18 10:13:02 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011/04/18 10:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011/03/26 00:37:43 | 000,024,416 | ---- | M] (Greatis Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\regguard.sys -- (RegGuard) DRV - [2010/09/23 02:11:28 | 000,298,784 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2010/08/24 10:31:18 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2010/08/24 10:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2010/08/24 10:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2010/08/24 10:30:18 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2010/07/27 02:47:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2010/07/27 02:47:10 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk) DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/08/28 10:48:06 | 000,039,200 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsAv2k.sys -- (TKFsAv) DRV - [2009/07/14 15:35:30 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2009/05/27 17:10:00 | 000,024,704 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKRgFtXp.sys -- (TKRgFt) DRV - [2009/05/13 17:54:20 | 000,041,984 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKRgAc2k.sys -- (TKRgAc) DRV - [2009/05/13 14:53:52 | 000,080,672 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsFt2k.sys -- (TKFsFt) DRV - [2009/04/21 09:06:20 | 000,088,864 | ---- | M] (Copyright (C) INCA Internet. 2000-2009) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TKFsAc2k.sys -- (TKFsAc) DRV - [2009/02/15 06:01:16 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2009/02/10 09:43:46 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2009/02/04 14:07:36 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2008/10/16 20:35:58 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV - [2008/07/24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV - [2008/05/12 11:57:28 | 000,004,608 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vncmirror.sys -- (vncmirror) DRV - [2008/03/27 12:42:46 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys -- (LGDDCDevice) DRV - [2008/03/27 12:42:46 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys -- (LGII2CDevice) DRV - [2007/11/29 03:17:28 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2007/06/18 21:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem) DRV - [2006/10/18 12:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2006/02/28 05:00:00 | 000,223,616 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2004/11/22 15:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5) DRV - [2004/11/22 15:36:34 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5) DRV - [2004/08/12 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2003/12/27 20:42:12 | 000,137,216 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\d244bus.sys -- (d244bus) DRV - [2003/12/27 02:38:10 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d244prt.sys -- (d244prt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\software\mozilla\Firefox\Extensions\\paypalfirefoxplugin@orbiscom: C:\Program Files\PayPal\PayPal Plug-In [2009/11/24 00:48:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/02/15 07:32:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{80613804-76F3-45EF-8691-3254D73EFB5A}: C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\{80613804-76F3-45EF-8691-3254D73EFB5A} [2011/04/20 15:57:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/03 20:42:45 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/01 23:03:41 | 000,000,000 | ---D | M] [2009/11/25 20:04:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Extensions [2008/12/23 17:20:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Extensions\home2@tomtom.com [2009/11/25 20:04:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Extensions\uploadr@flickr.com [2011/05/02 00:10:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions [2010/07/27 17:34:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010/08/13 06:08:30 | 000,000,000 | ---D | M] (Tournament Games for Firefox) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions\{398FE6B9-01FB-4860-920B-BE9F2E04DF3D} [2011/03/23 05:42:55 | 000,000,000 | ---D | M] (InboxDollars) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions\{771f3037-9885-4423-b50f-a5ede4854e26} [2010/08/19 07:15:20 | 000,000,000 | ---D | M] (Read Later) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions\{9783dcc8-2250-4d3b-8beb-7c2007cf5651} [2011/04/12 23:12:32 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE} [2010/03/07 05:35:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions\browserhighlighter@ebay.com [2011/03/23 05:42:50 | 000,000,000 | ---D | M] (SimilarWeb) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions\FirefoxAddon@similarWeb.com [2010/12/02 04:14:45 | 000,000,000 | ---D | M] (Flash AX Control) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions\npfax@microgaming.co.uk [2011/03/23 05:42:58 | 000,000,000 | ---D | M] (samfind Bookmarks Bar) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mozilla\Firefox\Profiles\02l9fiy8.default\extensions\sam@samfind.com [2011/04/28 13:19:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2008/07/08 03:35:25 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npgcplug.dll [2009/07/03 00:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll [2009/08/17 08:42:14 | 000,073,728 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll [2010/02/05 03:02:36 | 000,219,904 | ---- | M] (Midasplayer Ltd) -- C:\Program Files\Mozilla Firefox\plugins\npmidas.dll [2005/04/27 13:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll [2009/11/18 06:13:47 | 000,003,700 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.png [2009/11/18 06:13:47 | 000,001,963 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fast.xml Hosts file not found O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [Hgiqi] C:\WINDOWS\ixalilahacaf.dll () O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [TaskTray] File not found O4 - HKLM..\Run: [UpdateUSB] C:\WINDOWS\inf\UpdateUSB.exe (AsusTek Inc.) O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKCU..\Run: [EPSON Stylus CX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDA.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [svsh0st] C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\svsh0sted.exe (Mrhankeys) O4 - Startup: C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Start Menu\Programs\Startup\No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe (Vitalwerks LLC) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html () O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (Bodog) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\ilannsp.dll (CrowSoft) O15 - HKCU\..Trusted Domains: $talisma_url$ ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: yahoo.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: yahoo.