OTL logfile created on: 12/22/2011 2:58:48 PM - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Jason\Desktop
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.25 Gb Total Physical Memory | 2.20 Gb Available Physical Memory | 67.76% Memory free
6.49 Gb Paging File | 5.18 Gb Available in Paging File | 79.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.04 Gb Total Space | 53.67 Gb Free Space | 18.01% Space Free | Partition Type: NTFS
Drive I: | 22.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive K: | 1862.98 Gb Total Space | 1592.23 Gb Free Space | 85.47% Space Free | Partition Type: NTFS
 
Computer Name: KIKYOU | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/12/22 14:53:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
PRC - [2011/10/28 21:02:37 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe
PRC - [2011/10/15 02:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/15 02:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011/10/15 02:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/10/14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/10/14 14:49:38 | 000,745,832 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe
PRC - [2011/09/08 19:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/15 05:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/04 13:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/30 09:45:14 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/11/20 06:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/09/10 23:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/03/15 06:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/03/24 20:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/12/14 14:27:28 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011/10/15 02:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/14 14:49:38 | 000,745,832 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011/10/12 05:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/09/09 00:00:00 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/08/04 13:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/08/02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/07/19 14:23:26 | 000,658,432 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/06/12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/23 21:19:15 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 19:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 19:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 19:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 19:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/09/10 23:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/11/03 03:23:46 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/11/03 03:23:45 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011/10/15 02:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/10/07 05:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 05:21:28 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/09/01 01:42:57 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011/08/08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 00:14:14 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 00:14:12 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/07/11 00:14:12 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/05/25 00:09:08 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/11/20 06:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 06:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 06:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 04:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 03:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 03:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/04/12 02:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010/01/07 08:20:00 | 000,583,680 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009/11/05 04:51:12 | 000,376,832 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)
DRV - [2009/09/16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009/07/13 17:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 16:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0E 5E 1E 57 34 C0 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/07/19 14:08:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/12/21 18:46:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/21 18:46:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2011/05/26 12:33:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Extensions
[2011/10/28 21:05:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\mozilla\Firefox\Profiles\v6mpz0xy.default\extensions
[2011/11/09 13:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/06 20:37:48 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/12/21 18:46:21 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2011/11/09 13:36:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
 
O1 HOSTS File: ([2011/02/16 16:05:02 | 000,001,211 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RaidCall] C:\Program Files\raidcall\raidcall.exe (RAIDCALL.COM)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jason\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"  /MINIMIZED File not found