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: yahoo.com ([]https in Trusted sites) O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} http://www.worldwinner.com/games/v54/zengems/zengems.cab (ZenGems Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool) O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} http://www.worldwinner.com/games/v47/skillgam/skillgam.cab (SkillGam Control) O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab (FunGamesLoader Object) O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinner.com/games/v50/tpir/tpir.cab (TPIR Control) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support) O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.8.110.cab (Reg Error: Key error.) O16 - DPF: {4AB16005-E995-4A60-89DE-8B8A3E6EB5B0} http://www.worldwinner.com/games/v56/trivialpursuit/trivialpursuit.cab (TrivialPursuit Control) O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab (Bejeweled Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225586620234 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1218570008796 (MUWebControl Class) O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {A021A215-6CDC-44B4-8C16-90491CED9605} http://www.worldwinner.com/games/v68/clue/clue.cab (Clue Control) O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinner.com/games/v57/wof/wof.cab (WoF Control) O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinner.com/games/v41/hangman/hangman.cab (Hangman Control) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer) O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} http://www.worldwinner.com/games/v46/monopoly/monopoly.cab (Monopoly Control) O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} http://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab (MysteryPI Control) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E9790C6C-DCAA-4E4F-8048-FFEC3B62DFED} http://72.233.55.59/activex/vogweb29.cab (VOGWeb2 Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.) O24 - Desktop Components:0 () - O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/08/29 08:07:49 | 000,000,160 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/08/29 08:07:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.CMI -- [ NTFS ] O32 - AutoRun File - [2008/01/25 17:31:00 | 000,000,038 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ] O32 - AutoRun File - [2009/04/20 15:28:52 | 000,648,064 | ---- | M] (Sysinternals - www.sysinternals.com) - I:\autoruns.exe -- [ FAT32 ] O33 - MountPoints2\{2c812e64-7746-11dd-9377-001d60e7f96e}\Shell\AutoRun\command - "" = G:\setupSNK.exe O33 - MountPoints2\{97dd45c2-32a0-11dd-9371-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{97dd45c2-32a0-11dd-9371-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{97dd45c2-32a0-11dd-9371-806d6172696f}\Shell\AutoRun\command - "" = D:\LGE.EXE -- [2008/03/12 14:41:32 | 003,905,777 | R--- | M] (Macromedia, Inc.) O33 - MountPoints2\{9d51ff69-cf4c-11dd-93b4-001d60e7f96e}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe O34 - HKLM BootExecute: (autocheck autochk *sprestrtsprestrt) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKCU\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- Reg Error: Value error. File not found O37 - HKCU\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/05/02 00:28:00 | 000,249,856 | ---- | C] (Mrhankeys) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\svsh0sted.exe [2011/05/01 23:24:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\My Documents\HardwareHelper [2011/05/01 23:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hardware Helper [2011/04/28 09:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Ymwyas [2011/04/28 09:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Ofapi [2011/04/23 21:23:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2011/04/23 21:11:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2011/04/23 21:11:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2011/04/23 21:11:31 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2011/04/23 21:10:21 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2011/04/22 21:05:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2011/04/22 20:54:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Cookies [2011/04/22 20:05:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Start Menu\Programs\ParetoLogic [2011/04/22 20:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic [2011/04/22 19:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\DriverCure [2011/04/22 19:27:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\ParetoLogic [2011/04/22 19:27:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2011/04/21 19:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\La Riviera Casino English [2011/04/20 16:48:16 | 000,000,000 | ---D | C] -- C:\Program Files\Infogrames [2011/04/20 16:48:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Infogrames [2011/04/20 15:57:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\{80613804-76F3-45EF-8691-3254D73EFB5A} [2011/04/20 15:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\CB1723F9619B50A08C5B3F35855AFA19 [2011/04/20 12:39:19 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\IECompatCache [2011/04/20 11:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2011/04/20 11:05:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2011/04/20 09:32:58 | 000,000,000 | RHSD | C] -- C:\cmdcons [2011/04/20 09:32:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss [2011/04/20 09:32:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd [2011/04/20 08:12:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Casino Royal Club [2011/04/20 08:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\CasinoRoyalClub [2011/04/20 06:04:10 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll [2011/04/20 05:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications [2011/04/20 03:21:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microprose [2011/04/20 03:17:50 | 000,000,000 | ---D | C] -- C:\Program Files\MicroProse [2011/04/19 03:23:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Orneon [2011/04/19 03:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\The Agency of Anomalies - Mystic Hospital Collector's Edition [2011/04/18 23:57:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\Grubby Games [2011/04/18 23:56:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Aztec Tribe - New Land [2011/04/18 23:54:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\My Tribe [2011/04/17 16:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\Cool Cat Casino [2011/04/16 20:40:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011/04/16 20:40:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/04/16 20:40:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011/04/13 22:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\Slots Inferno [2011/04/13 12:17:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DiscWizard for Windows [2011/04/13 12:17:05 | 000,000,000 | ---D | C] -- C:\Program Files\DiscWizard for Windows [2011/04/02 16:12:26 | 000,000,000 | ---D | C] -- C:\Program Files\VIP Lounge [2009/10/08 18:19:45 | 000,218,112 | ---- | C] (Soeperman Enterprises Ltd.) -- C:\Program Files\HijackThis1991.exe [2008/11/24 08:38:12 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\pcouffin.sys [2008/10/12 06:15:43 | 000,137,216 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d244bus.sys [2008/10/12 06:15:43 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d244prt.sys [2008/08/19 01:09:37 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\da344prt.sys [2008/08/19 01:09:36 | 000,137,216 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\da344bus.sys [2008/07/08 03:35:27 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll [2008/06/11 19:03:12 | 000,137,216 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d344bus.sys [2008/06/11 19:03:12 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d344prt.sys [17 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/05/02 06:53:36 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2011/05/02 06:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/05/02 06:16:00 | 000,001,020 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-2025429265-839522115-1004UA.job [2011/05/02 03:51:19 | 000,013,724 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/05/02 03:46:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/05/02 03:21:31 | 000,000,624 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Start Menu\Programs\Startup\No-IP DUC.lnk [2011/05/02 03:04:40 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2011/05/02 00:34:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Yqosoqanede.bin [2011/05/02 00:31:12 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011/05/02 00:28:00 | 000,249,856 | ---- | M] (Mrhankeys) -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\svsh0sted.exe [2011/05/02 00:15:35 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job [2011/05/01 23:22:23 | 000,000,838 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\Hardware Helper.lnk [2011/05/01 22:51:55 | 000,000,282 | -HS- | M] () -- C:\boot.ini [2011/05/01 22:01:51 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor.job [2011/05/01 21:16:00 | 000,000,968 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1229272821-2025429265-839522115-1004Core.job [2011/05/01 13:43:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/05/01 12:00:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\Schedule Task Weekly.job [2011/04/29 21:13:54 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job [2011/04/26 03:52:33 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job [2011/04/26 03:52:30 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\ParetoLogic PC Health Advisor.lnk [2011/04/23 21:32:09 | 000,450,424 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011/04/23 21:32:09 | 000,074,118 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011/04/23 21:12:43 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2011/04/23 21:06:22 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2011/04/23 21:05:21 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2011/04/23 20:42:00 | 000,256,868 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011/04/23 20:42:00 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2011/04/23 20:41:58 | 000,256,868 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011/04/23 20:01:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Microsoft\Internet Explorer\Quick Launch\firefox.exe.lnk [2011/04/23 05:01:42 | 2145,386,496 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2011/04/22 21:00:49 | 000,014,684 | ---- | M] () -- C:\WINDOWS\setupapi.old [2011/04/22 20:40:46 | 000,001,769 | ---- | M] () -- C:\WINDOWS\Language_trs.ini [2011/04/22 20:34:31 | 000,000,790 | ---- | M] () -- C:\0.bak [2011/04/22 16:30:00 | 000,072,704 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/04/22 16:23:22 | 000,001,155 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\procexp.exe.lnk [2011/04/22 14:36:12 | 000,394,848 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/04/21 19:11:05 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\La Riviera Casino English.lnk [2011/04/21 01:04:49 | 000,012,388 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\4kegtidw7006g801m8f6f10 [2011/04/21 00:09:19 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Srogapiqi.dat [2011/04/20 16:56:22 | 000,000,255 | ---- | M] () -- C:\WINDOWS\PowerReg.dat [2011/04/20 11:46:37 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{380FE606-3C88-4C8A-8D4F-D852D1A9C601}.job [2011/04/20 08:12:25 | 000,001,698 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Casino Royal Club.lnk [2011/04/20 08:12:25 | 000,001,680 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Casino Royal Club.lnk [2011/04/20 07:32:51 | 000,000,565 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\myMPQ.ini [2011/04/20 06:04:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk [2011/04/20 05:39:03 | 000,000,211 | -HS- | M] () -- C:\BOOT.BAK [2011/04/20 03:21:32 | 000,001,673 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Shortcut to Majesty.exe.lnk [2011/04/19 05:08:30 | 000,000,596 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\ct.exe.lnk [2011/04/18 11:51:23 | 000,000,085 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\AVSDVDPlayer.m3u [2011/04/18 10:25:12 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2011/04/18 10:25:10 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2011/04/18 10:17:46 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2011/04/18 10:17:34 | 000,307,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2011/04/18 10:16:18 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2011/04/18 10:16:06 | 000,102,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2011/04/18 10:16:02 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2011/04/18 10:13:21 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2011/04/18 10:13:02 | 000,030,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2011/04/18 10:12:58 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2011/04/17 16:17:10 | 000,001,597 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Cool Cat Casino.lnk [2011/04/16 20:42:55 | 000,014,414 | -HS- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\l068fp6ptd5np2lt166sas867 [2011/04/16 20:42:55 | 000,014,414 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\l068fp6ptd5np2lt166sas867 [2011/04/16 20:40:58 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/16 20:32:04 | 000,235,810 | -HS- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\jtj.exe [2011/04/16 20:32:04 | 000,235,810 | -HS- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\ilk.exe [2011/04/02 20:03:49 | 000,015,320 | -HS- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\xknxn4mokk7qve73ognubh4w [2011/04/02 20:03:49 | 000,015,320 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\xknxn4mokk7qve73ognubh4w [2011/04/02 19:56:58 | 000,242,323 | -HS- | M] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\yef.exe [17 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/05/01 23:22:23 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\Hardware Helper.lnk [2011/04/26 03:52:30 | 000,000,378 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job [2011/04/26 03:52:29 | 000,000,360 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor.job [2011/04/23 21:11:25 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2011/04/23 21:11:04 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2011/04/23 21:10:59 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2011/04/23 21:10:58 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2011/04/23 21:10:56 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2011/04/23 21:10:44 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2011/04/23 21:10:37 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2011/04/23 21:10:34 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2011/04/23 21:10:23 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2011/04/23 20:34:41 | 000,141,702 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2011/04/23 20:34:41 | 000,110,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2011/04/23 20:34:41 | 000,031,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2011/04/23 20:34:41 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat [2011/04/23 20:34:41 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat [2011/04/23 20:34:41 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2011/04/23 20:34:40 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2011/04/23 20:34:40 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2011/04/23 20:34:40 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2011/04/23 20:34:40 | 000,504,678 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2011/04/23 20:34:40 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2011/04/23 20:34:40 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2011/04/23 20:34:40 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2011/04/23 20:34:40 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2011/04/23 20:34:40 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2011/04/23 20:34:40 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2011/04/23 20:34:40 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2011/04/23 20:34:40 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2011/04/23 20:01:44 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Microsoft\Internet Explorer\Quick Launch\firefox.exe.lnk [2011/04/22 20:40:46 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2011/04/22 20:34:28 | 000,000,790 | ---- | C] () -- C:\0.bak [2011/04/22 20:05:32 | 000,000,880 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\ParetoLogic PC Health Advisor.lnk [2011/04/22 19:28:01 | 000,000,446 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job [2011/04/22 19:27:52 | 000,000,420 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job [2011/04/22 16:23:22 | 000,001,155 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\procexp.exe.lnk [2011/04/21 19:11:05 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\La Riviera Casino English.lnk [2011/04/21 09:36:14 | 2145,386,496 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2011/04/21 00:09:19 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Srogapiqi.dat [2011/04/21 00:09:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Yqosoqanede.bin [2011/04/20 23:02:09 | 000,012,388 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\4kegtidw7006g801m8f6f10 [2011/04/20 09:33:17 | 000,000,211 | -HS- | C] () -- C:\BOOT.BAK [2011/04/20 09:33:14 | 000,260,272 | RHS- | C] () -- C:\cmldr [2011/04/20 08:12:25 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Casino Royal Club.lnk [2011/04/20 08:12:25 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Casino Royal Club.lnk [2011/04/20 06:04:17 | 000,256,868 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011/04/20 06:04:17 | 000,256,868 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011/04/20 06:04:17 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011/04/20 06:04:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk [2011/04/20 06:04:10 | 002,294,198 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2011/04/20 03:21:33 | 000,000,255 | ---- | C] () -- C:\WINDOWS\PowerReg.dat [2011/04/20 03:21:32 | 000,001,673 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Shortcut to Majesty.exe.lnk [2011/04/19 05:08:30 | 000,000,596 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\ct.exe.lnk [2011/04/17 16:17:10 | 000,001,597 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Cool Cat Casino.lnk [2011/04/16 20:40:58 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/16 20:32:05 | 000,014,414 | -HS- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\l068fp6ptd5np2lt166sas867 [2011/04/16 20:32:05 | 000,014,414 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\l068fp6ptd5np2lt166sas867 [2011/04/16 20:32:04 | 000,235,810 | -HS- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\jtj.exe [2011/04/16 20:32:04 | 000,235,810 | -HS- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\ilk.exe [2011/04/02 19:56:59 | 000,015,320 | -HS- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\xknxn4mokk7qve73ognubh4w [2011/04/02 19:56:59 | 000,015,320 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\xknxn4mokk7qve73ognubh4w [2011/04/02 19:56:58 | 000,242,323 | -HS- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\yef.exe [2011/04/01 09:49:41 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2011/04/01 09:35:30 | 000,014,728 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\3086410502 [2011/04/01 09:35:30 | 000,014,728 | -HS- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\219159425 [2011/04/01 09:33:45 | 000,014,732 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\219159425 [2011/04/01 09:33:45 | 000,014,720 | -HS- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\nfkbvf513btm8q23pu3b335611763pk05363mjyns30c4ri [2011/04/01 05:21:47 | 000,014,720 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\nfkbvf513btm8q23pu3b335611763pk05363mjyns30c4ri [2011/03/31 07:25:23 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~17424180r [2011/03/31 07:25:23 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~17424180 [2011/03/31 07:25:18 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\17424180 [2011/03/31 06:30:41 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\myMPQ.ini [2011/03/16 05:38:36 | 000,007,740 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\AA8A.3B6 [2011/03/03 04:15:16 | 000,000,067 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2010/12/31 05:15:31 | 000,000,059 | ---- | C] () -- C:\WINDOWS\ANS2000.INI [2010/12/31 05:15:31 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini [2010/12/31 05:15:31 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini [2010/11/05 17:39:26 | 000,030,660 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010/11/05 09:01:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Ransom.INI [2010/10/04 20:40:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CastleMalloy.INI [2010/08/21 09:15:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Twister.INI [2010/02/06 10:42:26 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi [2010/01/16 12:59:17 | 000,000,212 | ---- | C] () -- C:\WINDOWS\System32\26500.exe [2010/01/16 12:39:16 | 000,000,212 | ---- | C] () -- C:\WINDOWS\System32\6334.exe [2010/01/16 09:22:05 | 000,000,212 | ---- | C] () -- C:\WINDOWS\System32\18467.exe [2009/11/19 03:39:59 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\fusioncache.dat [2009/11/04 00:39:35 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\housecall.guid.cache [2009/10/31 23:29:12 | 001,262,058 | ---- | C] () -- C:\Program Files\Malwarebytes' Anti-Malware.rar [2009/10/14 18:05:27 | 001,511,424 | ---- | C] () -- C:\WINDOWS\System32\sn3win.dll [2009/10/13 00:12:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009/09/27 20:12:12 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\PnkBstrK.sys [2009/08/29 08:10:00 | 000,000,387 | ---- | C] () -- C:\WINDOWS\Calendar.INI [2009/08/14 01:38:00 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI [2009/06/23 03:26:42 | 000,000,002 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\_chk5900200 [2009/06/18 19:16:40 | 000,001,401 | ---- | C] () -- C:\WINDOWS\MultiTimer.ini [2009/05/31 02:38:42 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini [2009/05/31 01:57:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\DTDraw.dll [2009/05/18 13:25:08 | 000,000,002 | ---- | C] () -- C:\WINDOWS\v10neformatic.dll [2009/05/18 13:23:11 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\muangsys.dll [2009/05/18 13:23:11 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\muadisp.dll [2009/05/02 15:21:00 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009/04/28 07:05:33 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2009/04/19 02:53:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\suupdate.dat [2009/03/04 09:01:00 | 000,055,427 | ---- | C] () -- C:\WINDOWS\War3Unin.dat [2009/02/04 14:07:36 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2009/02/04 14:07:36 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2008/12/20 04:24:09 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2008/12/18 11:57:41 | 000,000,441 | ---- | C] () -- C:\WINDOWS\System32\TDSSosvd.dat [2008/11/24 08:52:21 | 000,001,041 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\vso_ts_preview.xml [2008/11/24 08:38:12 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\inst.exe [2008/11/24 08:38:12 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\pcouffin.cat [2008/11/24 08:38:12 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\pcouffin.inf [2008/11/22 21:37:34 | 000,000,085 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\AVSDVDPlayer.m3u [2008/11/22 20:40:14 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008/11/22 20:40:14 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008/11/16 19:07:22 | 000,072,704 | ---- | C] () -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/11/16 12:53:14 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2008/11/16 08:54:46 | 000,081,748 | ---- | C] () -- C:\WINDOWS\WinVerCheck.exe [2008/10/27 01:58:24 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\PnkBstrK.sys [2008/10/13 03:12:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI [2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008/09/22 10:51:07 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008/09/17 17:41:22 | 000,042,320 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2008/09/15 12:01:42 | 000,016,384 | ---- | C] () -- C:\WINDOWS\DCEBoot.exe [2008/09/13 03:42:00 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\System32\f9t.dat [2008/09/09 07:06:12 | 000,032,550 | ---- | C] () -- C:\WINDOWS\king-uninstall.exe [2008/09/07 17:31:35 | 000,002,162 | ---- | C] () -- C:\WINDOWS\System32\tmmute.ini [2008/08/10 13:02:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\IFinst27.exe [2008/08/04 15:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008/07/07 14:15:24 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008/07/01 11:20:17 | 000,000,411 | ---- | C] () -- C:\WINDOWS\ssce.ini [2008/06/09 01:29:13 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat [2008/06/06 22:34:59 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2008/06/06 22:34:58 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat [2008/06/06 22:34:58 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat [2008/06/06 22:34:58 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat [2008/06/06 22:34:58 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat [2008/06/06 22:34:58 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat [2008/06/06 22:34:58 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat [2008/06/06 22:34:58 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat [2008/06/06 22:34:58 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat [2008/06/06 22:34:58 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat [2008/06/06 22:34:58 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat [2008/06/06 22:34:58 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat [2008/06/06 22:34:58 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat [2008/06/06 22:34:58 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat [2008/06/06 22:34:58 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat [2008/06/06 22:34:58 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat [2008/06/06 22:34:11 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EPSCX7400.ini [2008/06/05 07:32:15 | 000,000,148 | ---- | C] () -- C:\WINDOWS\System32\acmeinc.ini [2008/06/05 07:32:15 | 000,000,116 | ---- | C] () -- C:\WINDOWS\System32\vxdtgm.ini [2008/06/05 04:05:04 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll [2008/06/05 02:35:21 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2008/06/05 02:35:21 | 000,012,664 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2008/06/05 02:35:18 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2008/06/05 02:35:18 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2008/06/05 02:20:03 | 000,030,970 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2008/06/05 02:19:27 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008/06/05 02:19:11 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008/06/05 02:00:43 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2008/06/05 01:56:42 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008/06/04 18:45:47 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008/06/04 18:43:06 | 000,394,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL [2006/07/23 14:15:55 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\cncs232.dll [2006/02/28 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006/02/28 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006/02/28 05:00:00 | 000,378,368 | ---- | C] () -- C:\WINDOWS\ixalilahacaf.dll [2006/02/28 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006/02/28 05:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_005107_.tmp.dll [2006/02/28 05:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004842_.tmp.dll [2006/02/28 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006/02/28 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006/02/28 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006/02/28 05:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2006/02/28 05:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_005075_.tmp.dll [2006/02/28 05:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004810_.tmp.dll [2006/02/28 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006/02/28 05:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006/02/28 05:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004/11/02 02:31:58 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2003/12/27 20:43:24 | 000,068,608 | ---- | C] () -- C:\WINDOWS\daemon.dll [2002/09/18 00:45:00 | 000,119,808 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe [2001/08/23 08:00:00 | 000,450,424 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001/08/23 08:00:00 | 000,074,118 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001/08/23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2000/08/29 14:01:02 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\libbz2.dll [color=#E56717]========== LOP Check ==========[/color] [2011/04/20 07:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1Click DVD Copy Pro [2010/07/10 02:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alawar [2011/03/15 20:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarWrapper [2010/02/17 16:19:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2009/10/05 01:51:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Armagetron [2010/02/09 06:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avery [2008/11/26 12:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus [2008/08/19 22:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOONTY [2009/03/29 00:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\crowsoft [2010/07/19 03:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Curious Sense [2009/02/15 06:20:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro [2010/10/30 10:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Deadtime Stories [2010/08/20 14:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz [2008/12/23 14:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON [2009/11/19 06:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EscapeTheMuseum [2010/08/20 11:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Exorcist DS 7 [2010/10/01 16:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Far Mills [2010/12/16 01:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Farm Fishes [2010/12/28 10:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Arctica [2011/03/07 21:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Madagascar [2010/05/11 06:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Flood Light Games [2011/03/06 16:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Floodlight Games [2009/08/24 02:59:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FloodLightGames [2010/12/19 14:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fugazo [2009/12/08 10:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames [2009/06/10 10:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse [2009/11/15 18:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gamers Digital [2010/12/13 00:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii [2009/09/15 15:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii Games [2010/08/19 07:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoodSync [2009/07/24 10:43:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft [2010/12/19 15:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft [2008/10/31 22:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hoyle FaceCreator [2009/11/25 03:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ijjigame [2009/03/17 09:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ironclad Games [2009/08/28 02:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin [2009/12/12 02:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear [2009/05/02 11:28:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn [2010/03/16 20:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom [2011/04/01 13:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData [2008/06/05 12:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MGS [2008/11/20 16:30:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microgaming [2010/07/29 00:12:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Million [2009/07/27 13:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MissTeriTale2 [2010/03/03 18:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MonteCristo [2010/10/01 17:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo [2009/09/24 22:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Mushroom Age [2009/04/24 06:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9 [2011/03/28 13:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nevosoft-Breeze [2009/10/28 12:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2009/06/09 22:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS [2011/04/22 19:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic [2010/10/01 16:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Particles [2009/02/04 00:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters [2008/10/18 05:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Petroglyph [2010/11/04 22:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst [2009/03/12 00:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayPond [2011/02/21 20:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files [2010/08/19 08:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoBros [2009/02/27 09:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap [2010/12/20 12:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PWD [2010/02/07 03:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Quark [2008/11/29 17:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RoboForm [2008/10/25 03:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stamps.com Internet Postage [2011/03/26 01:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla! [2011/05/02 06:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/03/16 04:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\The Mirror Mysteries [2008/08/12 08:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TMP [2008/12/23 17:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom [2009/11/19 03:12:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Turbine [2008/12/07 06:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk [2008/09/13 04:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VTExtra [2009/11/23 22:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WholeSecurity [2009/10/04 07:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildWestQuest2 [2010/06/11 12:51:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WorldWinner [2010/07/02 06:48:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\.