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38287948-14E8-49BE-9F1F-19BD7DB34594}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E09E88E-9616-431E-8CD7-A62FA70B5E25}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89811D39-A308-48A0-BC96-85C413A120C8}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDF76C2E-62B9-464B-9CB0-2CE50BDC8176}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011/02/02 12:14:20 | 000,000,082 | ---- | M] () - I:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{2651ec1b-85b0-11e0-81db-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2651ec1b-85b0-11e0-81db-806e6f6e6963}\Shell\AutoRun\command - "" = D:\OblivionLauncher.exe
O33 - MountPoints2\{568af593-be49-11e0-9529-001d09893c17}\Shell - "" = AutoRun
O33 - MountPoints2\{568af593-be49-11e0-9529-001d09893c17}\Shell\AutoRun\command - "" = I:\unlock.exe -- [2011/03/09 13:27:17 | 003,728,752 | ---- | M] (Western Digital)
O33 - MountPoints2\{ab4a3cb3-ec14-11e0-97ef-001d09893c17}\Shell - "" = AutoRun
O33 - MountPoints2\{ab4a3cb3-ec14-11e0-97ef-001d09893c17}\Shell\AutoRun\command - "" = I:\iStudio.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\unlock.exe -- [2011/03/09 13:27:17 | 003,728,752 | ---- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/12/22 14:58:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2011/12/22 14:34:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2011/12/22 14:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com
[2011/12/20 18:54:34 | 000,000,000 | ---D | C] -- C:\temp
[2011/12/20 15:21:36 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/12/20 15:15:01 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{F9444E9B-134E-496C-AD95-B72CAD87FA53}
[2011/12/20 15:14:50 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{7D665A5C-1F84-4592-A623-8B0A5BDFD6FE}
[2011/12/20 15:11:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/12/20 14:43:58 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/12/20 14:40:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/20 05:16:28 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{51CCACAD-9534-4A7C-BE56-7571F05081BC}
[2011/12/19 14:10:14 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{863CBAF4-12F7-4A73-97DA-2E560BDC37D3}
[2011/12/19 12:53:24 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{F254188D-DFAC-4F1B-ABC9-EDBFDACCC7FD}
[2011/12/19 11:51:29 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{6AE67882-C326-431A-9ACF-666D4CAF25F2}
[2011/12/19 02:15:17 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{EEE6AD8A-C190-4BA9-89B3-8A29DD1FD235}
[2011/12/19 02:15:06 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{84DF4F17-1966-422F-9A1C-66CCFB543142}
[2011/12/18 06:56:30 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\ArcheAge
[2011/12/18 06:41:32 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{EEA00C75-C6FB-4DEF-86DD-CA31C58AFE14}
[2011/12/18 06:41:19 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{66971454-C2B8-4FD1-9866-52F175B07966}
[2011/12/17 01:20:34 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{9FF4AAAD-4F4A-41AF-AF9E-0D4C763529CF}
[2011/12/17 01:20:23 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{4CD2A2DA-4E11-423E-8E0B-343182B42883}
[2011/12/16 09:10:54 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{044C0A5D-55F8-416F-B17A-E46EBD88429F}
[2011/12/16 09:10:28 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{108B9F5F-8DD7-4B83-B9DD-46C638B76CA8}
[2011/12/15 08:23:43 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{9C396288-0231-432C-B99B-9DE6CD4F6712}
[2011/12/15 08:23:31 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{91D49E93-37D9-47F8-8085-B4654F868849}
[2011/12/13 23:03:13 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{BBB6884E-8BC7-4EBB-ADE9-328898E53C4E}
[2011/12/12 03:47:26 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Chromium
[2011/12/12 03:47:15 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\ArcheAge
[2011/12/12 03:46:33 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{ECA6062C-5ADB-4828-9B41-91147898BFDE}
[2011/12/12 03:42:08 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcheAge
[2011/12/12 03:42:07 | 000,000,000 | ---D | C] -- C:\Program Files\ArcheAge
[2011/12/11 19:02:23 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{53EB20DD-0FA3-4589-A114-C08BE9880E95}
[2011/12/10 16:37:47 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{EE0EA043-4A8D-46E2-8690-889E924309A4}
[2011/12/10 16:37:35 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{F8417880-2CA6-4109-9669-80F43D3DE64B}
[2011/12/09 16:38:26 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{F8861B4B-964C-4F63-9047-8A1188C2B7E0}
[2011/12/09 16:38:03 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{614CD8D5-5CE8-499F-9EBA-ABCA5D3A5796}
[2011/12/08 19:29:25 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{BF2E86E0-0827-4E35-B057-B9806F23C1B6}
[2011/12/08 19:29:02 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{26EC0D79-05CC-4C5C-9B15-3F6CB17EFF31}
[2011/12/08 16:29:12 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{EFC98011-FED7-4D02-8C58-99FC8432716E}