# [2009/05/24 11:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\3 Days Zoo Mystery [2009/11/19 11:26:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Absolute Poker [2011/04/19 00:35:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Alawar [2010/09/27 11:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Anarchy [2009/10/05 01:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Armagetron [2011/03/16 05:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Awem [2010/06/25 03:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Axialis [2009/05/08 17:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Azuaz Games [2011/04/22 20:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Azureus [2010/06/27 14:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Big Fish Games [2010/04/27 06:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\BloodTies [2010/06/04 15:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Boomzap [2009/07/14 06:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Canneverbe_Limited [2011/03/27 07:44:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\CasinoStates [2010/04/29 00:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Catfood Software [2011/04/20 15:55:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\CB1723F9619B50A08C5B3F35855AFA19 [2009/04/25 05:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\cerasus [2009/04/20 09:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\cerasus.media [2009/08/29 08:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\check identical files [2009/02/26 11:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2009/01/30 14:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Command & Conquer 3 Kane's Wrath [2009/05/13 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Command & Conquer 3 Tiberium Wars [2009/12/22 09:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Configuration [2009/08/11 21:56:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Coyotes Tale [2009/04/25 00:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Crystal Player [2010/07/19 03:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Curious Sense [2011/03/21 18:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Daedalic Entertainment [2010/10/09 11:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\DailyMagic [2011/03/03 03:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\DarkParablesBriarRose_BFG [2009/05/31 02:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\DeskSoft [2011/04/22 19:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\DriverCure [2009/05/10 23:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Enchanted Katya [2010/07/29 00:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Enki Games [2010/08/06 08:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Enlightenus [2010/08/13 18:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Enlightenus2_BFG [2009/12/16 06:56:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\EPSON [2011/04/02 05:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\ERS G-Studio [2010/12/13 00:16:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\ERS Game Studios [2008/11/01 04:05:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Fallout3 [2008/10/03 14:49:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\FlashFXP [2009/11/25 20:04:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Flickr [2010/05/11 06:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Flood Light Games [2011/03/06 16:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Floodlight Games [2009/08/24 02:59:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\FloodLightGames [2011/03/21 04:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\ForgottenRiddles [2010/10/17 14:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\FreeArc [2009/10/04 07:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Friday's games [2008/07/04 21:17:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\FunGames [2009/05/12 11:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Gaijin Ent [2009/04/24 06:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\GameHouse [2010/04/29 21:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\GameInvest [2009/11/15 18:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Gamers Digital [2010/12/23 08:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\GetRightToGo [2010/12/13 00:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\gogii [2009/09/15 15:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Gogii Games [2010/10/05 07:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\GoHardPoker [2010/03/30 14:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Gold Casual Games [2009/11/12 02:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\GoldVegas [2010/08/19 07:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\GoodSync [2011/03/29 02:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\GraveyardShift [2011/03/16 13:57:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\HdO Adventure [2011/02/27 19:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\HillStoneAnimationStudios [2009/04/20 08:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\HiT-MM [2008/10/31 22:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Hoyle Puzzle and Board Games [2009/10/20 03:46:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\ijjigame [2009/11/29 13:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\ImgBurn [2009/09/15 14:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\IOMediaSupport6SZZ001s [2009/05/31 03:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\IronCode [2009/08/28 02:22:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\iWin [2010/12/03 09:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\JoyBits [2010/09/27 12:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\KingArthur [2010/05/11 03:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Lazy Turtle Games [2008/12/25 04:42:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Leadertech [2008/10/15 02:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Ludia [2010/10/05 07:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Luvin Poker [2010/11/04 22:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\MA2 [2011/03/03 08:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\margrave3_full [2010/04/27 04:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Meridian93 [2010/03/16 20:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Merscom [2011/03/03 04:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Microgaming [2009/05/13 11:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mount&Blade [2010/06/24 13:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\My Games [2010/11/04 18:55:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Mystery of Mortlake Mansion [2011/03/26 07:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\MysteryStudio [2010/04/10 11:15:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Nevosoft [2011/03/28 05:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Nevosoft-Breeze [2010/10/30 10:00:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Oberon Media [2011/05/02 01:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Ofapi [2011/04/19 03:23:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Orneon [2011/04/22 19:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\ParetoLogic [2008/11/04 05:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Petroglyph [2010/11/04 22:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\PlayFirst [2010/04/16 21:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Playrix Entertainment [2010/08/19 08:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\PoBros [2008/08/12 21:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\PopCap [2010/08/20 15:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\PriceGong [2010/02/07 03:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Quark [2009/09/24 23:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Reflexivev1001 [2009/06/21 20:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Restorer [2011/03/20 02:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Rialto [2011/03/22 20:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\RichCasino [2009/04/29 03:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\RobinsonCrusoe [2008/10/30 13:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\RoboForm [2009/08/04 13:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\SaintXi [2010/04/27 16:28:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Settlement. Colossus [2009/08/28 02:53:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Shape games [2009/08/04 14:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\she_is_a_shadow [2009/09/15 14:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Spinapse [2009/05/10 23:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\SpinTop [2011/03/16 13:19:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\SpinTop Games [2009/05/25 04:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Stamps.com Internet Postage [2010/10/10 17:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\SultansLabyrinth [2009/09/15 14:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Suspects and Clues Players [2009/09/15 14:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Suspects and Clues Prefs [2009/11/15 08:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\SystemRequirementsLab [2009/05/19 21:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\TAC-CM CRACKED [2009/08/22 21:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\TeamViewer [2009/11/12 02:31:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Thebes [2011/05/02 00:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Thinstall [2010/07/22 16:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\TikisLab [2009/05/31 06:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\TMInc [2008/12/23 17:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\TomTom [2010/11/16 12:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\UB [2010/07/24 18:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Ubisoft [2011/02/22 00:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Unity [2009/05/31 11:21:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\V-Games [2010/12/11 20:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Vast Studios [2009/02/07 12:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\VersionTracker Pro [2010/03/16 20:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Virtual Prophecy [2011/02/04 14:06:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Vso [2008/11/26 21:30:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\VTExtra [2010/04/01 07:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Worldwinner [2011/05/02 00:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Stormy.STORMYS2NDLIFE.000\Application Data\Ymwyas [2011/05/02 00:15:35 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration3.job [2011/04/26 03:52:33 | 000,000,420 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version3.job [2011/04/29 21:13:54 | 000,000,378 | ---- | M] () -- C:\WINDOWS\Tasks\PC Health Advisor Defrag.job [2011/05/01 22:01:51 | 000,000,360 | ---- | M] () -- C:\WINDOWS\Tasks\PC Health Advisor.job [2011/05/01 12:00:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\Schedule Task Weekly.job [2011/04/20 11:46:37 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{380FE606-3C88-4C8A-8D4F-D852D1A9C601}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:83EAC886 @Alternate Data Stream - 94 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:51F17BB8 @Alternate Data Stream - 240 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E2CFA9CD @Alternate Data Stream - 145 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1F14C10 @Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:700B9342 @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:021496FB @Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373C6DC2 @Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1170D6E4 @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF @Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A6D89509 @Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5311B0B8 @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E5B07840 @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C0893153 @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5345C8F6 @Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C928F3BE @Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:98DFF516 @Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9398DBB4 @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E8C44CB4 @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:F663BB74 @Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1F96ED45 @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6B7447D4 @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B904C348 @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:774A0E14 @Alternate Data Stream - 111 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:40D8F125 @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2E0B7D8A @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4FE42FFC @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:12D2EB9C @Alternate Data Stream - 107 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D853F961 @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7F24D3D8 < End of report >