[2011/12/05 18:24:34 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{B3A5AC7E-AF57-46AC-87A3-630CB9909A10}
[2011/12/04 20:08:22 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{FF7E013B-8DB4-4E23-83AE-1603EC4B6DCD}
[2011/12/03 09:26:57 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{C6415CE2-D245-415A-96B4-8AA725078A9F}
[2011/12/02 10:42:20 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{9CBDDCE5-A52A-44E9-90D8-B5EF2B79E2A6}
[2011/12/02 10:42:09 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{8AA70561-029F-4130-B2D6-4308286B5072}
[2011/12/01 08:23:29 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{091AFCAC-AE17-4D53-AEEF-F7A86334799F}
[2011/12/01 08:23:08 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{DED6179C-1F8E-4027-8044-59238C607D26}
[2011/11/30 19:30:05 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{7B11D450-1729-49A3-B7F5-0AC8F3AD844D}
[2011/11/30 19:29:43 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{2CA1BCC4-BBF1-4708-B2FF-8ACE273F176D}
[2011/11/30 07:29:16 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{2F52D4DE-020C-4E92-89B1-18F32727A09B}
[2011/11/30 07:29:05 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{57838738-4826-4E72-BBF6-54ABE92D0F7A}
[2011/11/29 08:01:25 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{87A93D55-8FBC-4805-AF53-EA1D542EC9C7}
[2011/11/29 08:01:13 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{47FE3243-FB88-4344-BC1F-6BAF0D568AD2}
[2011/11/28 16:13:19 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{DC2A8B98-ABB6-41E3-BE10-A83A94224B35}
[2011/11/28 16:13:07 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{1DC117C8-4BE0-47E8-BE2E-C0FAF968953E}
[2011/11/28 15:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2011/11/28 07:04:07 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{4FDA0AB1-649F-43AD-815D-5E52F32A0880}
[2011/11/27 06:02:11 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{35AEC77D-1EC9-4C42-89CC-6DD61B443A29}
[2011/11/25 05:17:09 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Tunngle
[2011/11/25 05:17:09 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Tunngle
[2011/11/25 05:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Tunngle
[2011/11/25 05:17:08 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\Windows\System32\drivers\tap0901t.sys
[2011/11/25 05:17:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2011/11/25 05:17:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2011/11/25 05:17:07 | 000,000,000 | ---D | C] -- C:\Program Files\Tunngle
[2011/11/25 02:57:12 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{45AB636E-4005-452B-839B-4EA223899B78}
[2011/11/24 12:31:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2011/11/24 12:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\THQ
[2011/11/23 21:50:10 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{E6618589-9A70-4C12-90A7-2A56A6AF8C35}
[2011/11/23 01:38:43 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2011/11/23 00:51:24 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{5447B8D6-63F2-4AF3-B3C9-4AE76900383C}
[2011/11/23 00:51:12 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\{DD1D5E0E-937D-40B3-A64D-B5317AECFA31}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/12/22 14:53:57 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2011/12/22 14:37:03 | 108,210,432 | ---- | M] () -- C:\Users\Jason\Desktop\setup_11.0.0.1245.x01_2011_12_22_22_27.exe
[2011/12/22 14:34:54 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2011/12/22 14:34:53 | 000,660,022 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/22 14:34:53 | 000,120,950 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/22 14:31:44 | 003,452,594 | ---- | M] () -- C:\Users\Jason\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2011/12/22 09:58:57 | 000,019,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/22 09:58:57 | 000,019,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/22 09:51:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/22 09:51:39 | 2615,808,000 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/21 22:18:25 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2011/12/19 10:41:39 | 000,001,272 | -HS- | M] () -- C:\Users\Jason\AppData\Local\787772d6t052h555r358d3lui8o1
[2011/12/19 10:41:39 | 000,001,272 | -HS- | M] () -- C:\ProgramData\787772d6t052h555r358d3lui8o1
[2011/12/15 08:27:33 | 112,149,451 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/12/14 18:15:01 | 000,276,799 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011/12/13 05:30:29 | 000,014,276 | ---- | M] () -- C:\Users\Jason\Documents\meta.xml
[2011/12/12 03:45:13 | 000,427,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/12 03:42:15 | 000,000,001 | ---- | M] () -- C:\boot.bak
[2011/12/12 03:42:08 | 000,001,052 | ---- | M] () -- C:\Users\Jason\Desktop\ArcheAge.lnk
[2011/12/07 15:10:57 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/11/25 05:45:26 | 000,001,647 | ---- | M] () -- C:\Users\Jason\Desktop\Saints Row.lnk
[2011/11/25 05:17:08 | 000,000,923 | ---- | M] () -- C:\Users\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011/11/25 05:17:08 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2011/11/24 05:25:56 | 000,140,072 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/11/24 05:25:47 | 000,280,904 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011/11/24 05:01:04 | 000,280,904 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011/11/23 01:41:22 | 000,001,564 | ---- | M] () -- C:\Users\Jason\Desktop\Payday The Heist.lnk
[2011/11/23 01:26:20 | 000,000,896 | ---- | M] () -- C:\Users\Jason\Desktop\SmartSteam.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/12/22 14:44:34 | 108,210,432 | ---- | C] () -- C:\Users\Jason\Desktop\setup_11.0.0.1245.x01_2011_12_22_22_27.exe
[2011/12/22 14:34:54 | 000,002,213 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2011/12/22 14:34:31 | 003,452,594 | ---- | C] () -- C:\Users\Jason\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2011/12/19 10:41:33 | 000,001,272 | -HS- | C] () -- C:\Users\Jason\AppData\Local\787772d6t052h555r358d3lui8o1
[2011/12/19 10:41:33 | 000,001,272 | -HS- | C] () -- C:\ProgramData\787772d6t052h555r358d3lui8o1
[2011/12/13 05:30:28 | 000,014,276 | ---- | C] () -- C:\Users\Jason\Documents\meta.xml
[2011/12/12 03:42:15 | 000,000,001 | ---- | C] () -- C:\boot.bak
[2011/12/12 03:42:08 | 000,001,052 | ---- | C] () -- C:\Users\Jason\Desktop\ArcheAge.lnk
[2011/11/27 21:23:19 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011/11/25 05:45:26 | 000,001,647 | ---- | C] () -- C:\Users\Jason\Desktop\Saints Row.lnk
[2011/11/25 05:17:08 | 000,000,923 | ---- | C] () -- C:\Users\Jason\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011/11/25 05:17:08 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2011/11/23 01:26:20 | 000,000,896 | ---- | C] () -- C:\Users\Jason\Desktop\SmartSteam.lnk
[2011/11/03 03:23:46 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011/11/03 03:23:45 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011/10/14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011/09/02 11:15:45 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/08/31 23:39:25 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll
[2011/08/31 23:39:25 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll
[2011/07/24 01:14:53 | 000,140,072 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/07/24 01:14:53 | 000,138,056 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\PnkBstrK.sys
[2011/07/24 01:14:15 | 000,280,904 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011/07/24 01:14:12 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011/07/24 01:14:12 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/07/24 00:59:54 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2011/07/13 18:28:28 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011/06/27 18:27:19 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/06/26 21:13:14 | 000,007,605 | ---- | C] () -- C:\Users\Jason\AppData\Local\Resmon.ResmonCfg
[2011/05/26 17:06:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/05/26 17:03:06 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011/05/23 21:34:54 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/07/13 22:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:33:53 | 000,427,512 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 20:05:48 | 000,660,022 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 20:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 20:05:48 | 000,120,950 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 20:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 20:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 20:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 17:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/12/21 18:45:29 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\.minecraft
[2011/12/21 18:46:27 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ArcheAge
[2011/09/28 09:12:20 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\AVG
[2011/12/21 18:46:27 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\AVG2012
[2011/09/23 00:08:42 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Darkfall
[2011/08/06 01:32:04 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Darkfall US
[2011/12/14 09:01:15 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\FileZilla
[2011/12/21 18:45:30 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\GameRanger
[2011/12/21 18:46:27 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\gtk-2.0
[2011/08/05 01:18:45 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Mount&Blade Warband
[2011/12/21 18:46:29 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Mumble
[2011/10/28 01:47:08 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Origin
[2011/08/20 21:49:46 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\The Creative Assembly
[2011/12/21 18:46:29 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Tunngle
[2011/12/21 18:45:38 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Ubisoft
[2011/12/21 18:46:29 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Xilisoft
[2011/11/18 21:33:35 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >