Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Firefox, IE won't load certain websites. Time Out Error [Closed]

Started by Bullet90 , May 02 2010 06:25 AM

  • This topic is locked This topic is locked

#1
Bullet90
Posted 02 May 2010 - 06:25 AM

Bullet90

    Member

  • Member
  • PipPip
  • 27 posts
I got the Win 7 Defender Pro Virus recently. Scanners said it was quarantined but effects still linger. Also, browser redirects from Google search when I click on link. I must copy link location, paste it in address bar and enter. Neither Firefox, IE or Chrome will load certain websites. Browsing is also slower.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4058

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

5/2/2010 12:45:37 AM
mbam-log-2010-05-02 (00-45-37).txt

Scan type: Quick scan
Objects scanned: 120056
Time elapsed: 5 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:56:40 PM, on 5/1/2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\snuvcdsm.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\DS Clock\dsclock.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TBSB05974 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O3 - Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - (no file)
O3 - Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
O3 - Toolbar: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll (file missing)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\DSClock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [StartAutomator] C:\Windows\TEMP\vamoylp.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [StartAutomator] C:\Windows\TEMP\vamoylp.exe (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h20364.www2.h...DataManager.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DS Clock Synchronization Service www.dualitysoft.com (DSClockSyncTime) - Duality Software - C:\Program Files\DS Clock\dsetime.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Unknown owner - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Net Burner iSCSI Service (NetBurnerService) - Paragon GmbH - C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

--
End of file - 8437 bytes



OTL logfile created on: 5/2/2010 7:58:37 AM - Run 1
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\Paul\Desktop\Utilities
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.07 Gb Total Space | 204.52 Gb Free Space | 71.25% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.82 Gb Free Space | 16.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAUL-PC
Current User Name: Paul
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/01 23:58:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\Utilities\OTL.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/22 14:11:19 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/04/02 09:50:40 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/04/01 13:58:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/04/01 05:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/26 21:53:12 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/26 21:52:57 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/26 21:52:39 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/03/26 21:52:35 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/19 23:16:26 | 000,582,528 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsclock.exe
PRC - [2009/11/19 21:39:16 | 000,062,264 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsetime.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/30 17:57:20 | 000,718,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2009/08/10 08:14:26 | 000,027,184 | ---- | M] () -- C:\Windows\snuvcdsm.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 21:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/06/07 14:54:28 | 000,223,248 | ---- | M] (Paragon GmbH) -- C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe


========== Modules (SafeList) ==========

MOD - [2010/05/01 23:58:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\Utilities\OTL.exe
MOD - [2010/03/26 21:53:51 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2009/07/13 21:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 21:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 21:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 21:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 21:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 21:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 21:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 21:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 21:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 21:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
SRV - File not found [Auto | Stopped] -- -- (HP Health Check Service)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/25 17:45:06 | 001,265,264 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/29 08:40:55 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/26 21:52:39 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/03/26 21:52:35 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/11/19 21:39:16 | 000,062,264 | ---- | M] (Duality Software) [Auto | Running] -- C:\Program Files\DS Clock\dsetime.exe -- (DSClockSyncTime)
SRV - [2009/07/13 21:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 21:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 21:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 21:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 21:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 21:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 21:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 21:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 21:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 21:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 21:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 21:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 21:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/06/07 14:54:28 | 000,223,248 | ---- | M] (Paragon GmbH) [Auto | Running] -- C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe -- (NetBurnerService)


========== Driver Services (SafeList) ==========

DRV - [2010/04/30 10:00:55 | 000,061,440 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/04/23 19:41:21 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/04/22 14:11:19 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/04/02 21:24:40 | 000,167,936 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2010/04/02 21:22:50 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel®
DRV - [2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/03/26 21:53:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/03/26 21:53:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/01/18 16:39:06 | 000,003,200 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2009/12/11 03:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/09/10 10:29:50 | 001,761,280 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 21:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 21:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 21:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 21:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 21:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 21:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 21:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 21:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 19:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 19:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 19:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 19:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 19:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 19:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 18:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 18:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 18:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 18:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 18:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 18:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
DRV - [2009/07/13 18:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
DRV - [2009/07/13 18:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/07/13 18:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 18:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 18:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/06/10 17:19:30 | 004,756,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009/02/28 19:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/03/26 22:20:45] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008/06/07 14:54:28 | 000,084,752 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\NetBurn.sys -- (NetBurn)
DRV - [2008/06/07 14:53:02 | 000,040,464 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hotcore3.sys -- (hotcore3)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Value error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://flv.asksearch...g=2-113-11-lknr [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 15 AF 43 4E CD CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = EA 92 98 01 9E 56 4C 4B 90 BE 9A 16 B8 3E 7F 8F [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Gossiper"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/04/23 05:27:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}: C:\Users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94} [2010/04/16 22:23:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/28 23:02:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/26 09:33:42 | 000,000,000 | ---D | M]

[2010/03/26 22:09:03 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions
[2010/03/26 22:09:03 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/05/01 21:55:39 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions
[2010/04/08 09:42:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/04/24 14:15:37 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010/04/11 21:20:45 | 000,001,948 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\bing-zugo.xml
[2010/04/17 13:16:13 | 000,000,877 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\conduit.xml
[2010/04/23 14:39:49 | 000,002,612 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\kickasstorrents.xml
[2010/04/08 09:40:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/21 06:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2010/04/29 23:44:09 | 000,392,328 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 13575 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Value error. File not found
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Gossiper Toolbar) - {0A452A47-C5A8-4854-A237-4B9B06B376F0} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DS Clock] C:\Program Files\DS Clock\DSClock.exe (Duality Software)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kickasstorrents.com ([]https in Trusted sites)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/04/01 20:00:19 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/26 17:14:55 | 000,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{ba4921ec-43e9-11df-9f77-001f16e2d06b}\Shell - "" = AutoRun
O33 - MountPoints2\{ba4921ec-43e9-11df-9f77-001f16e2d06b}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/07/13 22:37:08 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 90 Days ==========

[2010/05/02 00:38:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/05/02 00:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/01 23:19:13 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/05/01 23:19:12 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/05/01 23:19:12 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/05/01 23:06:51 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/05/01 23:06:51 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/05/01 23:06:07 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/05/01 23:06:07 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/05/01 23:05:18 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/05/01 23:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/05/01 23:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/05/01 23:04:28 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\PC Tools
[2010/05/01 23:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/05/01 22:32:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Avira
[2010/05/01 22:13:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/05/01 22:13:22 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/05/01 22:13:22 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/05/01 22:13:22 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/05/01 22:13:22 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/05/01 22:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/05/01 22:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/05/01 21:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2010/05/01 18:13:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Easy SpyRemover
[2010/05/01 18:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\Easy SpyRemover
[2010/05/01 15:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2010/04/29 09:08:06 | 000,000,000 | ---D | C] -- C:\Users\Paul\manager
[2010/04/28 21:57:49 | 000,000,000 | R--D | C] -- C:\Users\Paul\Downloads
[2010/04/28 20:48:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Downloads
[2010/04/26 19:09:16 | 005,739,160 | ---- | C] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_V3_Pad.exe
[2010/04/26 19:07:34 | 008,402,176 | ---- | C] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_Pad.exe
[2010/04/26 18:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
[2010/04/25 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\SourceTec
[2010/04/25 21:15:17 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/04/25 19:11:56 | 000,000,000 | ---D | C] -- C:\dforce
[2010/04/25 17:45:57 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/04/25 17:41:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/04/25 12:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/25 12:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/25 11:58:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/25 11:58:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/25 11:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/24 14:21:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\BitComet Downloads
[2010/04/24 14:16:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\BitComet
[2010/04/24 14:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2010/04/24 09:14:40 | 000,000,000 | ---D | C] -- C:\April 24, 2010
[2010/04/24 07:04:48 | 000,000,000 | ---D | C] -- C:\Windows\CD95F661A5C444F5A6AAECDD91C240BD.TMP
[2010/04/23 23:07:26 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll
[2010/04/23 23:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/04/23 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Haali
[2010/04/23 23:05:40 | 000,290,816 | ---- | C] (SourceTec Software Co., LTD) -- C:\Windows\System32\stFLVSource.ax
[2010/04/23 23:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SourceTec
[2010/04/23 23:05:38 | 000,438,272 | ---- | C] (Gabest) -- C:\Windows\System32\Mpeg2DecFilter.ax
[2010/04/23 23:05:38 | 000,217,088 | ---- | C] (-) -- C:\Windows\System32\CoreFLACDecoder.ax
[2010/04/23 23:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Sothink HD Video Converter
[2010/04/23 19:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies
[2010/04/23 10:04:36 | 000,040,464 | ---- | C] (Paragon Software Group) -- C:\Windows\System32\drivers\hotcore3.sys
[2010/04/23 10:04:08 | 000,000,000 | ---D | C] -- C:\Program Files\Paragon Software
[2010/04/22 08:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/04/21 22:18:13 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Delta Force Xtreme
[2010/04/21 22:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2010/04/21 22:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/04/19 09:56:35 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Leadertech
[2010/04/18 19:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\NovaLogic
[2010/04/18 08:47:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PunkBuster
[2010/04/18 08:47:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\BFBC2
[2010/04/18 08:35:08 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/04/17 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Game Guides
[2010/04/17 00:12:57 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010/04/16 22:23:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}
[2010/04/15 19:55:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Limewire Downloads
[2010/04/15 14:43:07 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\ElevatedDiagnostics
[2010/04/15 11:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010/04/14 21:45:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Red Alert 3
[2010/04/14 21:32:12 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010/04/14 21:31:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/04/13 21:18:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Torrent Downloads
[2010/04/13 21:08:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Utilities
[2010/04/13 21:04:52 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\PC Games
[2010/04/13 16:51:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010/04/13 15:59:20 | 000,000,000 | ---D | C] -- C:\Games
[2010/04/12 09:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\Call of Duty
[2010/04/11 21:22:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\dwhelper
[2010/04/11 21:20:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Radical Software Ltd
[2010/04/10 22:12:27 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/04/10 22:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/04/10 21:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/04/09 20:43:41 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Users\Paul\DTLite4356-0091.exe
[2010/04/09 19:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent Acceleration Tool
[2010/04/09 12:34:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\.BitTornado
[2010/04/09 11:00:22 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Virus Programs
[2010/04/09 08:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/04/09 08:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/04/09 08:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/04/09 08:01:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SUPERAntiSpyware.com
[2010/04/09 08:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/08 19:32:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Shared
[2010/04/08 19:32:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Incomplete
[2010/04/08 19:32:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SkyDownloader
[2010/04/08 17:52:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\DAEMON Tools Lite
[2010/04/08 17:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/04/07 22:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/04/07 22:05:51 | 000,000,000 | ---D | C] -- C:\Downloads
[2010/04/06 15:45:56 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2010/04/04 09:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/04/04 09:52:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\uTorrent
[2010/04/04 09:50:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\uTorrent Downloads
[2010/04/03 11:05:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Google
[2010/04/03 11:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/04/02 22:22:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\FrostWire
[2010/04/02 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\FrostWire
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Duality Software
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Duality Software
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\DS Clock
[2010/04/02 21:53:21 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Yahoo
[2010/04/02 21:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Startup
[2010/04/02 21:47:24 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\GlarySoft
[2010/04/02 21:39:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Yahoo!
[2010/04/02 21:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/04/02 21:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/04/02 21:25:00 | 000,167,936 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2010/04/02 21:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/04/01 20:00:19 | 000,000,000 | -H-D | C] -- C:\Autorun.inf
[2010/04/01 15:14:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Malwarebytes
[2010/04/01 15:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/31 22:32:13 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\CyberLink
[2010/03/31 20:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/31 20:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/31 20:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/03/31 20:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/03/31 20:00:48 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Adobe
[2010/03/31 20:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/03/31 12:54:59 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/03/30 22:34:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/03/30 12:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2010/03/30 12:39:17 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\eMule
[2010/03/30 12:23:37 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\BitTorrent
[2010/03/29 09:56:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Canneverbe Limited
[2010/03/29 09:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010/03/29 08:40:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010/03/28 23:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/03/28 23:44:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Nero
[2010/03/28 23:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/03/28 23:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/03/28 19:39:41 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/03/28 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Diagnostics
[2010/03/27 14:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/27 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/27 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/03/27 14:17:16 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/03/27 14:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/03/27 14:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/27 14:15:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Microsoft Help
[2010/03/27 14:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/03/27 14:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/03/27 14:13:33 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/03/27 14:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/03/27 13:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2010/03/27 09:41:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\GrabPro
[2010/03/27 09:41:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Orbit
[2010/03/27 01:10:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/03/27 00:14:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/03/27 00:12:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/03/27 00:11:14 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/26 22:47:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Ares
[2010/03/26 22:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribe
[2010/03/26 22:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribe Template Labeler
[2010/03/26 22:40:38 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PowerDVDCox
[2010/03/26 22:40:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PowerDVDCinema
[2010/03/26 22:39:37 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\CyberLink
[2010/03/26 22:39:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\CyberLink
[2010/03/26 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/03/26 22:27:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/03/26 22:26:58 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 22:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/03/26 22:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/26 22:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010/03/26 22:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/03/26 22:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010/03/26 22:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/03/26 22:14:45 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/03/26 22:14:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\WinRAR
[2010/03/26 22:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/03/26 22:11:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Winamp
[2010/03/26 22:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010/03/26 22:10:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Incomplete
[2010/03/26 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\LimeWire
[2010/03/26 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2010/03/26 22:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/03/26 22:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/26 22:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/26 22:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/03/26 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Macromedia
[2010/03/26 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Adobe
[2010/03/26 21:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/03/26 21:56:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/03/26 21:53:49 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/26 21:53:47 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/03/26 21:53:42 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/26 21:53:41 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/26 21:53:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/03/26 21:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/03/26 21:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/03/26 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Mozilla
[2010/03/26 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Mozilla
[2010/03/26 21:45:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/26 21:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069}
[2010/03/26 21:32:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Hewlett-Packard
[2010/03/26 21:32:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Hewlett-Packard
[2010/03/26 21:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/03/26 21:29:25 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/03/26 21:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010/03/26 21:28:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/26 21:26:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
[2010/03/26 21:25:27 | 000,000,000 | ---D | C] -- C:\Intel
[2010/03/26 21:24:41 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/03/26 21:24:41 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\hpqLog
[2010/03/26 21:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010/03/26 21:24:19 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/26 21:23:43 | 000,000,000 | ---D | C] -- C:\SwSetup
[2010/03/26 21:20:53 | 000,000,000 | R--D | C] -- C:\Users\Paul\Searches
[2010/03/26 21:20:44 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Identities
[2010/03/26 21:20:41 | 000,000,000 | R--D | C] -- C:\Users\Paul\Contacts
[2010/03/26 21:20:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\VirtualStore
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Temporary Internet Files
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Templates
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Local Settings
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\History
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Application Data
[2010/03/26 21:20:29 | 000,000,000 | --SD | C] -- C:\Users\Paul\AppData\Roaming\Microsoft
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Videos
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Saved Games
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Pictures
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Music
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Links
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Favorites
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\My Documents
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Desktop
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Start Menu
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\SendTo
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Recent
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\PrintHood
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\NetHood
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Videos
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Pictures
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Music
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\My Documents
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Cookies
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Application Data
[2010/03/26 21:20:29 | 000,000,000 | -H-D | C] -- C:\Users\Paul\AppData
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Temp
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Microsoft
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Media Center Programs
[2010/03/26 21:20:19 | 000,000,000 | -HSD | C] -- C:\Recovery
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Paul\AppData\Roaming\*.tmp files -> C:\Users\Paul\AppData\Roaming\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/05/02 08:00:00 | 006,029,312 | -HS- | M] () -- C:\Users\Paul\ntuser.dat
[2010/05/02 08:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At33.job
[2010/05/02 07:51:38 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
[2010/05/02 07:51:38 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/02 07:50:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/02 07:49:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At8.job
[2010/05/02 07:49:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At7.job
[2010/05/02 07:49:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At56.job
[2010/05/02 07:49:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At55.job
[2010/05/02 07:49:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At32.job
[2010/05/02 07:49:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At6.job
[2010/05/02 07:49:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At54.job
[2010/05/02 07:49:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At5.job
[2010/05/02 07:49:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At31.job
[2010/05/02 07:49:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At30.job
[2010/05/02 07:48:59 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At53.job
[2010/05/02 07:48:59 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010/05/02 07:48:59 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At29.job
[2010/05/02 07:48:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At52.job
[2010/05/02 07:48:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At51.job
[2010/05/02 07:48:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010/05/02 07:48:58 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At28.job
[2010/05/02 07:48:51 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At27.job
[2010/05/02 01:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At50.job
[2010/05/02 01:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010/05/02 01:20:34 | 000,000,000 | ---- | M] () -- C:\Users\Paul\AppData\Local\prvlcl.dat
[2010/05/02 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At26.job
[2010/05/02 00:33:42 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/02 00:33:42 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/02 00:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At49.job
[2010/05/02 00:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010/05/02 00:26:56 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/05/02 00:23:43 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/02 00:23:40 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/02 00:23:23 | 2361,802,752 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/02 00:18:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At25.job
[2010/05/01 23:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At72.job
[2010/05/01 23:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At24.job
[2010/05/01 23:06:55 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/01 23:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At48.job
[2010/05/01 22:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At71.job
[2010/05/01 22:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At23.job
[2010/05/01 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At47.job
[2010/05/01 21:58:52 | 000,001,005 | ---- | M] () -- C:\Users\Paul\Desktop\Free Window Registry Repair.lnk
[2010/05/01 21:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At70.job
[2010/05/01 21:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At22.job
[2010/05/01 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At46.job
[2010/05/01 20:44:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
[2010/05/01 20:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At69.job
[2010/05/01 20:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At21.job
[2010/05/01 20:09:14 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\Easy SpyRemover.job
[2010/05/01 20:08:29 | 002,467,526 | -H-- | M] () -- C:\Users\Paul\AppData\Local\IconCache.db
[2010/05/01 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At45.job
[2010/05/01 19:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At68.job
[2010/05/01 19:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At20.job
[2010/05/01 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At44.job
[2010/05/01 18:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At67.job
[2010/05/01 18:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At19.job
[2010/05/01 18:13:51 | 000,000,982 | ---- | M] () -- C:\Users\Paul\Desktop\Easy Spy Remover.lnk
[2010/05/01 18:09:21 | 059,486,105 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/05/01 18:04:00 | 344,518,236 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/05/01 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At43.job
[2010/05/01 17:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At66.job
[2010/05/01 17:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At18.job
[2010/05/01 17:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At42.job
[2010/05/01 16:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At65.job
[2010/05/01 16:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At17.job
[2010/05/01 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At41.job
[2010/05/01 15:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At64.job
[2010/05/01 15:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At16.job
[2010/05/01 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At40.job
[2010/05/01 14:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At63.job
[2010/05/01 14:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At15.job
[2010/05/01 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At39.job
[2010/05/01 13:28:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At62.job
[2010/05/01 13:28:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At14.job
[2010/05/01 13:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At38.job
[2010/05/01 12:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At61.job
[2010/05/01 12:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At13.job
[2010/05/01 12:18:24 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At12.job
[2010/05/01 12:18:23 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At60.job
[2010/05/01 12:18:23 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At37.job
[2010/05/01 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At36.job
[2010/05/01 10:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At59.job
[2010/05/01 10:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At11.job
[2010/05/01 10:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At35.job
[2010/05/01 09:28:03 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At58.job
[2010/05/01 09:28:03 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At10.job
[2010/05/01 09:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At34.job
[2010/05/01 08:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At9.job
[2010/05/01 08:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At57.job
[2010/04/29 23:44:09 | 000,392,328 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/28 21:55:06 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000002.regtrans-ms
[2010/04/28 21:55:06 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000001.regtrans-ms
[2010/04/28 21:55:06 | 000,065,536 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TM.blf
[2010/04/28 20:42:58 | 000,002,249 | ---- | M] () -- C:\Users\Paul\Desktop\Google Chrome.lnk
[2010/04/28 00:52:43 | 000,010,780 | -HS- | M] () -- C:\ProgramData\116543190
[2010/04/28 00:52:42 | 000,010,780 | -HS- | M] () -- C:\Users\Paul\AppData\Local\4F6Xee6a8ibN
[2010/04/28 00:10:52 | 000,010,716 | -HS- | M] () -- C:\ProgramData\4F6Xee6a8ibN
[2010/04/27 22:06:25 | 000,001,683 | ---- | M] () -- C:\Users\Paul\Desktop\Sniper Elite.lnk
[2010/04/27 21:18:08 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/27 05:34:22 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job
[2010/04/26 21:15:07 | 000,000,479 | ---- | M] () -- C:\Users\Paul\Desktop\Desktop.lnk
[2010/04/26 19:13:12 | 005,739,160 | ---- | M] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_V3_Pad.exe
[2010/04/26 19:12:56 | 008,402,176 | ---- | M] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_Pad.exe
[2010/04/26 09:33:46 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/25 22:02:33 | 000,001,212 | ---- | M] () -- C:\Users\Public\Desktop\Sothink Movie DVD Maker.lnk
[2010/04/25 19:09:25 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/04/25 17:45:47 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010/04/25 16:39:38 | 000,001,245 | ---- | M] () -- C:\Users\Paul\Desktop\Delta Force BHD.lnk
[2010/04/25 12:10:21 | 000,002,043 | ---- | M] () -- C:\Users\Paul\Desktop\HijackThis.lnk
[2010/04/25 11:46:09 | 000,001,816 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/04/25 09:37:40 | 000,006,560 | -HS- | M] () -- C:\ProgramData\2245860339
[2010/04/25 09:37:39 | 000,006,560 | -HS- | M] () -- C:\Users\Paul\AppData\Local\2dhtt0G
[2010/04/25 09:34:33 | 000,006,088 | -HS- | M] () -- C:\ProgramData\2dhtt0G
[2010/04/24 20:47:47 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/24 20:47:47 | 000,022,328 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\PnkBstrK.sys
[2010/04/24 20:25:11 | 000,410,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/24 19:04:22 | 000,108,824 | ---- | M] () -- C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/24 17:01:56 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010/04/24 14:15:36 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010/04/24 09:02:57 | 000,002,357 | ---- | M] () -- C:\Users\Public\Desktop\Paragon Drive Backup™.lnk
[2010/04/24 07:22:56 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2010/04/23 23:05:49 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Sothink HD Video Converter.lnk
[2010/04/23 20:38:18 | 000,007,598 | ---- | M] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
[2010/04/23 19:41:21 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010/04/22 14:11:19 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/04/22 08:42:24 | 000,000,938 | ---- | M] () -- C:\Users\Paul\Desktop\7-Zip File Manager.lnk
[2010/04/21 22:06:54 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2010/04/21 19:14:57 | 000,000,950 | ---- | M] () -- C:\Users\Paul\Desktop\HP Instant Care.url
[2010/04/21 19:13:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\file.ext
[2010/04/21 10:01:07 | 000,001,005 | ---- | M] () -- C:\Users\Paul\Desktop\Start Unlocker.lnk
[2010/04/21 09:46:31 | 000,000,120 | ---- | M] () -- C:\Users\Paul\AppData\Local\Hweton.dat
[2010/04/21 05:25:28 | 000,000,000 | ---- | M] () -- C:\Users\Paul\AppData\Local\Rfequrihikicil.bin
[2010/04/18 21:25:24 | 000,001,191 | ---- | M] () -- C:\Users\Paul\Desktop\Delta Force 2 Xtreme.lnk
[2010/04/18 08:51:27 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/04/18 08:48:15 | 000,001,848 | ---- | M] () -- C:\Users\Paul\Desktop\Battlefield-Bad Company 2.lnk
[2010/04/18 08:44:19 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/04/16 22:46:00 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/16 22:00:37 | 000,001,873 | ---- | M] () -- C:\Users\Paul\Desktop\LimeWire PRO 5.3.6.lnk
[2010/04/16 21:44:57 | 000,011,324 | ---- | M] () -- C:\Users\Paul\Desktop\300 Ultra Mag.jpg
[2010/04/15 12:06:37 | 159,208,976 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100415).reg
[2010/04/13 08:39:54 | 000,000,112 | ---- | M] () -- C:\ProgramData\KM8S2d.dat
[2010/04/12 11:16:06 | 154,383,018 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100412).reg
[2010/04/12 10:13:43 | 000,000,910 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty 1 SP.lnk
[2010/04/12 09:56:27 | 000,000,960 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty Multiplayer.lnk
[2010/04/12 09:56:23 | 000,000,745 | ---- | M] () -- C:\Windows\CoD.INI
[2010/04/10 22:35:18 | 000,001,062 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty 2.lnk
[2010/04/10 22:12:15 | 000,000,287 | ---- | M] () -- C:\Windows\game.ini
[2010/04/10 21:24:42 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/04/09 21:45:38 | 000,002,058 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 9.lnk
[2010/04/09 20:43:36 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Users\Paul\DTLite4356-0091.exe
[2010/04/09 19:51:15 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\uTorrent Acceleration Tool.lnk
[2010/04/09 11:03:23 | 000,385,990 | R--- | M] () -- C:\Windows\System32\drivers\etc\hostsold
[2010/04/08 19:26:25 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/04/08 11:58:11 | 000,731,106 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/08 11:58:11 | 000,618,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/08 11:58:11 | 000,104,546 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/08 09:40:49 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/05 10:47:20 | 000,000,571 | ---- | M] () -- C:\Windows\eReg.dat
[2010/04/04 10:48:51 | 000,003,627 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869P.manifest
[2010/04/04 09:52:57 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/04/04 08:46:43 | 000,000,051 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869C.manifest
[2010/04/04 08:46:43 | 000,000,011 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869S.manifest
[2010/04/04 08:46:43 | 000,000,011 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869O.manifest
[2010/04/02 21:47:25 | 000,000,935 | ---- | M] () -- C:\Users\Paul\Desktop\Quick Startup.lnk
[2010/04/02 21:39:26 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/02 21:24:40 | 000,167,936 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2010/04/02 21:24:40 | 000,073,728 | ---- | M] () -- C:\Windows\System32\RtNicProp32.dll
[2010/04/02 09:05:05 | 000,000,313 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2010/04/01 20:24:29 | 146,220,896 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100401).reg
[2010/04/01 10:20:44 | 000,073,728 | ---- | M] () -- C:\Windows\System32\spwindrfc1.exe
[2010/04/01 10:02:02 | 000,008,700 | -HS- | M] () -- C:\ProgramData\7VJ5
[2010/04/01 10:02:01 | 000,008,700 | -HS- | M] () -- C:\Users\Paul\AppData\Local\7VJ5
[2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/03/28 23:30:49 | 144,381,288 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100328).reg
[2010/03/27 14:27:40 | 000,002,059 | ---- | M] () -- C:\Users\Public\Desktop\Play Splinter Cell Pandora Tomorrow.lnk
[2010/03/27 13:51:17 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\Play Splinter Cell.lnk
[2010/03/27 00:15:25 | 000,041,962 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/03/27 00:13:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/03/26 22:38:19 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010/03/26 22:28:39 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 22:28:39 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/26 22:28:39 | 000,065,536 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/26 22:26:58 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 22:11:52 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 21:53:51 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/26 21:53:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/26 21:53:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/26 21:53:41 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/26 21:36:57 | 000,000,104 | ---- | M] () -- C:\Users\Paul\Desktop\Control Panel.lnk
[2010/03/26 21:36:10 | 000,000,355 | ---- | M] () -- C:\Users\Paul\Desktop\Computer.lnk
[2010/03/26 21:22:03 | 000,001,417 | ---- | M] () -- C:\Users\Paul\Desktop\Internet Explorer.lnk
[2010/03/26 21:20:30 | 000,000,020 | -HS- | M] () -- C:\Users\Paul\ntuser.ini
[2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/02/05 09:18:02 | 000,100,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/02/05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Paul\AppData\Roaming\*.tmp files -> C:\Users\Paul\AppData\Roaming\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/02 00:26:56 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/05/01 23:19:16 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/05/01 23:19:14 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/05/01 23:19:13 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/05/01 23:19:13 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/05/01 23:19:13 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/05/01 23:06:51 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/05/01 23:06:07 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/05/01 23:06:07 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/05/01 23:05:43 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/01 23:05:18 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/05/01 21:58:52 | 000,001,005 | ---- | C] () -- C:\Users\Paul\Desktop\Free Window Registry Repair.lnk
[2010/05/01 18:21:00 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\Easy SpyRemover.job
[2010/05/01 18:13:51 | 000,000,982 | ---- | C] () -- C:\Users\Paul\Desktop\Easy Spy Remover.lnk
[2010/04/28 20:42:58 | 000,002,249 | ---- | C] () -- C:\Users\Paul\Desktop\Google Chrome.lnk
[2010/04/28 20:39:26 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
[2010/04/28 20:39:26 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
[2010/04/28 18:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000002.regtrans-ms
[2010/04/28 18:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000001.regtrans-ms
[2010/04/28 18:07:02 | 000,065,536 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TM.blf
[2010/04/28 01:08:51 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/04/27 20:38:15 | 000,010,780 | -HS- | C] () -- C:\Users\Paul\AppData\Local\4F6Xee6a8ibN
[2010/04/27 20:38:15 | 000,010,780 | -HS- | C] () -- C:\ProgramData\116543190
[2010/04/27 18:51:14 | 000,010,716 | -HS- | C] () -- C:\ProgramData\4F6Xee6a8ibN
[2010/04/26 21:14:46 | 000,000,479 | ---- | C] () -- C:\Users\Paul\Desktop\Desktop.lnk
[2010/04/25 22:02:33 | 000,001,212 | ---- | C] () -- C:\Users\Public\Desktop\Sothink Movie DVD Maker.lnk
[2010/04/25 17:41:54 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/04/25 12:10:21 | 000,002,043 | ---- | C] () -- C:\Users\Paul\Desktop\HijackThis.lnk
[2010/04/25 11:58:14 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/25 11:46:09 | 000,001,816 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/04/25 09:36:15 | 000,006,560 | -HS- | C] () -- C:\Users\Paul\AppData\Local\2dhtt0G
[2010/04/25 09:36:15 | 000,006,560 | -HS- | C] () -- C:\ProgramData\2245860339
[2010/04/25 09:32:56 | 000,006,088 | -HS- | C] () -- C:\ProgramData\2dhtt0G
[2010/04/24 14:15:36 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010/04/24 09:02:57 | 000,002,357 | ---- | C] () -- C:\Users\Public\Desktop\Paragon Drive Backup™.lnk
[2010/04/23 23:15:17 | 000,001,683 | ---- | C] () -- C:\Users\Paul\Desktop\Sniper Elite.lnk
[2010/04/23 23:07:27 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/04/23 23:05:49 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Sothink HD Video Converter.lnk
[2010/04/23 20:38:18 | 000,007,598 | ---- | C] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
[2010/04/23 10:04:36 | 000,247,560 | ---- | C] () -- C:\Windows\System32\prgiso.dll
[2010/04/22 08:42:24 | 000,000,938 | ---- | C] () -- C:\Users\Paul\Desktop\7-Zip File Manager.lnk
[2010/04/21 22:06:54 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2010/04/21 21:40:28 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2010/04/21 19:14:57 | 000,000,950 | ---- | C] () -- C:\Users\Paul\Desktop\HP Instant Care.url
[2010/04/21 19:13:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\file.ext
[2010/04/21 10:01:07 | 000,001,005 | ---- | C] () -- C:\Users\Paul\Desktop\Start Unlocker.lnk
[2010/04/21 06:45:20 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\prvlcl.dat
[2010/04/19 10:07:09 | 000,001,245 | ---- | C] () -- C:\Users\Paul\Desktop\Delta Force BHD.lnk
[2010/04/18 21:25:24 | 000,001,191 | ---- | C] () -- C:\Users\Paul\Desktop\Delta Force 2 Xtreme.lnk
[2010/04/18 08:48:15 | 000,001,848 | ---- | C] () -- C:\Users\Paul\Desktop\Battlefield-Bad Company 2.lnk
[2010/04/18 08:47:26 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/04/18 08:44:35 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/18 08:44:35 | 000,022,328 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\PnkBstrK.sys
[2010/04/18 08:44:21 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/04/18 08:44:19 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/04/18 08:44:19 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/04/16 22:23:20 | 000,000,120 | ---- | C] () -- C:\Users\Paul\AppData\Local\Hweton.dat
[2010/04/16 22:23:20 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\Rfequrihikicil.bin
[2010/04/16 22:00:37 | 000,001,873 | ---- | C] () -- C:\Users\Paul\Desktop\LimeWire PRO 5.3.6.lnk
[2010/04/16 21:44:56 | 000,011,324 | ---- | C] () -- C:\Users\Paul\Desktop\300 Ultra Mag.jpg
[2010/04/16 18:32:49 | 000,069,632 | ---- | C] () -- C:\Windows\RAUNINST.EXE
[2010/04/15 12:06:16 | 159,208,976 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100415).reg
[2010/04/13 22:05:04 | 344,518,236 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/04/12 17:43:13 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At72.job
[2010/04/12 17:43:13 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At71.job
[2010/04/12 17:43:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At70.job
[2010/04/12 17:43:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At69.job
[2010/04/12 17:43:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At68.job
[2010/04/12 17:43:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At67.job
[2010/04/12 17:43:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At66.job
[2010/04/12 17:43:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At65.job
[2010/04/12 17:43:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At64.job
[2010/04/12 17:43:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At63.job
[2010/04/12 17:43:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At62.job
[2010/04/12 17:43:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At61.job
[2010/04/12 17:43:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At60.job
[2010/04/12 17:43:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At59.job
[2010/04/12 17:43:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At58.job
[2010/04/12 17:43:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At57.job
[2010/04/12 17:43:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At56.job
[2010/04/12 17:43:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At55.job
[2010/04/12 17:43:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At54.job
[2010/04/12 17:43:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At53.job
[2010/04/12 17:43:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At52.job
[2010/04/12 17:43:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At51.job
[2010/04/12 17:43:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At50.job
[2010/04/12 17:43:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At49.job
[2010/04/12 11:15:36 | 154,383,018 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100412).reg
[2010/04/12 10:13:43 | 000,000,910 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty 1 SP.lnk
[2010/04/12 09:56:27 | 000,000,960 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty Multiplayer.lnk
[2010/04/12 09:48:52 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2010/04/10 22:35:18 | 000,001,062 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty 2.lnk
[2010/04/10 22:31:28 | 000,374,272 | ---- | C] () -- C:\Windows\System\mss32.dll
[2010/04/10 22:12:15 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2010/04/10 21:24:42 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/04/09 19:51:15 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\uTorrent Acceleration Tool.lnk
[2010/04/08 19:26:25 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/08 17:53:54 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010/04/08 09:40:49 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/04/08 09:40:34 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/06 10:48:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/06 10:48:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/05 16:31:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At48.job
[2010/04/05 16:31:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At47.job
[2010/04/05 16:31:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At46.job
[2010/04/05 16:31:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At45.job
[2010/04/05 16:31:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At44.job
[2010/04/05 16:31:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At43.job
[2010/04/05 16:31:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At42.job
[2010/04/05 16:31:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At41.job
[2010/04/05 16:31:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At40.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At39.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At38.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At37.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At36.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At35.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At34.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At33.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At32.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At31.job
[2010/04/05 16:31:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At30.job
[2010/04/05 16:31:35 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At29.job
[2010/04/05 16:31:35 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At28.job
[2010/04/05 16:31:35 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At27.job
[2010/04/05 16:31:35 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At26.job
[2010/04/05 16:31:35 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At25.job
[2010/04/05 16:29:18 | 000,000,112 | ---- | C] () -- C:\ProgramData\KM8S2d.dat
[2010/04/05 10:47:20 | 000,000,571 | ---- | C] () -- C:\Windows\eReg.dat
[2010/04/05 09:03:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At24.job
[2010/04/05 09:03:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At23.job
[2010/04/05 09:03:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At22.job
[2010/04/05 09:03:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At21.job
[2010/04/05 09:03:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At20.job
[2010/04/05 09:03:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At19.job
[2010/04/05 09:03:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At18.job
[2010/04/05 09:03:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At17.job
[2010/04/05 09:03:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At9.job
[2010/04/05 09:03:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At16.job
[2010/04/05 09:03:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At15.job
[2010/04/05 09:03:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At14.job
[2010/04/05 09:03:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At13.job
[2010/04/05 09:03:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At12.job
[2010/04/05 09:03:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At11.job
[2010/04/05 09:03:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At10.job
[2010/04/05 09:03:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At8.job
[2010/04/05 09:03:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At7.job
[2010/04/05 09:03:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At6.job
[2010/04/05 09:03:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At5.job
[2010/04/05 09:03:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At4.job
[2010/04/05 09:03:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At3.job
[2010/04/05 09:03:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010/04/05 09:03:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010/04/04 09:52:57 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/04/03 11:05:31 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/03 11:05:31 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/02 22:35:10 | 000,003,627 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869P.manifest
[2010/04/02 22:35:10 | 000,000,051 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869C.manifest
[2010/04/02 22:35:10 | 000,000,011 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869S.manifest
[2010/04/02 22:35:10 | 000,000,011 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869O.manifest
[2010/04/02 21:47:25 | 000,000,935 | ---- | C] () -- C:\Users\Paul\Desktop\Quick Startup.lnk
[2010/04/02 21:39:26 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/02 21:25:00 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/04/01 20:24:18 | 146,220,896 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100401).reg
[2010/04/01 18:06:45 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/01 10:20:34 | 000,073,728 | ---- | C] () -- C:\Windows\System32\spwindrfc1.exe
[2010/04/01 09:56:30 | 000,008,700 | -HS- | C] () -- C:\Users\Paul\AppData\Local\7VJ5
[2010/04/01 09:19:27 | 000,008,700 | -HS- | C] () -- C:\ProgramData\7VJ5
[2010/03/28 23:30:41 | 144,381,288 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100328).reg
[2010/03/27 14:27:40 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\Play Splinter Cell Pandora Tomorrow.lnk
[2010/03/27 13:55:54 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010/03/27 13:55:54 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010/03/27 13:55:54 | 000,035,840 | R--- | C] () -- C:\Windows\System32\comdlg32.oca
[2010/03/27 13:55:54 | 000,029,184 | R--- | C] () -- C:\Windows\System32\MSINET.oca
[2010/03/27 13:51:02 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\Play Splinter Cell.lnk
[2010/03/27 00:13:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/03/27 00:11:14 | 2361,802,752 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/26 22:38:19 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010/03/26 22:30:46 | 000,000,186 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\QSwitch.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\DSwitch.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\AtStart.txt
[2010/03/26 22:20:41 | 000,002,058 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 9.lnk
[2010/03/26 22:11:52 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 21:53:41 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/26 21:53:40 | 059,486,105 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/03/26 21:51:14 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job
[2010/03/26 21:36:57 | 000,000,104 | ---- | C] () -- C:\Users\Paul\Desktop\Control Panel.lnk
[2010/03/26 21:36:10 | 000,000,355 | ---- | C] () -- C:\Users\Paul\Desktop\Computer.lnk
[2010/03/26 21:29:47 | 000,000,313 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2010/03/26 21:22:03 | 000,001,417 | ---- | C] () -- C:\Users\Paul\Desktop\Internet Explorer.lnk
[2010/03/26 21:20:30 | 000,000,020 | -HS- | C] () -- C:\Users\Paul\ntuser.ini
[2010/03/26 21:20:29 | 006,029,312 | -HS- | C] () -- C:\Users\Paul\ntuser.dat
[2010/03/26 21:20:29 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 21:20:29 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/26 21:20:29 | 000,262,144 | -HS- | C] () -- C:\Users\Paul\ntuser.dat.LOG1
[2010/03/26 21:20:29 | 000,065,536 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/26 21:20:29 | 000,000,000 | -HS- | C] () -- C:\Users\Paul\ntuser.dat.LOG2
[2010/01/18 16:38:46 | 000,010,496 | ---- | C] () -- C:\Windows\System32\rcmirror.dll
[2009/09/10 10:29:50 | 001,761,280 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/05/11 09:39:16 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2008/12/29 09:13:30 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/06/07 14:53:02 | 004,244,744 | ---- | C] () -- C:\Windows\System32\qtp-mt334.dll
[2008/06/07 14:53:02 | 000,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll

========== LOP Check ==========

[2010/04/09 12:34:34 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\.BitTornado
[2010/05/01 21:06:23 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BitComet
[2010/04/21 09:55:52 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BitTorrent
[2010/04/01 10:05:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Canneverbe Limited
[2010/04/10 21:45:11 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DAEMON Tools Lite
[2010/04/02 22:05:46 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Duality Software
[2010/04/07 22:08:47 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\FrostWire
[2010/04/02 21:47:24 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GlarySoft
[2010/03/27 09:41:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GrabPro
[2010/04/19 09:56:35 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Leadertech
[2010/04/23 21:36:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2010/03/28 20:46:00 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Orbit
[2010/04/14 21:45:56 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Red Alert 3
[2010/04/16 22:34:56 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\SkyDownloader
[2010/05/02 00:16:31 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\uTorrent
[2010/03/26 21:26:08 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
[2010/05/02 00:26:56 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010/05/02 00:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2010/05/01 09:28:03 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2010/05/01 10:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2010/05/01 12:18:24 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2010/05/01 12:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2010/05/01 13:28:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2010/05/01 14:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2010/05/01 15:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At16.job
[2010/05/01 16:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At17.job
[2010/05/01 17:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At18.job
[2010/05/01 18:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At19.job
[2010/05/02 01:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2010/05/01 19:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At20.job
[2010/05/01 20:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At21.job
[2010/05/01 21:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At22.job
[2010/05/01 22:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At23.job
[2010/05/01 23:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At24.job
[2010/05/02 00:18:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At25.job
[2010/05/02 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At26.job
[2010/05/02 07:48:51 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At27.job
[2010/05/02 07:48:58 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At28.job
[2010/05/02 07:48:59 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At29.job
[2010/05/02 07:48:58 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2010/05/02 07:49:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At30.job
[2010/05/02 07:49:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At31.job
[2010/05/02 07:49:01 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At32.job
[2010/05/02 08:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At33.job
[2010/05/01 09:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At34.job
[2010/05/01 10:00:02 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At35.job
[2010/05/01 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At36.job
[2010/05/01 12:18:23 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At37.job
[2010/05/01 13:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At38.job
[2010/05/01 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At39.job
[2010/05/02 07:48:59 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2010/05/01 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At40.job
[2010/05/01 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At41.job
[2010/05/01 17:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At42.job
[2010/05/01 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At43.job
[2010/05/01 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At44.job
[2010/05/01 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At45.job
[2010/05/01 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At46.job
[2010/05/01 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At47.job
[2010/05/01 23:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\At48.job
[2010/05/02 00:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At49.job
[2010/05/02 07:49:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2010/05/02 01:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At50.job
[2010/05/02 07:48:58 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At51.job
[2010/05/02 07:48:58 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At52.job
[2010/05/02 07:48:59 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At53.job
[2010/05/02 07:49:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At54.job
[2010/05/02 07:49:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At55.job
[2010/05/02 07:49:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At56.job
[2010/05/01 08:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At57.job
[2010/05/01 09:28:03 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At58.job
[2010/05/01 10:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At59.job
[2010/05/02 07:49:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2010/05/01 12:18:23 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At60.job
[2010/05/01 12:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At61.job
[2010/05/01 13:28:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At62.job
[2010/05/01 14:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At63.job
[2010/05/01 15:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At64.job
[2010/05/01 16:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At65.job
[2010/05/01 17:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At66.job
[2010/05/01 18:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At67.job
[2010/05/01 19:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At68.job
[2010/05/01 20:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At69.job
[2010/05/02 07:49:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2010/05/01 21:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At70.job
[2010/05/01 22:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At71.job
[2010/05/01 23:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At72.job
[2010/05/02 07:49:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2010/05/01 08:28:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2010/05/01 20:09:14 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\Easy SpyRemover.job
[2010/04/27 07:17:52 | 000,025,360 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/05/02 00:23:21 | 000,019,281 | ---- | M] () -- C:\aaw7boot.log
[2009/06/10 17:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/06/10 17:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/05/02 00:23:23 | 2361,802,752 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/26 21:24:58 | 000,000,185 | ---- | M] () -- C:\hpqlb.log
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/05/02 00:23:23 | 3149,074,432 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2010/03/26 21:53:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/26 21:53:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/04/22 14:11:19 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/02/27 03:32:05 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb.sys
[2010/02/27 03:32:26 | 000,221,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys
[2010/02/27 03:32:12 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys
[2010/04/02 21:22:50 | 006,755,840 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5s32.sys
[2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/02/05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/04/08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/02/05 09:18:02 | 000,100,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/04/24 20:47:47 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/02 21:24:40 | 000,167,936 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2010/03/26 22:26:58 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/04/23 19:41:21 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 158 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8

< End of report >



OTL Extras logfile created on: 5/2/2010 7:58:37 AM - Run 1
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\Paul\Desktop\Utilities
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 66.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.07 Gb Total Space | 204.52 Gb Free Space | 71.25% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.82 Gb Free Space | 16.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAUL-PC
Current User Name: Paul
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}" = Splinter Cell Pandora Tomorrow
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{193C41B9-1A0F-45E6-8546-41C91C99A5F8}" = Delta Force Xtreme 2
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{37643DF0-33B5-4247-B0D9-AF8BACCED127}" = Call of Duty® 2 Mod Tools
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{484B100E-6FBE-4631-BC55-5F872FD8E020}" = HP Wireless Assistant
"{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}" = Paragon Drive Backup™ 9 Professional
"{495A8A3C-8FD0-4C46-9979-95C26181A1AB}" = HP Support Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1" = Sothink Movie DVD Maker
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6164D2E7-986B-42F5-B3A6-64D5E53FB889}" = Delta Force Black Hawk Down Team Sabre
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}" = LightScribe System Software
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = Active@ ISO Burner
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty® 2 Patch 1.3
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}" = LightScribe Template Labeler
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{88A4002B-BDBA-49A2-927C-D81E8DF32B1B}" = LightScribe Applications
"{8B31CFBF-A84D-4AB0-BB38-C54172E6753E}_is1" = Sothink HD Video Converter
"{8FE54D21-8254-4CCF-AEE0-066496AE43F4}" = Delta Force - Black Hawk Down
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A174402A-2EE6-4B86-A930-7BC85A9933BD}" = Tom Clancy's Splinter Cell
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C887C75D-2636-41F6-BB7B-FD4B0314C1E1}" = Paragon Partition Manager 9.0 Professional
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"{D86B6C32-49BD-4A02-9C43-14E497018498}" = Windows 7 Manager
"{DCFD26A8-60A5-4C69-A52D-264D0386FDB3}" = Microsoft Xbox 360 Accessories 1.2
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"7-Zip" = 7-Zip 9.13 beta
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ares" = Ares 2.1.5
"AVG9Uninstall" = AVG Free 9.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BitComet" = BitComet 1.20
"BitTorrent" = BitTorrent
"Browser Defender_is1" = Browser Defender 2.0.6.15
"Call of Duty" = Call of Duty
"CSS FULL DZ [Oct 15 2007]" = CSS FULL DZ [Oct 15 2007] v18.1
"Delta Force" = Delta Force
"DS Clock_is1" = DS Clock
"Easy SpyRemover_is1" = Easy SpyRemover 4.6
"eMule" = eMule
"ERUNT_is1" = ERUNT 1.1j
"ffdshow_is1" = ffdshow [rev 2583] [2009-01-05]
"Free Window Registry Repair" = Free Window Registry Repair
"FrostWire" = FrostWire 4.20.3
"Gossiper Toolbar" = Gossiper Toolbar
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"InstallShield_{37643DF0-33B5-4247-B0D9-AF8BACCED127}" = Call of Duty® 2 Mod Tools
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"LimeWire" = LimeWire 5.5.8
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"PunkBusterSvc" = PunkBuster Services
"Quick Startup_is1" = Quick Startup 2.8.0.718
"Red Alert" = Red Alert Windows 95
"SkyDownloader" = SkyDownloader
"Spyware Doctor" = Spyware Doctor 7.0
"ULTIMATER" = Microsoft Office Ultimate 2007
"Unlocker" = Unlocker 1.8.9
"uTorrent" = µTorrent
"uTorrent Acceleration Tool" = uTorrent Acceleration Tool
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"World War 2: Sniper" = World War 2: Sniper
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/2/2010 1:34:01 AM | Computer Name = Paul-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files\spybot
- search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language"
in element "assemblyIdentity" is invalid.

Error - 5/2/2010 7:54:11 AM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 5/2/2010 7:54:11 AM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 5/2/2010 7:54:11 AM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 5/2/2010 7:55:44 AM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 5/2/2010 7:55:44 AM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 5/2/2010 7:55:44 AM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 5/2/2010 7:56:57 AM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 5/2/2010 7:56:57 AM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 5/2/2010 7:56:57 AM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 7010
Description =

[ Hewlett-Packard Events ]
Error - 3/26/2010 9:46:14 PM | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 3/26/2010 9:46:14 PM | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 4/18/2010 8:25:44 AM | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 4/18/2010 8:25:45 AM | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

Error - 4/21/2010 6:43:14 PM | Computer Name = Paul-PC | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files\Hewlett-Packard\HP Support
Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options) at
System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)

at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a(Object
A_0, EventArgs A_1)

[ System Events ]
Error - 5/2/2010 12:37:01 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
5 time(s).

Error - 5/2/2010 12:37:11 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-2147218174.

Error - 5/2/2010 12:37:11 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
6 time(s).

Error - 5/2/2010 7:48:42 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 5/2/2010 7:54:11 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-2147218174.

Error - 5/2/2010 7:54:11 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
7 time(s).

Error - 5/2/2010 7:55:44 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-2147218174.

Error - 5/2/2010 7:55:44 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
8 time(s).

Error - 5/2/2010 7:56:57 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-2147218174.

Error - 5/2/2010 7:56:57 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
9 time(s).


< End of report >



Updated HijackThis Log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:21:01 AM, on 5/2/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\snuvcdsm.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\DS Clock\dsclock.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Paul\Desktop\Utilities\OTL.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TBSB05974 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O3 - Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - (no file)
O3 - Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
O3 - Toolbar: Gossiper Toolbar - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\DSClock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} (Hewlett-Packard Online Support Services) - http://h20364.www2.h...DataManager.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DS Clock Synchronization Service www.dualitysoft.com (DSClockSyncTime) - Duality Software - C:\Program Files\DS Clock\dsetime.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Unknown owner - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Net Burner iSCSI Service (NetBurnerService) - Paragon GmbH - C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 8873 bytes
  • 0

Advertisements

#2
Essexboy
Posted 02 May 2010 - 06:44 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there lets make a start

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
[2010/04/25 09:37:40 | 000,006,560 | -HS- | M] () -- C:\ProgramData\2245860339
[2010/04/25 09:37:39 | 000,006,560 | -HS- | M] () -- C:\Users\Paul\AppData\Local\2dhtt0G
[2010/04/25 09:34:33 | 000,006,088 | -HS- | M] () -- C:\ProgramData\2dhtt0G
[2010/04/28 00:52:43 | 000,010,780 | -HS- | M] () -- C:\ProgramData\116543190
[2010/04/28 00:52:42 | 000,010,780 | -HS- | M] () -- C:\Users\Paul\AppData\Local\4F6Xee6a8ibN
[2010/04/28 00:10:52 | 000,010,716 | -HS- | M] () -- C:\ProgramData\4F6Xee6a8ibN
[2010/04/21 09:46:31 | 000,000,120 | ---- | M] () -- C:\Users\Paul\AppData\Local\Hweton.dat
[2010/04/21 05:25:28 | 000,000,000 | ---- | M] () -- C:\Users\Paul\AppData\Local\Rfequrihikicil.bin
[2010/04/01 10:02:02 | 000,008,700 | -HS- | M] () -- C:\ProgramData\7VJ5
[2010/04/01 10:02:01 | 000,008,700 | -HS- | M] () -- C:\Users\Paul\AppData\Local\7VJ5

:Files
C:\Windows\tasks\At*.job

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Posted Image GMER Rootkit Scanner - Download - Homepage
[*] Download GMER
[*] Extract the contents of the zipped file to desktop.
[*] Double click GMER.exe.
Posted Image
[*] If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
[*] In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
  • IAT/EAT
  • Drives/Partition other than Systemdrive (typically C:\)
  • Show All (don't miss this one)
    Posted Image
    Click the image to enlarge it
  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
  • Save the log where you can easily find it, such as your desktop.
**Caution**Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
Please copy and paste the report into your Post.

Edited by Essexboy, 02 May 2010 - 06:45 AM.
posted to early

  • 0

#3
Bullet90
Posted 02 May 2010 - 07:21 AM

Bullet90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Thanks for the quick response!


OTL logfile created on: 5/2/2010 8:55:35 AM - Run 2
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\Paul\Desktop\Utilities
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.07 Gb Total Space | 204.18 Gb Free Space | 71.13% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.82 Gb Free Space | 16.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAUL-PC
Current User Name: Paul
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/01 23:58:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\Utilities\OTL.exe
PRC - [2010/04/30 10:00:55 | 002,020,592 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/04/25 17:45:07 | 000,818,256 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/04/25 17:45:06 | 001,265,264 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/04/22 14:11:19 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/04/02 09:50:40 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/04/01 13:58:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/04/01 05:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/26 21:53:12 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/26 21:52:57 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/26 21:52:39 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/03/26 21:52:35 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/19 23:16:26 | 000,582,528 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsclock.exe
PRC - [2009/11/19 21:39:16 | 000,062,264 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsetime.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/30 17:57:20 | 000,718,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2009/08/10 08:14:26 | 000,027,184 | ---- | M] () -- C:\Windows\snuvcdsm.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 21:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/06/07 14:54:28 | 000,223,248 | ---- | M] (Paragon GmbH) -- C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe


========== Modules (SafeList) ==========

MOD - [2010/05/01 23:58:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\Utilities\OTL.exe
MOD - [2010/03/26 21:53:51 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2009/07/13 21:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 21:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 21:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 21:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 21:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 21:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 21:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 21:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 21:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 21:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
SRV - File not found [Auto | Stopped] -- -- (HP Health Check Service)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/25 17:45:06 | 001,265,264 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/29 08:40:55 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/26 21:52:39 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/03/26 21:52:35 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/11/19 21:39:16 | 000,062,264 | ---- | M] (Duality Software) [Auto | Running] -- C:\Program Files\DS Clock\dsetime.exe -- (DSClockSyncTime)
SRV - [2009/07/13 21:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 21:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 21:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 21:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 21:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 21:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 21:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 21:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 21:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 21:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 21:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 21:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 21:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/06/07 14:54:28 | 000,223,248 | ---- | M] (Paragon GmbH) [Auto | Running] -- C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe -- (NetBurnerService)


========== Driver Services (SafeList) ==========

DRV - [2010/04/30 10:00:55 | 000,061,440 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/04/23 19:41:21 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/04/22 14:11:19 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/04/02 21:24:40 | 000,167,936 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2010/04/02 21:22:50 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel®
DRV - [2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/03/26 21:53:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/03/26 21:53:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/01/18 16:39:06 | 000,003,200 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2009/12/11 03:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/09/10 10:29:50 | 001,761,280 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 21:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 21:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 21:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 21:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 21:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 21:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 21:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 21:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 19:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 19:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 19:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 19:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 19:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 19:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 18:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 18:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 18:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 18:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 18:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 18:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
DRV - [2009/07/13 18:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
DRV - [2009/07/13 18:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/07/13 18:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 18:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 18:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/06/10 17:19:30 | 004,756,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009/02/28 19:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/03/26 22:20:45] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008/06/07 14:54:28 | 000,084,752 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\NetBurn.sys -- (NetBurn)
DRV - [2008/06/07 14:53:02 | 000,040,464 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hotcore3.sys -- (hotcore3)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Value error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://flv.asksearch...g=2-113-11-lknr [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 15 AF 43 4E CD CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = EA 92 98 01 9E 56 4C 4B 90 BE 9A 16 B8 3E 7F 8F [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Gossiper"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/04/23 05:27:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}: C:\Users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94} [2010/04/16 22:23:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/28 23:02:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/26 09:33:42 | 000,000,000 | ---D | M]

[2010/03/26 22:09:03 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions
[2010/03/26 22:09:03 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/05/01 21:55:39 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions
[2010/04/08 09:42:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/04/24 14:15:37 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010/04/11 21:20:45 | 000,001,948 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\bing-zugo.xml
[2010/04/17 13:16:13 | 000,000,877 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\conduit.xml
[2010/04/23 14:39:49 | 000,002,612 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\kickasstorrents.xml
[2010/04/08 09:40:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/21 06:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2010/05/02 08:50:48 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Value error. File not found
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Gossiper Toolbar) - {0A452A47-C5A8-4854-A237-4B9B06B376F0} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DS Clock] C:\Program Files\DS Clock\DSClock.exe (Duality Software)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kickasstorrents.com ([]https in Trusted sites)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/04/01 20:00:19 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/26 17:14:55 | 000,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{ba4921ec-43e9-11df-9f77-001f16e2d06b}\Shell - "" = AutoRun
O33 - MountPoints2\{ba4921ec-43e9-11df-9f77-001f16e2d06b}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 90 Days ==========

[2010/05/02 08:50:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/02 00:38:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/05/02 00:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/01 23:19:13 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/05/01 23:19:12 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/05/01 23:19:12 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/05/01 23:06:51 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/05/01 23:06:51 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/05/01 23:06:07 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/05/01 23:06:07 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/05/01 23:05:18 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/05/01 23:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/05/01 23:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/05/01 23:04:28 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\PC Tools
[2010/05/01 23:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/05/01 22:32:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Avira
[2010/05/01 22:13:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/05/01 22:13:22 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/05/01 22:13:22 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/05/01 22:13:22 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/05/01 22:13:22 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/05/01 22:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/05/01 22:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/05/01 21:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2010/05/01 18:13:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Easy SpyRemover
[2010/05/01 18:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\Easy SpyRemover
[2010/05/01 15:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2010/04/29 09:08:06 | 000,000,000 | ---D | C] -- C:\Users\Paul\manager
[2010/04/28 21:57:49 | 000,000,000 | R--D | C] -- C:\Users\Paul\Downloads
[2010/04/28 20:48:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Downloads
[2010/04/26 19:09:16 | 005,739,160 | ---- | C] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_V3_Pad.exe
[2010/04/26 19:07:34 | 008,402,176 | ---- | C] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_Pad.exe
[2010/04/26 18:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
[2010/04/25 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\SourceTec
[2010/04/25 21:15:17 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/04/25 19:11:56 | 000,000,000 | ---D | C] -- C:\dforce
[2010/04/25 17:45:57 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/04/25 17:41:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/04/25 12:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/25 12:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/25 11:58:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/25 11:58:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/25 11:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/24 14:21:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\BitComet Downloads
[2010/04/24 14:16:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\BitComet
[2010/04/24 14:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2010/04/24 09:14:40 | 000,000,000 | ---D | C] -- C:\April 24, 2010
[2010/04/24 07:04:48 | 000,000,000 | ---D | C] -- C:\Windows\CD95F661A5C444F5A6AAECDD91C240BD.TMP
[2010/04/23 23:07:26 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll
[2010/04/23 23:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/04/23 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Haali
[2010/04/23 23:05:40 | 000,290,816 | ---- | C] (SourceTec Software Co., LTD) -- C:\Windows\System32\stFLVSource.ax
[2010/04/23 23:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SourceTec
[2010/04/23 23:05:38 | 000,438,272 | ---- | C] (Gabest) -- C:\Windows\System32\Mpeg2DecFilter.ax
[2010/04/23 23:05:38 | 000,217,088 | ---- | C] (-) -- C:\Windows\System32\CoreFLACDecoder.ax
[2010/04/23 23:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Sothink HD Video Converter
[2010/04/23 19:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies
[2010/04/23 10:04:36 | 000,040,464 | ---- | C] (Paragon Software Group) -- C:\Windows\System32\drivers\hotcore3.sys
[2010/04/23 10:04:08 | 000,000,000 | ---D | C] -- C:\Program Files\Paragon Software
[2010/04/22 08:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/04/21 22:18:13 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Delta Force Xtreme
[2010/04/21 22:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2010/04/21 22:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/04/19 09:56:35 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Leadertech
[2010/04/18 19:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\NovaLogic
[2010/04/18 08:47:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PunkBuster
[2010/04/18 08:47:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\BFBC2
[2010/04/18 08:35:08 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/04/17 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Game Guides
[2010/04/17 00:12:57 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010/04/16 22:23:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}
[2010/04/15 19:55:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Limewire Downloads
[2010/04/15 14:43:07 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\ElevatedDiagnostics
[2010/04/15 11:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010/04/14 21:45:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Red Alert 3
[2010/04/14 21:32:12 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010/04/14 21:31:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/04/13 21:18:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Torrent Downloads
[2010/04/13 21:08:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Utilities
[2010/04/13 21:04:52 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\PC Games
[2010/04/13 16:51:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010/04/13 15:59:20 | 000,000,000 | ---D | C] -- C:\Games
[2010/04/12 09:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\Call of Duty
[2010/04/11 21:22:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\dwhelper
[2010/04/11 21:20:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Radical Software Ltd
[2010/04/10 22:12:27 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/04/10 22:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/04/10 21:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/04/09 20:43:41 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Users\Paul\DTLite4356-0091.exe
[2010/04/09 19:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent Acceleration Tool
[2010/04/09 12:34:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\.BitTornado
[2010/04/09 11:00:22 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Virus Programs
[2010/04/09 08:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/04/09 08:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/04/09 08:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/04/09 08:01:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SUPERAntiSpyware.com
[2010/04/09 08:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/08 19:32:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Shared
[2010/04/08 19:32:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Incomplete
[2010/04/08 19:32:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SkyDownloader
[2010/04/08 17:52:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\DAEMON Tools Lite
[2010/04/08 17:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/04/07 22:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/04/07 22:05:51 | 000,000,000 | ---D | C] -- C:\Downloads
[2010/04/06 15:45:56 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2010/04/04 09:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/04/04 09:52:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\uTorrent
[2010/04/04 09:50:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\uTorrent Downloads
[2010/04/03 11:05:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Google
[2010/04/03 11:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/04/02 22:22:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\FrostWire
[2010/04/02 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\FrostWire
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Duality Software
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Duality Software
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\DS Clock
[2010/04/02 21:53:21 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Yahoo
[2010/04/02 21:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Startup
[2010/04/02 21:47:24 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\GlarySoft
[2010/04/02 21:39:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Yahoo!
[2010/04/02 21:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/04/02 21:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/04/02 21:25:00 | 000,167,936 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2010/04/02 21:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/04/01 20:00:19 | 000,000,000 | -H-D | C] -- C:\Autorun.inf
[2010/04/01 15:14:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Malwarebytes
[2010/04/01 15:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/31 22:32:13 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\CyberLink
[2010/03/31 20:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/31 20:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/31 20:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/03/31 20:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/03/31 20:00:48 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Adobe
[2010/03/31 20:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/03/31 12:54:59 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/03/30 22:34:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/03/30 12:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2010/03/30 12:39:17 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\eMule
[2010/03/30 12:23:37 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\BitTorrent
[2010/03/29 09:56:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Canneverbe Limited
[2010/03/29 09:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010/03/29 08:40:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010/03/28 23:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/03/28 23:44:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Nero
[2010/03/28 23:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/03/28 23:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/03/28 19:39:41 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/03/28 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Diagnostics
[2010/03/27 14:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/27 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/27 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/03/27 14:17:16 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/03/27 14:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/03/27 14:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/27 14:15:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Microsoft Help
[2010/03/27 14:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/03/27 14:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/03/27 14:13:33 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/03/27 14:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/03/27 13:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2010/03/27 09:41:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\GrabPro
[2010/03/27 09:41:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Orbit
[2010/03/27 01:10:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/03/27 00:14:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/03/27 00:12:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/03/27 00:11:14 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/26 22:47:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Ares
[2010/03/26 22:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribe
[2010/03/26 22:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribe Template Labeler
[2010/03/26 22:40:38 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PowerDVDCox
[2010/03/26 22:40:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PowerDVDCinema
[2010/03/26 22:39:37 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\CyberLink
[2010/03/26 22:39:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\CyberLink
[2010/03/26 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/03/26 22:27:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/03/26 22:26:58 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 22:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/03/26 22:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/26 22:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010/03/26 22:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/03/26 22:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010/03/26 22:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/03/26 22:14:45 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/03/26 22:14:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\WinRAR
[2010/03/26 22:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/03/26 22:11:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Winamp
[2010/03/26 22:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010/03/26 22:10:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Incomplete
[2010/03/26 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\LimeWire
[2010/03/26 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2010/03/26 22:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/03/26 22:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/26 22:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/26 22:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/03/26 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Macromedia
[2010/03/26 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Adobe
[2010/03/26 21:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/03/26 21:56:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/03/26 21:53:49 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/26 21:53:47 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/03/26 21:53:42 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/26 21:53:41 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/26 21:53:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/03/26 21:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/03/26 21:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/03/26 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Mozilla
[2010/03/26 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Mozilla
[2010/03/26 21:45:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/26 21:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069}
[2010/03/26 21:32:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Hewlett-Packard
[2010/03/26 21:32:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Hewlett-Packard
[2010/03/26 21:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/03/26 21:29:25 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/03/26 21:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010/03/26 21:28:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/26 21:26:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
[2010/03/26 21:25:27 | 000,000,000 | ---D | C] -- C:\Intel
[2010/03/26 21:24:41 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/03/26 21:24:41 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\hpqLog
[2010/03/26 21:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010/03/26 21:24:19 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/26 21:23:43 | 000,000,000 | ---D | C] -- C:\SwSetup
[2010/03/26 21:20:53 | 000,000,000 | R--D | C] -- C:\Users\Paul\Searches
[2010/03/26 21:20:44 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Identities
[2010/03/26 21:20:41 | 000,000,000 | R--D | C] -- C:\Users\Paul\Contacts
[2010/03/26 21:20:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\VirtualStore
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Temporary Internet Files
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Templates
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Local Settings
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\History
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Application Data
[2010/03/26 21:20:29 | 000,000,000 | --SD | C] -- C:\Users\Paul\AppData\Roaming\Microsoft
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Videos
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Saved Games
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Pictures
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Music
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Links
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Favorites
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\My Documents
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Desktop
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Start Menu
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\SendTo
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Recent
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\PrintHood
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\NetHood
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Videos
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Pictures
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Music
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\My Documents
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Cookies
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Application Data
[2010/03/26 21:20:29 | 000,000,000 | -H-D | C] -- C:\Users\Paul\AppData
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Temp
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Microsoft
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Media Center Programs
[2010/03/26 21:20:19 | 000,000,000 | -HSD | C] -- C:\Recovery
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Paul\AppData\Roaming\*.tmp files -> C:\Users\Paul\AppData\Roaming\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/05/02 08:53:10 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/02 08:52:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/02 08:52:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/02 08:52:45 | 2361,802,752 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/02 08:50:48 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010/05/02 08:50:29 | 006,029,312 | -HS- | M] () -- C:\Users\Paul\ntuser.dat
[2010/05/02 08:44:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
[2010/05/02 08:20:01 | 000,002,959 | ---- | M] () -- C:\Users\Paul\Desktop\HiJackThis.lnk
[2010/05/02 08:15:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/02 08:04:35 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/02 08:04:35 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/02 01:20:34 | 000,000,000 | ---- | M] () -- C:\Users\Paul\AppData\Local\prvlcl.dat
[2010/05/01 23:06:55 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/01 21:58:52 | 000,001,005 | ---- | M] () -- C:\Users\Paul\Desktop\Free Window Registry Repair.lnk
[2010/05/01 20:44:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
[2010/05/01 20:09:14 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\Easy SpyRemover.job
[2010/05/01 20:08:29 | 002,467,526 | -H-- | M] () -- C:\Users\Paul\AppData\Local\IconCache.db
[2010/05/01 18:13:51 | 000,000,982 | ---- | M] () -- C:\Users\Paul\Desktop\Easy Spy Remover.lnk
[2010/05/01 18:09:21 | 059,486,105 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/05/01 18:04:00 | 344,518,236 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/28 21:55:06 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000002.regtrans-ms
[2010/04/28 21:55:06 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000001.regtrans-ms
[2010/04/28 21:55:06 | 000,065,536 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TM.blf
[2010/04/28 20:42:58 | 000,002,249 | ---- | M] () -- C:\Users\Paul\Desktop\Google Chrome.lnk
[2010/04/27 22:06:25 | 000,001,683 | ---- | M] () -- C:\Users\Paul\Desktop\Sniper Elite.lnk
[2010/04/27 21:18:08 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/27 05:34:22 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job
[2010/04/26 21:15:07 | 000,000,479 | ---- | M] () -- C:\Users\Paul\Desktop\Desktop.lnk
[2010/04/26 19:13:12 | 005,739,160 | ---- | M] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_V3_Pad.exe
[2010/04/26 19:12:56 | 008,402,176 | ---- | M] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_Pad.exe
[2010/04/26 09:33:46 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/25 22:02:33 | 000,001,212 | ---- | M] () -- C:\Users\Public\Desktop\Sothink Movie DVD Maker.lnk
[2010/04/25 19:09:25 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/04/25 17:45:47 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010/04/25 16:39:38 | 000,001,245 | ---- | M] () -- C:\Users\Paul\Desktop\Delta Force BHD.lnk
[2010/04/25 11:46:09 | 000,001,816 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/04/24 20:47:47 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/24 20:47:47 | 000,022,328 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\PnkBstrK.sys
[2010/04/24 20:25:11 | 000,410,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/24 19:04:22 | 000,108,824 | ---- | M] () -- C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/24 17:01:56 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010/04/24 14:15:36 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010/04/24 09:02:57 | 000,002,357 | ---- | M] () -- C:\Users\Public\Desktop\Paragon Drive Backup™.lnk
[2010/04/24 07:22:56 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2010/04/23 23:05:49 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Sothink HD Video Converter.lnk
[2010/04/23 20:38:18 | 000,007,598 | ---- | M] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
[2010/04/23 19:41:21 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010/04/22 14:11:19 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/04/22 08:42:24 | 000,000,938 | ---- | M] () -- C:\Users\Paul\Desktop\7-Zip File Manager.lnk
[2010/04/21 22:06:54 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2010/04/21 19:14:57 | 000,000,950 | ---- | M] () -- C:\Users\Paul\Desktop\HP Instant Care.url
[2010/04/21 19:13:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\file.ext
[2010/04/21 10:01:07 | 000,001,005 | ---- | M] () -- C:\Users\Paul\Desktop\Start Unlocker.lnk
[2010/04/18 21:25:24 | 000,001,191 | ---- | M] () -- C:\Users\Paul\Desktop\Delta Force 2 Xtreme.lnk
[2010/04/18 08:51:27 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/04/18 08:48:15 | 000,001,848 | ---- | M] () -- C:\Users\Paul\Desktop\Battlefield-Bad Company 2.lnk
[2010/04/18 08:44:19 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/04/16 22:46:00 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/16 22:00:37 | 000,001,873 | ---- | M] () -- C:\Users\Paul\Desktop\LimeWire PRO 5.3.6.lnk
[2010/04/16 21:44:57 | 000,011,324 | ---- | M] () -- C:\Users\Paul\Desktop\300 Ultra Mag.jpg
[2010/04/15 12:06:37 | 159,208,976 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100415).reg
[2010/04/13 08:39:54 | 000,000,112 | ---- | M] () -- C:\ProgramData\KM8S2d.dat
[2010/04/12 11:16:06 | 154,383,018 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100412).reg
[2010/04/12 10:13:43 | 000,000,910 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty 1 SP.lnk
[2010/04/12 09:56:27 | 000,000,960 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty Multiplayer.lnk
[2010/04/12 09:56:23 | 000,000,745 | ---- | M] () -- C:\Windows\CoD.INI
[2010/04/10 22:35:18 | 000,001,062 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty 2.lnk
[2010/04/10 22:12:15 | 000,000,287 | ---- | M] () -- C:\Windows\game.ini
[2010/04/10 21:24:42 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/04/09 21:45:38 | 000,002,058 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 9.lnk
[2010/04/09 20:43:36 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Users\Paul\DTLite4356-0091.exe
[2010/04/09 19:51:15 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\uTorrent Acceleration Tool.lnk
[2010/04/09 11:03:23 | 000,385,990 | R--- | M] () -- C:\Windows\System32\drivers\etc\hostsold
[2010/04/08 19:26:25 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/04/08 11:58:11 | 000,731,106 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/08 11:58:11 | 000,618,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/08 11:58:11 | 000,104,546 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/08 09:40:49 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/05 10:47:20 | 000,000,571 | ---- | M] () -- C:\Windows\eReg.dat
[2010/04/04 10:48:51 | 000,003,627 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869P.manifest
[2010/04/04 09:52:57 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/04/04 08:46:43 | 000,000,051 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869C.manifest
[2010/04/04 08:46:43 | 000,000,011 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869S.manifest
[2010/04/04 08:46:43 | 000,000,011 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869O.manifest
[2010/04/02 21:47:25 | 000,000,935 | ---- | M] () -- C:\Users\Paul\Desktop\Quick Startup.lnk
[2010/04/02 21:39:26 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/02 21:24:40 | 000,167,936 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2010/04/02 21:24:40 | 000,073,728 | ---- | M] () -- C:\Windows\System32\RtNicProp32.dll
[2010/04/02 09:05:05 | 000,000,313 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2010/04/01 20:24:29 | 146,220,896 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100401).reg
[2010/04/01 10:20:44 | 000,073,728 | ---- | M] () -- C:\Windows\System32\spwindrfc1.exe
[2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/03/28 23:30:49 | 144,381,288 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100328).reg
[2010/03/27 14:27:40 | 000,002,059 | ---- | M] () -- C:\Users\Public\Desktop\Play Splinter Cell Pandora Tomorrow.lnk
[2010/03/27 13:51:17 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\Play Splinter Cell.lnk
[2010/03/27 00:15:25 | 000,041,962 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/03/27 00:13:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/03/26 22:38:19 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010/03/26 22:28:39 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 22:28:39 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/26 22:28:39 | 000,065,536 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/26 22:26:58 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 22:11:52 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 21:53:51 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/26 21:53:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/26 21:53:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/26 21:53:41 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/26 21:36:57 | 000,000,104 | ---- | M] () -- C:\Users\Paul\Desktop\Control Panel.lnk
[2010/03/26 21:36:10 | 000,000,355 | ---- | M] () -- C:\Users\Paul\Desktop\Computer.lnk
[2010/03/26 21:22:03 | 000,001,417 | ---- | M] () -- C:\Users\Paul\Desktop\Internet Explorer.lnk
[2010/03/26 21:20:30 | 000,000,020 | -HS- | M] () -- C:\Users\Paul\ntuser.ini
[2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/02/05 09:18:02 | 000,100,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/02/05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Paul\AppData\Roaming\*.tmp files -> C:\Users\Paul\AppData\Roaming\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/01 23:19:16 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/05/01 23:19:14 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/05/01 23:19:13 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/05/01 23:19:13 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/05/01 23:19:13 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/05/01 23:06:51 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/05/01 23:06:07 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/05/01 23:06:07 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/05/01 23:05:43 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/01 23:05:18 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/05/01 21:58:52 | 000,001,005 | ---- | C] () -- C:\Users\Paul\Desktop\Free Window Registry Repair.lnk
[2010/05/01 18:21:00 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\Easy SpyRemover.job
[2010/05/01 18:13:51 | 000,000,982 | ---- | C] () -- C:\Users\Paul\Desktop\Easy Spy Remover.lnk
[2010/04/28 20:42:58 | 000,002,249 | ---- | C] () -- C:\Users\Paul\Desktop\Google Chrome.lnk
[2010/04/28 20:39:26 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
[2010/04/28 20:39:26 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
[2010/04/28 18:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000002.regtrans-ms
[2010/04/28 18:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000001.regtrans-ms
[2010/04/28 18:07:02 | 000,065,536 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TM.blf
[2010/04/28 01:08:51 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/04/26 21:14:46 | 000,000,479 | ---- | C] () -- C:\Users\Paul\Desktop\Desktop.lnk
[2010/04/25 22:02:33 | 000,001,212 | ---- | C] () -- C:\Users\Public\Desktop\Sothink Movie DVD Maker.lnk
[2010/04/25 17:41:54 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/04/25 12:10:21 | 000,002,959 | ---- | C] () -- C:\Users\Paul\Desktop\HiJackThis.lnk
[2010/04/25 11:58:14 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/25 11:46:09 | 000,001,816 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/04/24 14:15:36 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010/04/24 09:02:57 | 000,002,357 | ---- | C] () -- C:\Users\Public\Desktop\Paragon Drive Backup™.lnk
[2010/04/23 23:15:17 | 000,001,683 | ---- | C] () -- C:\Users\Paul\Desktop\Sniper Elite.lnk
[2010/04/23 23:07:27 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/04/23 23:05:49 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Sothink HD Video Converter.lnk
[2010/04/23 20:38:18 | 000,007,598 | ---- | C] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
[2010/04/23 10:04:36 | 000,247,560 | ---- | C] () -- C:\Windows\System32\prgiso.dll
[2010/04/22 08:42:24 | 000,000,938 | ---- | C] () -- C:\Users\Paul\Desktop\7-Zip File Manager.lnk
[2010/04/21 22:06:54 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2010/04/21 21:40:28 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2010/04/21 19:14:57 | 000,000,950 | ---- | C] () -- C:\Users\Paul\Desktop\HP Instant Care.url
[2010/04/21 19:13:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\file.ext
[2010/04/21 10:01:07 | 000,001,005 | ---- | C] () -- C:\Users\Paul\Desktop\Start Unlocker.lnk
[2010/04/21 06:45:20 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\prvlcl.dat
[2010/04/19 10:07:09 | 000,001,245 | ---- | C] () -- C:\Users\Paul\Desktop\Delta Force BHD.lnk
[2010/04/18 21:25:24 | 000,001,191 | ---- | C] () -- C:\Users\Paul\Desktop\Delta Force 2 Xtreme.lnk
[2010/04/18 08:48:15 | 000,001,848 | ---- | C] () -- C:\Users\Paul\Desktop\Battlefield-Bad Company 2.lnk
[2010/04/18 08:47:26 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/04/18 08:44:35 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/18 08:44:35 | 000,022,328 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\PnkBstrK.sys
[2010/04/18 08:44:21 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/04/18 08:44:19 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/04/18 08:44:19 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/04/16 22:00:37 | 000,001,873 | ---- | C] () -- C:\Users\Paul\Desktop\LimeWire PRO 5.3.6.lnk
[2010/04/16 21:44:56 | 000,011,324 | ---- | C] () -- C:\Users\Paul\Desktop\300 Ultra Mag.jpg
[2010/04/16 18:32:49 | 000,069,632 | ---- | C] () -- C:\Windows\RAUNINST.EXE
[2010/04/15 12:06:16 | 159,208,976 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100415).reg
[2010/04/13 22:05:04 | 344,518,236 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/04/12 11:15:36 | 154,383,018 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100412).reg
[2010/04/12 10:13:43 | 000,000,910 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty 1 SP.lnk
[2010/04/12 09:56:27 | 000,000,960 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty Multiplayer.lnk
[2010/04/12 09:48:52 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2010/04/10 22:35:18 | 000,001,062 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty 2.lnk
[2010/04/10 22:31:28 | 000,374,272 | ---- | C] () -- C:\Windows\System\mss32.dll
[2010/04/10 22:12:15 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2010/04/10 21:24:42 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/04/09 19:51:15 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\uTorrent Acceleration Tool.lnk
[2010/04/08 19:26:25 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/08 17:53:54 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010/04/08 09:40:49 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/04/08 09:40:34 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/06 10:48:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/06 10:48:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/05 16:29:18 | 000,000,112 | ---- | C] () -- C:\ProgramData\KM8S2d.dat
[2010/04/05 10:47:20 | 000,000,571 | ---- | C] () -- C:\Windows\eReg.dat
[2010/04/04 09:52:57 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/04/03 11:05:31 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/03 11:05:31 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/02 22:35:10 | 000,003,627 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869P.manifest
[2010/04/02 22:35:10 | 000,000,051 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869C.manifest
[2010/04/02 22:35:10 | 000,000,011 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869S.manifest
[2010/04/02 22:35:10 | 000,000,011 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869O.manifest
[2010/04/02 21:47:25 | 000,000,935 | ---- | C] () -- C:\Users\Paul\Desktop\Quick Startup.lnk
[2010/04/02 21:39:26 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/02 21:25:00 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/04/01 20:24:18 | 146,220,896 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100401).reg
[2010/04/01 18:06:45 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/01 10:20:34 | 000,073,728 | ---- | C] () -- C:\Windows\System32\spwindrfc1.exe
[2010/03/28 23:30:41 | 144,381,288 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100328).reg
[2010/03/27 14:27:40 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\Play Splinter Cell Pandora Tomorrow.lnk
[2010/03/27 13:55:54 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010/03/27 13:55:54 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010/03/27 13:55:54 | 000,035,840 | R--- | C] () -- C:\Windows\System32\comdlg32.oca
[2010/03/27 13:55:54 | 000,029,184 | R--- | C] () -- C:\Windows\System32\MSINET.oca
[2010/03/27 13:51:02 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\Play Splinter Cell.lnk
[2010/03/27 00:13:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/03/27 00:11:14 | 2361,802,752 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/26 22:38:19 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010/03/26 22:30:46 | 000,000,186 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\QSwitch.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\DSwitch.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\AtStart.txt
[2010/03/26 22:20:41 | 000,002,058 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 9.lnk
[2010/03/26 22:11:52 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 21:53:41 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/26 21:53:40 | 059,486,105 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/03/26 21:51:14 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job
[2010/03/26 21:36:57 | 000,000,104 | ---- | C] () -- C:\Users\Paul\Desktop\Control Panel.lnk
[2010/03/26 21:36:10 | 000,000,355 | ---- | C] () -- C:\Users\Paul\Desktop\Computer.lnk
[2010/03/26 21:29:47 | 000,000,313 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2010/03/26 21:22:03 | 000,001,417 | ---- | C] () -- C:\Users\Paul\Desktop\Internet Explorer.lnk
[2010/03/26 21:20:30 | 000,000,020 | -HS- | C] () -- C:\Users\Paul\ntuser.ini
[2010/03/26 21:20:29 | 006,029,312 | -HS- | C] () -- C:\Users\Paul\ntuser.dat
[2010/03/26 21:20:29 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 21:20:29 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/26 21:20:29 | 000,262,144 | -HS- | C] () -- C:\Users\Paul\ntuser.dat.LOG1
[2010/03/26 21:20:29 | 000,065,536 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/26 21:20:29 | 000,000,000 | -HS- | C] () -- C:\Users\Paul\ntuser.dat.LOG2
[2010/01/18 16:38:46 | 000,010,496 | ---- | C] () -- C:\Windows\System32\rcmirror.dll
[2009/09/10 10:29:50 | 001,761,280 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/05/11 09:39:16 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2008/12/29 09:13:30 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/06/07 14:53:02 | 004,244,744 | ---- | C] () -- C:\Windows\System32\qtp-mt334.dll
[2008/06/07 14:53:02 | 000,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll

========== LOP Check ==========

[2010/04/09 12:34:34 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\.BitTornado
[2010/05/01 21:06:23 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BitComet
[2010/04/21 09:55:52 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BitTorrent
[2010/04/01 10:05:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Canneverbe Limited
[2010/04/10 21:45:11 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DAEMON Tools Lite
[2010/04/02 22:05:46 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Duality Software
[2010/04/07 22:08:47 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\FrostWire
[2010/04/02 21:47:24 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GlarySoft
[2010/03/27 09:41:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GrabPro
[2010/04/19 09:56:35 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Leadertech
[2010/04/23 21:36:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2010/03/28 20:46:00 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Orbit
[2010/04/14 21:45:56 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Red Alert 3
[2010/04/16 22:34:56 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\SkyDownloader
[2010/05/02 08:50:39 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\uTorrent
[2010/03/26 21:26:08 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
[2010/05/01 20:09:14 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\Easy SpyRemover.job
[2010/04/27 07:17:52 | 000,025,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 158 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >



GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-02 09:19:55
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\Paul\AppData\Local\Temp\kxldapod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcess [0x8AEE72D6]
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateProcessEx [0x8AEE74C8]
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateUserProcess [0x8AEE76D0]
SSDT \SystemRoot\system32\drivers\PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwTerminateProcess [0x8AEE6F44]

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A2AAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A2A104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A2A3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A12634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A12898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A2A1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A2A958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A2A6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A2AF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82A2B1A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82A8A599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82AAEF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!RtlSidHashLookup + 32C 82AB683C 8 Bytes [D6, 72, EE, 8A, C8, 74, EE, ...]
.text ntkrnlpa.exe!RtlSidHashLookup + 364 82AB6874 4 Bytes [D0, 76, EE, 8A]
.text ntkrnlpa.exe!RtlSidHashLookup + 7B8 82AB6CC8 4 Bytes [44, 6F, EE, 8A]
? System32\Drivers\spya.sys The system cannot find the path specified. !
.text USBPORT.SYS!DllUnload 90EE5CA0 5 Bytes JMP 864A01D8
.text am2hrp35.SYS 928E4000 12 Bytes [44, 58, A1, 82, EE, 56, A1, ...]
.text am2hrp35.SYS 928E400D 9 Bytes [37, A1, 82, 48, 5B, A1, 82, ...] {AAA ; MOV EAX, [0xa15b4882]; ADD BYTE [EAX], 0x0}
.text am2hrp35.SYS 928E4017 170 Bytes [00, DE, 27, DA, 8A, E6, 25, ...]
.text am2hrp35.SYS 928E40C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text am2hrp35.SYS 928E40CE 4 Bytes [00, 00, 00, 00] {ADD [EAX], AL; ADD [EAX], AL}
.text ...
.text peauth.sys AD161C9D 28 Bytes [44, CE, 6D, C4, C8, 85, AF, ...]
.text peauth.sys AD161CC1 28 Bytes [44, CE, 6D, C4, C8, 85, AF, ...]
PAGE peauth.sys AD167E20 101 Bytes [49, 0D, F8, 06, AC, 6A, 50, ...]
PAGE peauth.sys AD16802C 102 Bytes [D0, 82, 7B, AF, 5F, E3, 3A, ...]
.text C:\Program Files\CyberLink\PowerDVD9\000.fcl section is writeable [0x92BBC000, 0x2892, 0xE8000020]
.vmp2 C:\Program Files\CyberLink\PowerDVD9\000.fcl entry point in ".vmp2" section [0x92BDF050]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 85DD41F8
Device \Driver\volmgr \Device\VolMgrControl 851251F8
Device \Driver\usbuhci \Device\USBPDO-0 864AF1F8
Device \Driver\usbuhci \Device\USBPDO-1 864AF1F8
Device \Driver\usbuhci \Device\USBPDO-2 864AF1F8
Device \Driver\usbehci \Device\USBPDO-3 864FB500
Device \Driver\usbuhci \Device\USBPDO-4 864AF1F8

AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBPDO-5 864AF1F8
Device \Driver\usbuhci \Device\USBPDO-6 864AF1F8
Device \Driver\volmgr \Device\HarddiskVolume1 851251F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\usbehci \Device\USBPDO-7 864FB500
Device \Driver\volmgr \Device\HarddiskVolume2 851251F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\cdrom \Device\CdRom0 863401F8
Device \Driver\PCI_PNP8381 \Device\00000059 spya.sys
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 851271F8
Device \Driver\atapi \Device\Ide\IdePort0 851271F8
Device \Driver\atapi \Device\Ide\IdePort1 851271F8
Device \Driver\atapi \Device\Ide\IdePort2 851271F8
Device \Driver\atapi \Device\Ide\IdePort3 851271F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 851271F8
Device \Driver\msahci \Device\Ide\PciIde0Channel0 851281F8
Device \Driver\msahci \Device\Ide\PciIde0Channel1 851281F8
Device \Driver\msahci \Device\Ide\PciIde0Channel4 851281F8
Device \Driver\msahci \Device\Ide\PciIde0Channel5 851281F8
Device \Driver\volmgr \Device\HarddiskVolume3 851251F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\USBSTOR \Device\00000076 8836A1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 863FE1F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E8D308F5-028C-47D0-ACC5-A9F48811DB79} 863FE1F8
Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\sptd \Device\537034382 spya.sys

AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 864AF1F8
Device \Driver\usbuhci \Device\USBFDO-1 864AF1F8
Device \Driver\usbuhci \Device\USBFDO-2 864AF1F8
Device \Driver\usbehci \Device\USBFDO-3 864FB500
Device \Driver\usbuhci \Device\USBFDO-4 864AF1F8
Device \Driver\usbuhci \Device\USBFDO-5 864AF1F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{AB66400E-E256-4D7A-9BEA-B21DBF1C39A5} 863FE1F8
Device \Driver\usbuhci \Device\USBFDO-6 864AF1F8
Device \Driver\usbehci \Device\USBFDO-7 864FB500
Device \Driver\am2hrp35 \Device\Scsi\am2hrp351 865741F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCD 0xB2 0x37 0xF8 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x42 0xEE 0x3A 0xAC ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x2D 0xF4 0x03 0x0E ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xEF 0xB2 0x48 0x68 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x42 0xEE 0x3A 0xAC ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x2D 0xF4 0x03 0x0E ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paragon Drive Backup\x2122 9 Professional\Net Burner Server\Net Burner Server.lnk 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\NewShortcuts@C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Drive Backup\x2122 9 Professional\Net Burner Server\Net Burner Server.lnk 1

---- EOF - GMER 1.0.15 ----
  • 0

#4
Essexboy
Posted 02 May 2010 - 07:33 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
On completion of this could you check the websites out and let me know the result

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Gossiper Toolbar) - {0A452A47-C5A8-4854-A237-4B9B06B376F0} - Reg Error: Value error. File not found

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#5
Bullet90
Posted 02 May 2010 - 07:53 AM

Bullet90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
OTL logfile created on: 5/2/2010 9:47:31 AM - Run 3
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\Paul\Desktop\Utilities
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 63.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.07 Gb Total Space | 204.21 Gb Free Space | 71.14% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.82 Gb Free Space | 16.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAUL-PC
Current User Name: Paul
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/01 23:58:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\Utilities\OTL.exe
PRC - [2010/04/30 10:00:55 | 002,020,592 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/04/25 17:45:07 | 000,818,256 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/04/25 17:45:06 | 001,265,264 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/04/22 14:11:19 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/04/02 09:50:40 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/04/01 05:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/26 21:53:12 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/26 21:52:57 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/26 21:52:39 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/03/26 21:52:35 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/19 23:16:26 | 000,582,528 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsclock.exe
PRC - [2009/11/19 21:39:16 | 000,062,264 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsetime.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/30 17:57:20 | 000,718,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2009/08/10 08:14:26 | 000,027,184 | ---- | M] () -- C:\Windows\snuvcdsm.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 21:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/06/07 14:54:28 | 000,223,248 | ---- | M] (Paragon GmbH) -- C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe


========== Modules (SafeList) ==========

MOD - [2010/05/01 23:58:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\Utilities\OTL.exe
MOD - [2010/03/26 21:53:51 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2009/07/13 21:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 21:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 21:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 21:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 21:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 21:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 21:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 21:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 21:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 21:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
SRV - File not found [Auto | Stopped] -- -- (HP Health Check Service)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/25 17:45:06 | 001,265,264 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/29 08:40:55 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/26 21:52:39 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/03/26 21:52:35 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/03/15 11:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/11 11:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/22 09:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/11/19 21:39:16 | 000,062,264 | ---- | M] (Duality Software) [Auto | Running] -- C:\Program Files\DS Clock\dsetime.exe -- (DSClockSyncTime)
SRV - [2009/07/13 21:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 21:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 21:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 21:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 21:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 21:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 21:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 21:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 21:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 21:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 21:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 21:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 21:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/06/07 14:54:28 | 000,223,248 | ---- | M] (Paragon GmbH) [Auto | Running] -- C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe -- (NetBurnerService)


========== Driver Services (SafeList) ==========

DRV - [2010/04/30 10:00:55 | 000,061,440 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/04/23 19:41:21 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/04/22 14:11:19 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/04/02 21:24:40 | 000,167,936 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2010/04/02 21:22:50 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel®
DRV - [2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/03/26 21:53:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/03/26 21:53:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/01/18 16:39:06 | 000,003,200 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2009/12/11 03:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/09/10 10:29:50 | 001,761,280 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 21:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 21:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 21:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 21:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 21:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 21:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 21:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 21:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 19:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 19:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 19:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 19:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 19:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 19:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 18:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 18:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 18:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 18:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 18:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 18:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
DRV - [2009/07/13 18:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
DRV - [2009/07/13 18:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/07/13 18:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 18:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 18:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/06/10 17:19:30 | 004,756,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009/02/28 19:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/03/26 22:20:45] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008/06/07 14:54:28 | 000,084,752 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\NetBurn.sys -- (NetBurn)
DRV - [2008/06/07 14:53:02 | 000,040,464 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hotcore3.sys -- (hotcore3)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://flv.asksearch...g=2-113-11-lknr [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 15 AF 43 4E CD CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = EA 92 98 01 9E 56 4C 4B 90 BE 9A 16 B8 3E 7F 8F [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Gossiper"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/04/23 05:27:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}: C:\Users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94} [2010/04/16 22:23:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/28 23:02:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/26 09:33:42 | 000,000,000 | ---D | M]

[2010/03/26 22:09:03 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions
[2010/03/26 22:09:03 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/05/01 21:55:39 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions
[2010/04/08 09:42:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/04/24 14:15:37 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010/04/11 21:20:45 | 000,001,948 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\bing-zugo.xml
[2010/04/17 13:16:13 | 000,000,877 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\conduit.xml
[2010/04/23 14:39:49 | 000,002,612 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\kickasstorrents.xml
[2010/04/08 09:40:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/21 06:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2010/05/02 09:45:03 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - No CLSID value found.
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DS Clock] C:\Program Files\DS Clock\DSClock.exe (Duality Software)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kickasstorrents.com ([]https in Trusted sites)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/04/01 20:00:19 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/26 17:14:55 | 000,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{ba4921ec-43e9-11df-9f77-001f16e2d06b}\Shell - "" = AutoRun
O33 - MountPoints2\{ba4921ec-43e9-11df-9f77-001f16e2d06b}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 90 Days ==========

[2010/05/02 08:50:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/02 00:38:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/05/02 00:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/01 23:19:13 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/05/01 23:19:12 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/05/01 23:19:12 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/05/01 23:06:51 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/05/01 23:06:51 | 000,100,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/05/01 23:06:07 | 000,218,592 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/05/01 23:06:07 | 000,088,040 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/05/01 23:05:18 | 000,063,360 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/05/01 23:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/05/01 23:04:28 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/05/01 23:04:28 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\PC Tools
[2010/05/01 23:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/05/01 22:32:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Avira
[2010/05/01 22:13:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/05/01 22:13:22 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/05/01 22:13:22 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/05/01 22:13:22 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/05/01 22:13:22 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/05/01 22:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/05/01 22:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/05/01 21:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2010/05/01 18:13:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Easy SpyRemover
[2010/05/01 18:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\Easy SpyRemover
[2010/05/01 15:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2010/04/29 09:08:06 | 000,000,000 | ---D | C] -- C:\Users\Paul\manager
[2010/04/28 21:57:49 | 000,000,000 | R--D | C] -- C:\Users\Paul\Downloads
[2010/04/28 20:48:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Downloads
[2010/04/26 19:09:16 | 005,739,160 | ---- | C] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_V3_Pad.exe
[2010/04/26 19:07:34 | 008,402,176 | ---- | C] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_Pad.exe
[2010/04/26 18:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
[2010/04/25 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\SourceTec
[2010/04/25 21:15:17 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/04/25 19:11:56 | 000,000,000 | ---D | C] -- C:\dforce
[2010/04/25 17:45:57 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/04/25 17:41:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/04/25 12:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/25 12:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/25 11:58:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/25 11:58:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/25 11:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/24 14:21:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\BitComet Downloads
[2010/04/24 14:16:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\BitComet
[2010/04/24 14:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2010/04/24 09:14:40 | 000,000,000 | ---D | C] -- C:\April 24, 2010
[2010/04/23 23:07:26 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll
[2010/04/23 23:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/04/23 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Haali
[2010/04/23 23:05:40 | 000,290,816 | ---- | C] (SourceTec Software Co., LTD) -- C:\Windows\System32\stFLVSource.ax
[2010/04/23 23:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SourceTec
[2010/04/23 23:05:38 | 000,438,272 | ---- | C] (Gabest) -- C:\Windows\System32\Mpeg2DecFilter.ax
[2010/04/23 23:05:38 | 000,217,088 | ---- | C] (-) -- C:\Windows\System32\CoreFLACDecoder.ax
[2010/04/23 23:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Sothink HD Video Converter
[2010/04/23 19:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies
[2010/04/23 10:04:36 | 000,040,464 | ---- | C] (Paragon Software Group) -- C:\Windows\System32\drivers\hotcore3.sys
[2010/04/23 10:04:08 | 000,000,000 | ---D | C] -- C:\Program Files\Paragon Software
[2010/04/22 08:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/04/21 22:18:13 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Delta Force Xtreme
[2010/04/21 22:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2010/04/21 22:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/04/19 09:56:35 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Leadertech
[2010/04/18 19:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\NovaLogic
[2010/04/18 08:47:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PunkBuster
[2010/04/18 08:47:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\BFBC2
[2010/04/18 08:35:08 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/04/17 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Game Guides
[2010/04/17 00:12:57 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010/04/16 22:23:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}
[2010/04/15 19:55:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Limewire Downloads
[2010/04/15 14:43:07 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\ElevatedDiagnostics
[2010/04/15 11:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010/04/14 21:45:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Red Alert 3
[2010/04/14 21:31:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/04/13 21:18:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Torrent Downloads
[2010/04/13 21:08:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Utilities
[2010/04/13 21:04:52 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\PC Games
[2010/04/13 16:51:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010/04/13 15:59:20 | 000,000,000 | ---D | C] -- C:\Games
[2010/04/12 09:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\Call of Duty
[2010/04/11 21:22:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\dwhelper
[2010/04/11 21:20:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Radical Software Ltd
[2010/04/10 22:12:27 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/04/10 22:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/04/10 21:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/04/09 20:43:41 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Users\Paul\DTLite4356-0091.exe
[2010/04/09 19:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent Acceleration Tool
[2010/04/09 12:34:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\.BitTornado
[2010/04/09 11:00:22 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Virus Programs
[2010/04/09 08:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/04/09 08:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/04/09 08:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/04/09 08:01:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SUPERAntiSpyware.com
[2010/04/09 08:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/08 19:32:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Shared
[2010/04/08 19:32:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Incomplete
[2010/04/08 19:32:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SkyDownloader
[2010/04/08 17:52:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\DAEMON Tools Lite
[2010/04/08 17:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/04/07 22:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/04/07 22:05:51 | 000,000,000 | ---D | C] -- C:\Downloads
[2010/04/06 15:45:56 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2010/04/04 09:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/04/04 09:52:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\uTorrent
[2010/04/04 09:50:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\uTorrent Downloads
[2010/04/03 11:05:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Google
[2010/04/03 11:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/04/02 22:22:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\FrostWire
[2010/04/02 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\FrostWire
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Duality Software
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Duality Software
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\DS Clock
[2010/04/02 21:53:21 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Yahoo
[2010/04/02 21:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Startup
[2010/04/02 21:47:24 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\GlarySoft
[2010/04/02 21:39:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Yahoo!
[2010/04/02 21:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/04/02 21:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/04/02 21:25:00 | 000,167,936 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2010/04/02 21:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/04/01 20:00:19 | 000,000,000 | -H-D | C] -- C:\Autorun.inf
[2010/04/01 15:14:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Malwarebytes
[2010/04/01 15:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/31 22:32:13 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\CyberLink
[2010/03/31 20:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/31 20:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/31 20:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/03/31 20:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/03/31 20:00:48 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Adobe
[2010/03/31 20:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/03/31 12:54:59 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/03/30 22:34:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/03/30 12:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2010/03/30 12:39:17 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\eMule
[2010/03/30 12:23:37 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\BitTorrent
[2010/03/29 09:56:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Canneverbe Limited
[2010/03/29 09:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010/03/29 08:40:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010/03/28 23:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/03/28 23:44:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Nero
[2010/03/28 23:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/03/28 23:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/03/28 19:39:41 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/03/28 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Diagnostics
[2010/03/27 14:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/27 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/27 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/03/27 14:17:16 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/03/27 14:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/03/27 14:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/27 14:15:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Microsoft Help
[2010/03/27 14:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/03/27 14:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/03/27 14:13:33 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/03/27 14:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/03/27 13:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2010/03/27 09:41:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\GrabPro
[2010/03/27 09:41:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Orbit
[2010/03/27 01:10:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/03/27 00:14:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/03/27 00:12:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/03/27 00:11:14 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/26 22:47:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Ares
[2010/03/26 22:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribe
[2010/03/26 22:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribe Template Labeler
[2010/03/26 22:40:38 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PowerDVDCox
[2010/03/26 22:40:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PowerDVDCinema
[2010/03/26 22:39:37 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\CyberLink
[2010/03/26 22:39:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\CyberLink
[2010/03/26 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/03/26 22:27:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/03/26 22:26:58 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 22:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/03/26 22:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/26 22:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010/03/26 22:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/03/26 22:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010/03/26 22:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/03/26 22:14:45 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/03/26 22:14:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\WinRAR
[2010/03/26 22:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/03/26 22:11:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Winamp
[2010/03/26 22:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010/03/26 22:10:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Incomplete
[2010/03/26 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\LimeWire
[2010/03/26 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2010/03/26 22:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/03/26 22:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/26 22:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/26 22:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/03/26 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Macromedia
[2010/03/26 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Adobe
[2010/03/26 21:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/03/26 21:56:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/03/26 21:53:49 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/26 21:53:47 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/03/26 21:53:42 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/26 21:53:41 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/26 21:53:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/03/26 21:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/03/26 21:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/03/26 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Mozilla
[2010/03/26 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Mozilla
[2010/03/26 21:45:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/26 21:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069}
[2010/03/26 21:32:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Hewlett-Packard
[2010/03/26 21:32:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Hewlett-Packard
[2010/03/26 21:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/03/26 21:29:25 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/03/26 21:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010/03/26 21:28:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/26 21:26:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
[2010/03/26 21:25:27 | 000,000,000 | ---D | C] -- C:\Intel
[2010/03/26 21:24:41 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/03/26 21:24:41 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\hpqLog
[2010/03/26 21:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010/03/26 21:24:19 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/26 21:23:43 | 000,000,000 | ---D | C] -- C:\SwSetup
[2010/03/26 21:20:53 | 000,000,000 | R--D | C] -- C:\Users\Paul\Searches
[2010/03/26 21:20:44 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Identities
[2010/03/26 21:20:41 | 000,000,000 | R--D | C] -- C:\Users\Paul\Contacts
[2010/03/26 21:20:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\VirtualStore
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Temporary Internet Files
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Templates
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Local Settings
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\History
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Application Data
[2010/03/26 21:20:29 | 000,000,000 | --SD | C] -- C:\Users\Paul\AppData\Roaming\Microsoft
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Videos
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Saved Games
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Pictures
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Music
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Links
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Favorites
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\My Documents
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Desktop
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Start Menu
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\SendTo
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Recent
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\PrintHood
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\NetHood
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Videos
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Pictures
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Music
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\My Documents
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Cookies
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Application Data
[2010/03/26 21:20:29 | 000,000,000 | -H-D | C] -- C:\Users\Paul\AppData
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Temp
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Microsoft
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Media Center Programs
[2010/03/26 21:20:19 | 000,000,000 | -HSD | C] -- C:\Recovery
[1 C:\Users\Paul\AppData\Roaming\*.tmp files -> C:\Users\Paul\AppData\Roaming\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/05/02 09:46:09 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/02 09:46:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/02 09:45:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/02 09:45:55 | 2361,802,752 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/02 09:45:19 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/02 09:45:19 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/02 09:45:14 | 006,029,312 | -HS- | M] () -- C:\Users\Paul\ntuser.dat
[2010/05/02 09:45:03 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2010/05/02 09:44:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
[2010/05/02 09:15:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/02 09:05:41 | 394,960,444 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/05/02 08:20:01 | 000,002,959 | ---- | M] () -- C:\Users\Paul\Desktop\HiJackThis.lnk
[2010/05/02 01:20:34 | 000,000,000 | ---- | M] () -- C:\Users\Paul\AppData\Local\prvlcl.dat
[2010/05/01 23:06:55 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/01 21:58:52 | 000,001,005 | ---- | M] () -- C:\Users\Paul\Desktop\Free Window Registry Repair.lnk
[2010/05/01 20:44:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
[2010/05/01 20:09:14 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\Easy SpyRemover.job
[2010/05/01 20:08:29 | 002,467,526 | -H-- | M] () -- C:\Users\Paul\AppData\Local\IconCache.db
[2010/05/01 18:13:51 | 000,000,982 | ---- | M] () -- C:\Users\Paul\Desktop\Easy Spy Remover.lnk
[2010/05/01 18:09:21 | 059,486,105 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/28 21:55:06 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000002.regtrans-ms
[2010/04/28 21:55:06 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000001.regtrans-ms
[2010/04/28 21:55:06 | 000,065,536 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TM.blf
[2010/04/28 20:42:58 | 000,002,249 | ---- | M] () -- C:\Users\Paul\Desktop\Google Chrome.lnk
[2010/04/27 22:06:25 | 000,001,683 | ---- | M] () -- C:\Users\Paul\Desktop\Sniper Elite.lnk
[2010/04/27 21:18:08 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/27 05:34:22 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job
[2010/04/26 21:15:07 | 000,000,479 | ---- | M] () -- C:\Users\Paul\Desktop\Desktop.lnk
[2010/04/26 19:13:12 | 005,739,160 | ---- | M] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_V3_Pad.exe
[2010/04/26 19:12:56 | 008,402,176 | ---- | M] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_Pad.exe
[2010/04/26 09:33:46 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/25 22:02:33 | 000,001,212 | ---- | M] () -- C:\Users\Public\Desktop\Sothink Movie DVD Maker.lnk
[2010/04/25 19:09:25 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/04/25 17:45:47 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010/04/25 16:39:38 | 000,001,245 | ---- | M] () -- C:\Users\Paul\Desktop\Delta Force BHD.lnk
[2010/04/25 11:46:09 | 000,001,816 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/04/24 20:47:47 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/24 20:47:47 | 000,022,328 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\PnkBstrK.sys
[2010/04/24 20:25:11 | 000,410,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/24 19:04:22 | 000,108,824 | ---- | M] () -- C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/24 17:01:56 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010/04/24 14:15:36 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010/04/24 09:02:57 | 000,002,357 | ---- | M] () -- C:\Users\Public\Desktop\Paragon Drive Backup™.lnk
[2010/04/24 07:22:56 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2010/04/23 23:05:49 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Sothink HD Video Converter.lnk
[2010/04/23 20:38:18 | 000,007,598 | ---- | M] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
[2010/04/23 19:41:21 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010/04/22 14:11:19 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/04/22 08:42:24 | 000,000,938 | ---- | M] () -- C:\Users\Paul\Desktop\7-Zip File Manager.lnk
[2010/04/21 22:06:54 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2010/04/21 19:14:57 | 000,000,950 | ---- | M] () -- C:\Users\Paul\Desktop\HP Instant Care.url
[2010/04/21 19:13:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\file.ext
[2010/04/21 10:01:07 | 000,001,005 | ---- | M] () -- C:\Users\Paul\Desktop\Start Unlocker.lnk
[2010/04/18 21:25:24 | 000,001,191 | ---- | M] () -- C:\Users\Paul\Desktop\Delta Force 2 Xtreme.lnk
[2010/04/18 08:51:27 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/04/18 08:48:15 | 000,001,848 | ---- | M] () -- C:\Users\Paul\Desktop\Battlefield-Bad Company 2.lnk
[2010/04/18 08:44:19 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/04/16 22:46:00 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/16 22:00:37 | 000,001,873 | ---- | M] () -- C:\Users\Paul\Desktop\LimeWire PRO 5.3.6.lnk
[2010/04/16 21:44:57 | 000,011,324 | ---- | M] () -- C:\Users\Paul\Desktop\300 Ultra Mag.jpg
[2010/04/15 12:06:37 | 159,208,976 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100415).reg
[2010/04/13 08:39:54 | 000,000,112 | ---- | M] () -- C:\ProgramData\KM8S2d.dat
[2010/04/12 11:16:06 | 154,383,018 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100412).reg
[2010/04/12 10:13:43 | 000,000,910 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty 1 SP.lnk
[2010/04/12 09:56:27 | 000,000,960 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty Multiplayer.lnk
[2010/04/12 09:56:23 | 000,000,745 | ---- | M] () -- C:\Windows\CoD.INI
[2010/04/10 22:35:18 | 000,001,062 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty 2.lnk
[2010/04/10 22:12:15 | 000,000,287 | ---- | M] () -- C:\Windows\game.ini
[2010/04/10 21:24:42 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/04/09 21:45:38 | 000,002,058 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 9.lnk
[2010/04/09 20:43:36 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Users\Paul\DTLite4356-0091.exe
[2010/04/09 19:51:15 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\uTorrent Acceleration Tool.lnk
[2010/04/09 11:03:23 | 000,385,990 | R--- | M] () -- C:\Windows\System32\drivers\etc\hostsold
[2010/04/08 19:26:25 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/08 14:29:32 | 000,063,360 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/04/08 11:58:11 | 000,731,106 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/08 11:58:11 | 000,618,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/08 11:58:11 | 000,104,546 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/08 09:40:49 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/05 10:47:20 | 000,000,571 | ---- | M] () -- C:\Windows\eReg.dat
[2010/04/04 10:48:51 | 000,003,627 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869P.manifest
[2010/04/04 09:52:57 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/04/04 08:46:43 | 000,000,051 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869C.manifest
[2010/04/04 08:46:43 | 000,000,011 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869S.manifest
[2010/04/04 08:46:43 | 000,000,011 | -HS- | M] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869O.manifest
[2010/04/02 21:47:25 | 000,000,935 | ---- | M] () -- C:\Users\Paul\Desktop\Quick Startup.lnk
[2010/04/02 21:39:26 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/02 21:24:40 | 000,167,936 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2010/04/02 21:24:40 | 000,073,728 | ---- | M] () -- C:\Windows\System32\RtNicProp32.dll
[2010/04/02 09:05:05 | 000,000,313 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2010/04/01 20:24:29 | 146,220,896 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100401).reg
[2010/04/01 10:20:44 | 000,073,728 | ---- | M] () -- C:\Windows\System32\spwindrfc1.exe
[2010/03/29 10:06:14 | 000,218,592 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/03/28 23:30:49 | 144,381,288 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100328).reg
[2010/03/27 14:27:40 | 000,002,059 | ---- | M] () -- C:\Users\Public\Desktop\Play Splinter Cell Pandora Tomorrow.lnk
[2010/03/27 13:51:17 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\Play Splinter Cell.lnk
[2010/03/27 00:15:25 | 000,041,962 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/03/27 00:13:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/03/26 22:38:19 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010/03/26 22:28:39 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 22:28:39 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/26 22:28:39 | 000,065,536 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/26 22:26:58 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 22:11:52 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 21:53:51 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/26 21:53:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/26 21:53:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/26 21:53:41 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/26 21:36:57 | 000,000,104 | ---- | M] () -- C:\Users\Paul\Desktop\Control Panel.lnk
[2010/03/26 21:36:10 | 000,000,355 | ---- | M] () -- C:\Users\Paul\Desktop\Computer.lnk
[2010/03/26 21:22:03 | 000,001,417 | ---- | M] () -- C:\Users\Paul\Desktop\Internet Explorer.lnk
[2010/03/26 21:20:30 | 000,000,020 | -HS- | M] () -- C:\Users\Paul\ntuser.ini
[2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/02/05 09:18:02 | 000,100,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/02/05 09:17:56 | 000,233,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[1 C:\Users\Paul\AppData\Roaming\*.tmp files -> C:\Users\Paul\AppData\Roaming\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/02 09:04:05 | 000,293,376 | ---- | C] () -- C:\Users\Paul\Desktop\gmer.exe
[2010/05/01 23:19:16 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/05/01 23:19:14 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/05/01 23:19:13 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/05/01 23:19:13 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/05/01 23:19:13 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/05/01 23:06:51 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/05/01 23:06:07 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/05/01 23:06:07 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/05/01 23:05:43 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/05/01 23:05:18 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/05/01 21:58:52 | 000,001,005 | ---- | C] () -- C:\Users\Paul\Desktop\Free Window Registry Repair.lnk
[2010/05/01 18:21:00 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\Easy SpyRemover.job
[2010/05/01 18:13:51 | 000,000,982 | ---- | C] () -- C:\Users\Paul\Desktop\Easy Spy Remover.lnk
[2010/04/28 20:42:58 | 000,002,249 | ---- | C] () -- C:\Users\Paul\Desktop\Google Chrome.lnk
[2010/04/28 20:39:26 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
[2010/04/28 20:39:26 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
[2010/04/28 18:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000002.regtrans-ms
[2010/04/28 18:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000001.regtrans-ms
[2010/04/28 18:07:02 | 000,065,536 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TM.blf
[2010/04/28 01:08:51 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/04/26 21:14:46 | 000,000,479 | ---- | C] () -- C:\Users\Paul\Desktop\Desktop.lnk
[2010/04/25 22:02:33 | 000,001,212 | ---- | C] () -- C:\Users\Public\Desktop\Sothink Movie DVD Maker.lnk
[2010/04/25 17:41:54 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/04/25 12:10:21 | 000,002,959 | ---- | C] () -- C:\Users\Paul\Desktop\HiJackThis.lnk
[2010/04/25 11:58:14 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/25 11:46:09 | 000,001,816 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/04/24 14:15:36 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010/04/24 09:02:57 | 000,002,357 | ---- | C] () -- C:\Users\Public\Desktop\Paragon Drive Backup™.lnk
[2010/04/23 23:15:17 | 000,001,683 | ---- | C] () -- C:\Users\Paul\Desktop\Sniper Elite.lnk
[2010/04/23 23:07:27 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/04/23 23:05:49 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Sothink HD Video Converter.lnk
[2010/04/23 20:38:18 | 000,007,598 | ---- | C] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
[2010/04/23 10:04:36 | 000,247,560 | ---- | C] () -- C:\Windows\System32\prgiso.dll
[2010/04/22 08:42:24 | 000,000,938 | ---- | C] () -- C:\Users\Paul\Desktop\7-Zip File Manager.lnk
[2010/04/21 22:06:54 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2010/04/21 21:40:28 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2010/04/21 19:14:57 | 000,000,950 | ---- | C] () -- C:\Users\Paul\Desktop\HP Instant Care.url
[2010/04/21 19:13:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\file.ext
[2010/04/21 10:01:07 | 000,001,005 | ---- | C] () -- C:\Users\Paul\Desktop\Start Unlocker.lnk
[2010/04/21 06:45:20 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\prvlcl.dat
[2010/04/19 10:07:09 | 000,001,245 | ---- | C] () -- C:\Users\Paul\Desktop\Delta Force BHD.lnk
[2010/04/18 21:25:24 | 000,001,191 | ---- | C] () -- C:\Users\Paul\Desktop\Delta Force 2 Xtreme.lnk
[2010/04/18 08:48:15 | 000,001,848 | ---- | C] () -- C:\Users\Paul\Desktop\Battlefield-Bad Company 2.lnk
[2010/04/18 08:47:26 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/04/18 08:44:35 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/18 08:44:35 | 000,022,328 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\PnkBstrK.sys
[2010/04/18 08:44:21 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/04/18 08:44:19 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/04/18 08:44:19 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/04/16 22:00:37 | 000,001,873 | ---- | C] () -- C:\Users\Paul\Desktop\LimeWire PRO 5.3.6.lnk
[2010/04/16 21:44:56 | 000,011,324 | ---- | C] () -- C:\Users\Paul\Desktop\300 Ultra Mag.jpg
[2010/04/16 18:32:49 | 000,069,632 | ---- | C] () -- C:\Windows\RAUNINST.EXE
[2010/04/15 12:06:16 | 159,208,976 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100415).reg
[2010/04/13 22:05:04 | 394,960,444 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/04/12 11:15:36 | 154,383,018 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100412).reg
[2010/04/12 10:13:43 | 000,000,910 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty 1 SP.lnk
[2010/04/12 09:56:27 | 000,000,960 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty Multiplayer.lnk
[2010/04/12 09:48:52 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2010/04/10 22:35:18 | 000,001,062 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty 2.lnk
[2010/04/10 22:31:28 | 000,374,272 | ---- | C] () -- C:\Windows\System\mss32.dll
[2010/04/10 22:12:15 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2010/04/10 21:24:42 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/04/09 19:51:15 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\uTorrent Acceleration Tool.lnk
[2010/04/08 19:26:25 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/08 17:53:54 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010/04/08 09:40:49 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/04/08 09:40:34 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/06 10:48:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/06 10:48:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/05 16:29:18 | 000,000,112 | ---- | C] () -- C:\ProgramData\KM8S2d.dat
[2010/04/05 10:47:20 | 000,000,571 | ---- | C] () -- C:\Windows\eReg.dat
[2010/04/04 09:52:57 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/04/03 11:05:31 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/03 11:05:31 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/02 22:35:10 | 000,003,627 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869P.manifest
[2010/04/02 22:35:10 | 000,000,051 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869C.manifest
[2010/04/02 22:35:10 | 000,000,011 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869S.manifest
[2010/04/02 22:35:10 | 000,000,011 | -HS- | C] () -- C:\Users\Paul\AppData\Roaming\020000001407e59a869O.manifest
[2010/04/02 21:47:25 | 000,000,935 | ---- | C] () -- C:\Users\Paul\Desktop\Quick Startup.lnk
[2010/04/02 21:39:26 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/02 21:25:00 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/04/01 20:24:18 | 146,220,896 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100401).reg
[2010/04/01 18:06:45 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/01 10:20:34 | 000,073,728 | ---- | C] () -- C:\Windows\System32\spwindrfc1.exe
[2010/03/28 23:30:41 | 144,381,288 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100328).reg
[2010/03/27 14:27:40 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\Play Splinter Cell Pandora Tomorrow.lnk
[2010/03/27 13:55:54 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010/03/27 13:55:54 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010/03/27 13:55:54 | 000,035,840 | R--- | C] () -- C:\Windows\System32\comdlg32.oca
[2010/03/27 13:55:54 | 000,029,184 | R--- | C] () -- C:\Windows\System32\MSINET.oca
[2010/03/27 13:51:02 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\Play Splinter Cell.lnk
[2010/03/27 00:13:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/03/27 00:11:14 | 2361,802,752 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/26 22:38:19 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010/03/26 22:30:46 | 000,000,186 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\QSwitch.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\DSwitch.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\AtStart.txt
[2010/03/26 22:20:41 | 000,002,058 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 9.lnk
[2010/03/26 22:11:52 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 21:53:41 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/26 21:53:40 | 059,486,105 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/03/26 21:51:14 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job
[2010/03/26 21:36:57 | 000,000,104 | ---- | C] () -- C:\Users\Paul\Desktop\Control Panel.lnk
[2010/03/26 21:36:10 | 000,000,355 | ---- | C] () -- C:\Users\Paul\Desktop\Computer.lnk
[2010/03/26 21:29:47 | 000,000,313 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2010/03/26 21:22:03 | 000,001,417 | ---- | C] () -- C:\Users\Paul\Desktop\Internet Explorer.lnk
[2010/03/26 21:20:30 | 000,000,020 | -HS- | C] () -- C:\Users\Paul\ntuser.ini
[2010/03/26 21:20:29 | 006,029,312 | -HS- | C] () -- C:\Users\Paul\ntuser.dat
[2010/03/26 21:20:29 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 21:20:29 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/26 21:20:29 | 000,262,144 | -HS- | C] () -- C:\Users\Paul\ntuser.dat.LOG1
[2010/03/26 21:20:29 | 000,065,536 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/26 21:20:29 | 000,000,000 | -HS- | C] () -- C:\Users\Paul\ntuser.dat.LOG2
[2010/01/18 16:38:46 | 000,010,496 | ---- | C] () -- C:\Windows\System32\rcmirror.dll
[2009/09/10 10:29:50 | 001,761,280 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/05/11 09:39:16 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2008/12/29 09:13:30 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/06/07 14:53:02 | 004,244,744 | ---- | C] () -- C:\Windows\System32\qtp-mt334.dll
[2008/06/07 14:53:02 | 000,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll

========== LOP Check ==========

[2010/04/09 12:34:34 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\.BitTornado
[2010/05/01 21:06:23 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BitComet
[2010/04/21 09:55:52 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BitTorrent
[2010/04/01 10:05:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Canneverbe Limited
[2010/04/10 21:45:11 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DAEMON Tools Lite
[2010/04/02 22:05:46 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Duality Software
[2010/04/07 22:08:47 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\FrostWire
[2010/04/02 21:47:24 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GlarySoft
[2010/03/27 09:41:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GrabPro
[2010/04/19 09:56:35 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Leadertech
[2010/04/23 21:36:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2010/03/28 20:46:00 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Orbit
[2010/04/14 21:45:56 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Red Alert 3
[2010/04/16 22:34:56 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\SkyDownloader
[2010/05/02 08:50:39 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\uTorrent
[2010/03/26 21:26:08 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
[2010/05/01 20:09:14 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\Easy SpyRemover.job
[2010/04/27 07:17:52 | 000,026,352 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 158 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >
  • 0

#6
Essexboy
Posted 02 May 2010 - 08:12 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you able to access the restricted web sites now ?
  • 0

#7
Bullet90
Posted 02 May 2010 - 08:50 AM

Bullet90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
No, Still Time out Error

Will be leaving til 5pm est

Thanks a lot for helping me out..
  • 0

#8
Essexboy
Posted 02 May 2010 - 08:52 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK two things to do when you get back :)

Go to Control Panel and select Internet Options
Select the Connections TAB
Select LAN settings button
Ensure there is no tick in the Proxy Server box
Select OK and restart Internet explorer


And for Firefox there are instructions on this page and you want the setting to be no proxy

THEN

Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#9
Bullet90
Posted 02 May 2010 - 06:16 PM

Bullet90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
OK, It did not appear to install Windows Recovery Console. I disabled all spyware programs but could not get AVG to turn off. Also, Firefox did have proxies checked but IE didn't. None of my login passwords are being saved either.

ComboFix 10-05-02.01 - Paul 05/02/2010 19:38:43.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.1992 [GMT -4:00]
Running from: c:\users\Paul\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}
c:\users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}\chrome.manifest
c:\users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}\chrome\content\_cfg.js
c:\users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}\chrome\content\overlay.xul
c:\users\Paul\AppData\Local\{BF2AAD96-820C-438B-BDD3-B93D2B605B94}\install.rdf
c:\users\Paul\AppData\Roaming\020000001407e59a869C.manifest
c:\users\Paul\AppData\Roaming\020000001407e59a869O.manifest
c:\users\Paul\AppData\Roaming\020000001407e59a869P.manifest
c:\users\Paul\AppData\Roaming\020000001407e59a869S.manifest
c:\users\Paul\Documents\BackupRegistry(20100412).reg
c:\users\Paul\Documents\BackupRegistry(20100415).reg
c:\windows\snuvcdsm .exe
c:\windows\system32\%appdata%

.
((((((((((((((((((((((((( Files Created from 2010-04-02 to 2010-05-02 )))))))))))))))))))))))))))))))
.

2010-05-02 23:50 . 2010-05-02 23:55 -------- d-----w- c:\users\Paul\AppData\Local\temp
2010-05-02 23:50 . 2010-05-02 23:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-02 22:26 . 2010-05-02 22:26 -------- d-----w- c:\users\Paul\AppData\Local\Threat Expert
2010-05-02 12:50 . 2010-05-02 12:50 -------- d-----w- C:\_OTL
2010-05-02 04:37 . 2010-05-02 04:37 -------- d-----w- c:\program files\ERUNT
2010-05-02 03:19 . 2010-01-22 13:55 767952 ----a-w- c:\windows\BDTSupport.dll
2010-05-02 03:19 . 2010-01-22 13:56 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-05-02 03:19 . 2009-10-28 05:36 1152444 ----a-w- c:\windows\UDB.zip
2010-05-02 03:19 . 2008-11-26 16:08 131 ----a-w- c:\windows\IDB.zip
2010-05-02 03:19 . 2010-01-22 13:56 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-05-02 03:19 . 2010-01-22 13:56 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-05-02 03:06 . 2010-02-05 13:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-05-02 03:06 . 2010-02-05 13:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-05-02 03:06 . 2010-03-29 14:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-05-02 03:06 . 2009-11-23 17:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-05-02 03:05 . 2010-04-08 18:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-05-02 03:04 . 2010-05-02 03:20 -------- d-----w- c:\program files\Common Files\PC Tools
2010-05-02 03:04 . 2010-05-02 04:28 -------- d-----w- c:\program files\Spyware Doctor
2010-05-02 03:04 . 2010-05-02 03:04 -------- d-----w- c:\users\Paul\AppData\Roaming\PC Tools
2010-05-02 03:04 . 2010-05-02 03:04 -------- d-----w- c:\programdata\PC Tools
2010-05-02 02:32 . 2010-05-02 02:32 -------- d-----w- c:\users\Paul\AppData\Roaming\Avira
2010-05-02 02:13 . 2010-03-01 14:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-05-02 02:13 . 2010-02-16 18:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-05-02 02:13 . 2009-05-11 16:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-05-02 02:13 . 2009-05-11 16:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-05-02 02:13 . 2010-05-02 02:13 -------- d-----w- c:\programdata\Avira
2010-05-02 02:13 . 2010-05-02 02:13 -------- d-----w- c:\program files\Avira
2010-05-02 01:58 . 2010-05-02 02:09 -------- d-----w- c:\program files\Free Window Registry Repair
2010-05-01 22:13 . 2010-05-01 22:13 -------- d-----w- c:\program files\Easy SpyRemover
2010-05-01 19:25 . 2010-05-01 19:25 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2010-04-29 13:08 . 2010-04-29 13:11 -------- d-----w- c:\users\Paul\manager
2010-04-28 22:12 . 2009-09-26 05:58 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-04-28 22:12 . 2009-12-11 07:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-28 11:38 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-04-28 05:08 . 2010-04-25 21:45 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-26 22:31 . 2010-04-26 22:31 -------- d-----w- c:\programdata\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
2010-04-26 02:02 . 2010-04-26 02:02 -------- d-----w- c:\program files\SourceTec
2010-04-25 23:15 . 1997-07-19 20:55 1347344 ----a-w- c:\windows\system\Msvbvm50.dll
2010-04-25 23:11 . 2010-04-25 23:40 -------- d-----w- C:\dforce
2010-04-25 21:45 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-04-25 21:41 . 2010-04-25 21:41 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-25 16:10 . 2010-04-25 16:10 -------- d-----w- c:\program files\Trend Micro
2010-04-25 16:05 . 2010-04-25 16:05 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-25 15:58 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-25 15:58 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-25 15:57 . 2010-05-02 00:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-24 18:16 . 2010-05-02 01:06 -------- d-----w- c:\users\Paul\AppData\Roaming\BitComet
2010-04-24 18:15 . 2010-04-24 18:16 -------- d-----w- c:\program files\BitComet
2010-04-24 13:14 . 2010-04-24 13:14 -------- d-----w- C:\April 24, 2010
2010-04-24 03:07 . 2008-12-08 16:53 57344 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-24 03:07 . 2008-06-09 02:58 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-04-24 03:07 . 2010-04-26 02:02 -------- d-----w- c:\program files\ffdshow
2010-04-24 03:06 . 2010-04-24 03:06 -------- d-----w- c:\program files\Haali
2010-04-24 03:05 . 2010-04-24 03:05 -------- d-----w- c:\program files\Common Files\SourceTec
2010-04-24 03:05 . 2010-04-24 03:05 -------- d-----w- c:\program files\Sothink HD Video Converter
2010-04-24 03:05 . 2009-08-17 13:54 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2010-04-23 23:40 . 2010-04-23 23:40 -------- d-----w- c:\program files\LSoft Technologies
2010-04-23 14:04 . 2008-06-07 18:53 40464 ----a-w- c:\windows\system32\drivers\hotcore3.sys
2010-04-23 14:04 . 2008-01-21 21:43 247560 ----a-w- c:\windows\system32\prgiso.dll
2010-04-23 14:04 . 2010-04-24 13:02 -------- d-----w- c:\program files\Paragon Software
2010-04-22 12:41 . 2010-04-22 12:41 -------- d-----w- c:\program files\7-Zip
2010-04-22 02:06 . 2010-04-23 00:35 -------- d-----w- c:\programdata\WinZip
2010-04-21 10:45 . 2010-05-02 05:20 0 ----a-w- c:\users\Paul\AppData\Local\prvlcl.dat
2010-04-19 13:56 . 2010-04-19 13:56 -------- d-----w- c:\users\Paul\AppData\Roaming\Leadertech
2010-04-18 23:51 . 2010-04-19 13:55 -------- d-----w- c:\program files\NovaLogic
2010-04-18 12:47 . 2010-04-18 12:47 -------- d-----w- c:\users\Paul\AppData\Local\PunkBuster
2010-04-18 12:44 . 2010-04-25 00:47 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-04-18 12:44 . 2010-04-25 00:47 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-04-18 12:44 . 2010-04-25 00:47 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-04-18 12:44 . 2010-04-18 12:44 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-04-18 12:35 . 2010-04-18 12:35 -------- d-----w- c:\program files\Electronic Arts
2010-04-18 12:35 . 2008-10-15 10:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-04-18 12:35 . 2008-10-15 10:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2010-04-18 12:35 . 2008-10-15 10:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2010-04-17 04:13 . 2010-04-17 04:13 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-04-17 01:28 . 2010-02-27 12:07 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-17 01:28 . 2010-02-27 12:07 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-17 01:28 . 2010-03-08 21:33 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-04-17 01:28 . 2010-02-27 07:32 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-17 01:28 . 2010-02-27 07:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-17 01:28 . 2010-02-27 07:32 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-16 22:32 . 1996-11-06 19:11 69632 ----a-w- c:\windows\RAUNINST.EXE
2010-04-16 18:30 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-16 18:29 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2010-04-15 18:43 . 2010-04-22 00:04 -------- d-----w- c:\users\Paul\AppData\Local\ElevatedDiagnostics
2010-04-15 15:28 . 2010-04-15 15:29 -------- d-----w- c:\program files\Unlocker
2010-04-15 01:45 . 2010-04-15 01:45 -------- d-----w- c:\users\Paul\AppData\Roaming\Red Alert 3
2010-04-15 01:42 . 2008-07-31 14:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-04-15 01:41 . 2007-07-19 22:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-04-15 01:40 . 2005-05-26 19:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-04-13 19:59 . 2010-04-24 03:12 -------- d-----w- C:\Games
2010-04-12 13:50 . 2010-04-25 21:57 -------- d-----w- c:\program files\Call of Duty
2010-04-12 01:22 . 2010-04-12 01:22 -------- d-----w- c:\users\Paul\dwhelper
2010-04-12 01:20 . 2010-04-12 01:20 -------- d-----w- c:\users\Paul\AppData\Local\Radical Software Ltd
2010-04-11 02:31 . 2005-07-16 06:39 374272 ----a-w- c:\windows\system\mss32.dll
2010-04-11 02:12 . 2010-04-11 02:12 -------- d-sh--w- c:\windows\ftpcache
2010-04-11 02:09 . 2010-04-11 02:09 -------- d-----w- c:\program files\Activision
2010-04-11 01:24 . 2010-04-11 01:24 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-04-10 00:43 . 2010-04-10 00:43 9591104 ----a-w- c:\users\Paul\DTLite4356-0091.exe
2010-04-09 23:50 . 2010-04-11 00:51 -------- d-----w- c:\program files\uTorrent Acceleration Tool
2010-04-09 16:34 . 2010-04-09 16:34 -------- d-----w- c:\users\Paul\AppData\Roaming\.BitTornado
2010-04-09 12:08 . 2010-04-25 13:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-09 12:08 . 2010-04-09 12:11 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-09 12:02 . 2010-04-09 12:02 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-04-09 12:01 . 2010-04-30 14:00 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-09 12:01 . 2010-04-25 16:09 -------- d-----w- c:\users\Paul\AppData\Roaming\SUPERAntiSpyware.com
2010-04-08 23:32 . 2010-04-09 02:26 -------- d-----w- c:\users\Paul\Incomplete
2010-04-08 23:32 . 2010-04-08 23:32 -------- d-----w- c:\users\Paul\Shared
2010-04-08 23:32 . 2010-04-17 02:34 -------- d-----w- c:\users\Paul\AppData\Roaming\SkyDownloader
2010-04-08 21:53 . 2010-04-23 23:41 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-08 21:52 . 2010-04-11 01:45 -------- d-----w- c:\users\Paul\AppData\Roaming\DAEMON Tools Lite
2010-04-08 21:52 . 2010-04-08 21:52 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-04-08 13:40 . 2010-04-08 13:40 0 ----a-w- c:\windows\nsreg.dat
2010-04-08 02:47 . 2010-04-08 02:47 -------- d-----w- c:\program files\Conduit
2010-04-08 02:05 . 2010-04-08 02:45 -------- d-----w- C:\Downloads
2010-04-06 19:45 . 2010-04-06 19:45 -------- d--h--w- c:\windows\PIF
2010-04-05 14:47 . 2010-04-05 14:47 571 ----a-w- c:\windows\eReg.dat
2010-04-04 13:52 . 2010-04-29 11:59 -------- d-----w- c:\program files\uTorrent
2010-04-04 13:52 . 2010-05-02 22:42 -------- d-----w- c:\users\Paul\AppData\Roaming\uTorrent
2010-04-03 15:05 . 2010-04-29 00:40 -------- d-----w- c:\users\Paul\AppData\Local\Google
2010-04-03 15:04 . 2010-04-08 23:26 -------- d-----w- c:\program files\Google
2010-04-03 02:22 . 2010-04-08 02:08 -------- d-----w- c:\users\Paul\AppData\Roaming\FrostWire
2010-04-03 02:05 . 2010-04-03 02:05 -------- d-----w- c:\program files\DS Clock
2010-04-03 02:05 . 2010-04-03 02:05 -------- d-----w- c:\users\Paul\AppData\Roaming\Duality Software
2010-04-03 02:05 . 2010-04-03 02:05 -------- d-----w- c:\programdata\Duality Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-02 21:52 . 2010-04-25 21:45 566432 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\EmailScanner.dll
2010-05-02 21:52 . 2010-04-25 21:45 893952 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\threatwork.exe
2010-05-02 21:51 . 2010-04-25 21:45 15880 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lsdelete.exe
2010-05-02 21:51 . 2010-04-25 21:45 211600 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavamessage.dll
2010-05-02 21:51 . 2010-04-25 21:45 397480 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavalicense.dll
2010-05-02 21:51 . 2010-04-25 21:45 574632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\aawapi.dll
2010-05-02 21:51 . 2010-04-25 21:45 221920 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2010-05-02 21:51 . 2010-04-25 21:45 443344 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2010-05-02 21:51 . 2010-04-25 21:45 167824 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\ShellExt.dll
2010-05-02 21:51 . 2010-04-25 21:45 6306640 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Resources.dll
2010-05-02 21:49 . 2010-04-25 21:45 335728 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\RPAPI.dll
2010-05-02 21:49 . 2010-04-25 21:45 95248 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2010-05-02 21:49 . 2010-04-25 21:45 16456 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\EmailScannerBridge.dll
2010-05-02 21:49 . 2010-04-25 21:45 967640 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\CEAPI.dll
2010-05-02 21:49 . 2010-04-25 21:45 866224 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2010-05-02 21:49 . 2010-04-25 21:45 871320 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2010-05-02 21:48 . 2010-04-25 21:45 1598464 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2010-05-02 21:48 . 2010-05-02 21:47 755096 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2010-05-02 21:47 . 2010-04-25 21:45 834248 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe
2010-05-02 21:47 . 2010-04-25 21:45 1285864 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2010-05-02 12:20 . 2010-05-02 12:20 388096 ----a-r- c:\users\Paul\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-01 22:54 . 2010-04-25 16:12 117760 ----a-w- c:\users\Paul\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-30 03:45 . 2010-04-30 03:45 6153352 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-26 22:34 . 2010-03-27 01:24 -------- d-----w- c:\program files\Hewlett-Packard
2010-04-26 22:17 . 2010-03-27 01:29 -------- d-----w- c:\programdata\Hewlett-Packard
2010-04-26 02:02 . 2010-03-27 02:14 -------- d-----w- c:\program files\AviSynth 2.5
2010-04-25 21:45 . 2010-04-25 21:45 566608 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\sbap.dll
2010-04-25 21:45 . 2010-04-25 21:45 17632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\WSCUpdate.dll
2010-04-25 21:45 . 2010-04-25 21:45 1230160 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\SBTE.dll
2010-04-25 21:45 . 2010-04-25 21:45 247120 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\SBRE.dll
2010-04-25 21:41 . 2010-03-27 02:22 -------- d-----w- c:\programdata\Lavasoft
2010-04-25 21:41 . 2010-03-27 02:22 -------- d-----w- c:\program files\Lavasoft
2010-04-25 21:05 . 2010-03-27 18:15 -------- d-----w- c:\programdata\Microsoft Help
2010-04-25 20:25 . 2010-03-27 01:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-25 16:12 . 2010-04-25 16:12 52224 ----a-w- c:\users\Paul\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-25 15:42 . 2010-03-27 01:50 -------- d-----w- c:\programdata\avg9
2010-04-25 00:47 . 2010-04-18 12:44 22328 ----a-w- c:\users\Paul\AppData\Roaming\PnkBstrK.sys
2010-04-25 00:47 . 2010-04-18 12:44 22328 ----a-w- c:\users\Paul\AppData\Roaming\PnkBstrK.sys
2010-04-24 23:04 . 2010-03-27 01:23 108824 ----a-w- c:\users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-24 21:03 . 2010-03-27 18:18 -------- d-----w- c:\program files\Microsoft Works
2010-04-24 18:15 . 2010-04-24 18:15 1036288 ----a-w- c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
2010-04-24 01:36 . 2010-03-27 02:08 -------- d-----w- c:\users\Paul\AppData\Roaming\LimeWire
2010-04-22 23:48 . 2010-03-29 03:43 -------- d-----w- c:\program files\Common Files\Nero
2010-04-22 23:46 . 2010-03-29 03:43 -------- d-----w- c:\programdata\Nero
2010-04-22 18:11 . 2010-04-22 18:11 242696 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
2010-04-22 18:11 . 2010-03-27 01:53 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-22 18:10 . 2010-04-22 18:10 1689952 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2010-04-21 13:56 . 2010-03-30 16:39 -------- d-----w- c:\programdata\eMule
2010-04-21 13:55 . 2010-03-30 16:23 -------- d-----w- c:\users\Paul\AppData\Roaming\BitTorrent
2010-04-17 02:00 . 2010-03-27 02:04 -------- d-----w- c:\program files\LimeWire
2010-04-14 23:09 . 2010-04-26 22:17 1230088 ----a-w- c:\programdata\Hewlett-Packard\HPSAUpgrade2\HpSAUpgrade.exe
2010-04-13 12:39 . 2010-04-05 20:29 112 ----a-w- c:\programdata\KM8S2d.dat
2010-04-11 02:01 . 2010-03-27 01:28 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-09 12:21 . 2010-04-09 12:21 4255072 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-04-03 02:38 . 2010-04-03 02:38 0 ----a-w- c:\users\Paul\AppData\Roaming\258A.tmp
2010-04-03 02:35 . 2010-04-03 02:35 0 ----a-w- c:\users\Paul\AppData\Roaming\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe
2010-04-03 01:22 . 2010-03-27 01:32 -------- d-----w- c:\users\Paul\AppData\Roaming\Hewlett-Packard
2010-04-02 00:16 . 2010-04-01 00:00 -------- d-----w- c:\programdata\NOS
2010-04-01 22:06 . 2010-04-01 00:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-01 22:03 . 2010-04-01 22:03 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2010-04-01 19:14 . 2010-04-01 19:14 -------- d-----w- c:\users\Paul\AppData\Roaming\Malwarebytes
2010-04-01 19:14 . 2010-04-01 19:14 -------- d-----w- c:\programdata\Malwarebytes
2010-04-01 14:20 . 2010-04-01 14:20 73728 ----a-w- c:\windows\system32\spwindrfc1.exe
2010-04-01 14:07 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Portable Devices
2010-04-01 14:07 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Defender
2010-04-01 14:07 . 2010-03-27 02:38 -------- d-----w- c:\program files\Common Files\LightScribe
2010-04-01 14:05 . 2010-03-29 03:44 -------- d-----w- c:\users\Paul\AppData\Roaming\Nero
2010-04-01 14:05 . 2010-03-29 13:56 -------- d-----w- c:\users\Paul\AppData\Roaming\Canneverbe Limited
2010-04-01 00:01 . 2010-04-01 00:01 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-03-31 02:05 . 2010-03-31 02:05 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-03-29 13:56 . 2010-03-29 13:56 -------- d-----w- c:\programdata\Canneverbe Limited
2010-03-29 12:44 . 2010-03-29 12:44 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2010-03-29 12:44 . 2010-03-29 12:44 3605256 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-03-29 12:44 . 2010-03-29 12:44 546624 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-03-29 03:45 . 2010-03-29 03:45 -------- d-----w- c:\programdata\LightScribe
2010-03-29 00:46 . 2010-03-27 13:41 -------- d-----w- c:\users\Paul\AppData\Roaming\Orbit
2010-03-28 21:02 . 2009-07-14 07:49 -------- d-----w- c:\program files\Windows Journal
2010-03-28 21:02 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Sidebar
2010-03-28 21:02 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Photo Viewer
2010-03-28 21:02 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-03-27 18:17 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-03-27 18:17 . 2010-03-27 18:17 -------- d-----w- c:\program files\Microsoft.NET
2010-03-27 18:15 . 2010-03-27 18:15 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-03-27 18:03 . 2010-03-27 18:03 -------- d-----w- c:\program files\Ubisoft
2010-03-27 17:55 . 2010-03-27 17:51 -------- d-----w- c:\program files\Ubi Soft
2010-03-27 13:41 . 2010-03-27 13:41 -------- d-----w- c:\users\Paul\AppData\Roaming\GrabPro
2010-03-27 04:13 . 2010-03-27 04:13 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-03-27 03:01 . 2010-03-27 02:50 53319 ----a-w- c:\programdata\Temp\{8C20787A-7402-4FA7-BF25-6E5750930FDC}\PostBuild.exe
2010-03-27 02:45 . 2010-03-27 02:45 -------- d-----w- c:\program files\LightScribe
2010-03-27 02:41 . 2010-03-27 02:41 -------- d-----w- c:\program files\LightScribe Template Labeler
2010-03-27 02:40 . 2010-03-27 02:39 -------- d-----w- c:\users\Paul\AppData\Roaming\CyberLink
2010-03-27 02:40 . 2010-03-27 01:29 -------- d-----w- c:\programdata\CyberLink
2010-03-27 02:26 . 2010-03-27 02:26 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-27 02:20 . 2010-03-27 02:19 -------- d-----w- c:\program files\CyberLink
2010-03-27 02:20 . 2010-03-27 02:20 -------- d-----w- c:\program files\Common Files\CyberLink
2010-03-27 02:18 . 2010-03-27 02:11 -------- d-----w- c:\users\Paul\AppData\Roaming\Winamp
2010-03-27 02:18 . 2010-03-27 02:19 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-03-27 02:18 . 2010-03-27 02:18 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2010-03-27 02:18 . 2010-03-27 01:29 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-03-27 02:18 . 2010-03-27 01:29 353576 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
<pre>
c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain .exe
</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"DS Clock"="c:\program files\DS Clock\DSClock.exe" [2009-11-20 582528]
"Google Update"="c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-04-29 136176]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-30 2020592]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SNUVCDSM"="c:\windows\snuvcdsm.exe" [2009-08-10 27184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe"
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe"
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe"
"BDRegion"=c:\program files\Cyberlink\Shared Files\brs.exe
"PLFSetL"=c:\windows\PLFSetL.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QlbCtrl.exe"=c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"Bbivaq"=rundll32.exe "c:\users\Paul\AppData\Local\asazejow.dll",Startup
"AVG9_TRAY"=c:\progra~1\AVG\AVG9\avgtray.exe
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 135664]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2010-01-18 3200]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-29 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-04-23 691696]
S0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2008-06-07 40464]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-02-04 64288]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-29 218592]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-03-27 216200]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-04-22 242896]
S1 NetBurn;Paragon NetBurning Driver;c:\windows\system32\DRIVERS\NetBurn.sys [2008-06-07 84752]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-04-30 61440]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/03/26 22:20];c:\program files\CyberLink\PowerDVD9\000.fcl [2009-02-28 23:40 87536]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-27 916760]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-27 308064]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 DSClockSyncTime;DS Clock Synchronization Service www.dualitysoft.com;c:\program files\DS Clock\dsetime.exe [2009-11-20 62264]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-05-02 1285864]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 NetBurnerService;Net Burner iSCSI Service;c:\program files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe [2008-06-07 223248]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-04-03 6755840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-04-03 167936]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-02-22 15:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-05-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 21:49]

2010-05-02 c:\windows\Tasks\Easy SpyRemover.job
- c:\program files\Easy SpyRemover\EasySpyRemover.exe [2010-05-01 17:21]

2010-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 15:05]

2010-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 15:05]

2010-05-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
- c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-29 00:39]

2010-05-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
- c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-29 00:39]

2010-04-27 c:\windows\Tasks\HPCeeScheduleForPaul.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 08:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: kickasstorrents.com
FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1547340&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\users\Paul\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

BHO-{0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
BHO-{9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{0C8413C1-FAD1-446C-8584-BE50576F863E} - (no file)
WebBrowser-{9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
AddRemove-Ares - c:\program files\Ares\uninstall.exe
AddRemove-BitTorrent - c:\program files\BitTorrent\uninst.exe
AddRemove-CSS FULL DZ [Oct 15 2007] - c:\program files\VALVe\Counter-Strike Source\uninst.exe
AddRemove-eMule - c:\program files\eMule\Uninstall.exe
AddRemove-FrostWire - c:\program files\FrostWire\Uninstall.exe
AddRemove-Gossiper Toolbar - c:\progra~1\Gossiper\UNWISE.EXE
AddRemove-MagicDisc 2.7.106 - c:\progra~1\MAGICD~1\UNWISE.EXE
AddRemove-SkyDownloader - c:\program files\SkyDownloader\Uninstall.exe
AddRemove-World War 2: Sniper - c:\progra~1\GROOVE~1\WORLDW~1\UNWISE.EXE
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files\YouTube Downloader\uninstall.exe
AddRemove-{7E265513-8CDA-4631-B696-F40D983F3B07}_is1 - c:\program files\CDBurnerXP\unins000.exe



[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(712)
c:\progra~1\SPYBOT~1\SDHelper.dll
c:\program files\HP\QuickPlay\Kernel\Video\CLMedia.dll
c:\program files\Common Files\SourceTec\Codecs\Real\RealMediaSplitter.ax
c:\program files\Haali\MatroskaSplitter\splitter.ax
c:\program files\Haali\MatroskaSplitter\mkzlib.dll
c:\program files\Haali\MatroskaSplitter\mkunicode.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\windows\system32\RunDll32.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2010-05-02 20:06:21 - machine was rebooted
ComboFix-quarantined-files.txt 2010-05-03 00:06

Pre-Run: 221,476,028,416 bytes free
Post-Run: 221,975,171,072 bytes free

- - End Of File - - 6CA7DB2ADDF3D0392F1EF750710324A3
  • 0

#10
Essexboy
Posted 03 May 2010 - 07:21 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The recovery console is not required for Vista. Do you have the option to save passwords selected in both FF and IE.

How are the websites loading now ?

1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::
c:\users\Paul\AppData\Local\asazejow.dll

Renv::
c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain .exe

3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES

4. Save the above as CFScript.txt

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image


6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
  • A new OTListit log.

  • 0

Advertisements

#11
Bullet90
Posted 03 May 2010 - 08:09 AM

Bullet90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Copied .txt file into ComboFix.exe
ComboFix has updated and executed.
OTL Ran in quick scan mode.

ComboFix 10-05-02.03 - Paul 05/03/2010 9:49.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3003.1968 [GMT -4:00]
Running from: c:\users\Paul\Desktop\ComboFix.exe
Command switches used :: c:\users\Paul\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\CFScript.txt
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

FILE ::
"c:\users\Paul\AppData\Local\asazejow.dll"
.

((((((((((((((((((((((((( Files Created from 2010-04-03 to 2010-05-03 )))))))))))))))))))))))))))))))
.

2010-05-03 13:57 . 2010-05-03 13:57 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-05-03 13:57 . 2010-05-03 13:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-03 13:53 . 2010-05-03 13:53 53312 ----a-w- c:\windows\system32\drivers\_AGP440_.sys.vir
2010-05-02 23:50 . 2010-05-03 13:57 -------- d-----w- c:\users\Paul\AppData\Local\temp
2010-05-02 22:26 . 2010-05-02 22:26 -------- d-----w- c:\users\Paul\AppData\Local\Threat Expert
2010-05-02 21:47 . 2010-05-02 21:48 755096 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2010-05-02 12:50 . 2010-05-02 12:50 -------- d-----w- C:\_OTL
2010-05-02 12:20 . 2010-05-02 12:20 388096 ----a-r- c:\users\Paul\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-02 04:37 . 2010-05-02 04:37 -------- d-----w- c:\program files\ERUNT
2010-05-02 02:32 . 2010-05-02 02:32 -------- d-----w- c:\users\Paul\AppData\Roaming\Avira
2010-05-02 02:13 . 2010-03-01 14:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-05-02 02:13 . 2010-02-16 18:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-05-02 02:13 . 2009-05-11 16:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-05-02 02:13 . 2009-05-11 16:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-05-02 02:13 . 2010-05-02 02:13 -------- d-----w- c:\programdata\Avira
2010-05-02 02:13 . 2010-05-02 02:13 -------- d-----w- c:\program files\Avira
2010-05-02 01:58 . 2010-05-03 00:24 -------- d-----w- c:\program files\Free Window Registry Repair
2010-05-01 19:25 . 2010-05-01 19:25 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2010-04-30 03:45 . 2010-04-30 03:45 6153352 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-29 13:08 . 2010-04-29 13:11 -------- d-----w- c:\users\Paul\manager
2010-04-28 22:12 . 2009-09-26 05:58 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-04-28 22:12 . 2009-12-11 07:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-28 11:38 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-04-28 05:08 . 2010-04-25 21:45 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-26 22:31 . 2010-04-26 22:31 -------- d-----w- c:\programdata\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
2010-04-26 22:17 . 2010-04-14 23:09 1230088 ----a-w- c:\programdata\Hewlett-Packard\HPSAUpgrade2\HpSAUpgrade.exe
2010-04-26 02:02 . 2010-04-26 02:02 -------- d-----w- c:\program files\SourceTec
2010-04-25 23:15 . 1997-07-19 20:55 1347344 ----a-w- c:\windows\system\Msvbvm50.dll
2010-04-25 23:11 . 2010-04-25 23:40 -------- d-----w- C:\dforce
2010-04-25 21:41 . 2010-04-25 21:41 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-25 21:41 . 2010-02-04 15:53 2954656 -c--a-w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
2010-04-25 16:12 . 2010-04-25 16:12 52224 ----a-w- c:\users\Paul\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-25 16:12 . 2010-05-01 22:54 117760 ----a-w- c:\users\Paul\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-25 16:10 . 2010-04-25 16:10 -------- d-----w- c:\program files\Trend Micro
2010-04-25 16:05 . 2010-04-25 16:05 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-25 15:58 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-25 15:58 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-25 15:57 . 2010-05-02 00:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-24 18:16 . 2010-05-02 01:06 -------- d-----w- c:\users\Paul\AppData\Roaming\BitComet
2010-04-24 18:15 . 2010-04-24 18:15 1036288 ----a-w- c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
2010-04-24 18:15 . 2010-04-24 18:16 -------- d-----w- c:\program files\BitComet
2010-04-24 13:14 . 2010-04-24 13:14 -------- d-----w- C:\April 24, 2010
2010-04-24 03:07 . 2008-12-08 16:53 57344 ----a-w- c:\windows\system32\ff_vfw.dll
2010-04-24 03:07 . 2008-06-09 02:58 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-04-24 03:07 . 2010-04-26 02:02 -------- d-----w- c:\program files\ffdshow
2010-04-24 03:06 . 2010-04-24 03:06 -------- d-----w- c:\program files\Haali
2010-04-24 03:05 . 2010-04-24 03:05 -------- d-----w- c:\program files\Common Files\SourceTec
2010-04-24 03:05 . 2010-04-24 03:05 -------- d-----w- c:\program files\Sothink HD Video Converter
2010-04-24 03:05 . 2009-08-17 13:54 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2010-04-23 23:40 . 2010-04-23 23:40 -------- d-----w- c:\program files\LSoft Technologies
2010-04-23 14:04 . 2008-06-07 18:53 40464 ----a-w- c:\windows\system32\drivers\hotcore3.sys
2010-04-23 14:04 . 2008-01-21 21:43 247560 ----a-w- c:\windows\system32\prgiso.dll
2010-04-23 14:04 . 2010-04-24 13:02 -------- d-----w- c:\program files\Paragon Software
2010-04-22 18:11 . 2010-04-22 18:11 242696 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
2010-04-22 18:10 . 2010-04-22 18:10 1689952 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2010-04-22 12:41 . 2010-04-22 12:41 -------- d-----w- c:\program files\7-Zip
2010-04-22 02:06 . 2010-04-23 00:35 -------- d-----w- c:\programdata\WinZip
2010-04-21 10:45 . 2010-05-02 05:20 0 ----a-w- c:\users\Paul\AppData\Local\prvlcl.dat
2010-04-19 13:56 . 2010-04-19 13:56 -------- d-----w- c:\users\Paul\AppData\Roaming\Leadertech
2010-04-18 23:51 . 2010-04-19 13:55 -------- d-----w- c:\program files\NovaLogic
2010-04-18 12:47 . 2010-04-18 12:47 -------- d-----w- c:\users\Paul\AppData\Local\PunkBuster
2010-04-18 12:44 . 2010-04-25 00:47 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-04-18 12:44 . 2010-04-25 00:47 22328 ----a-w- c:\users\Paul\AppData\Roaming\PnkBstrK.sys
2010-04-18 12:44 . 2010-04-25 00:47 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-04-18 12:44 . 2010-04-25 00:47 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-04-18 12:44 . 2010-04-18 12:44 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-04-18 12:35 . 2010-04-18 12:35 -------- d-----w- c:\program files\Electronic Arts
2010-04-18 12:35 . 2008-10-15 10:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-04-18 12:35 . 2008-10-15 10:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2010-04-18 12:35 . 2008-10-15 10:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2010-04-17 04:13 . 2010-04-17 04:13 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-04-17 01:28 . 2010-02-27 12:07 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-17 01:28 . 2010-02-27 12:07 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-17 01:28 . 2010-03-08 21:33 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-04-17 01:28 . 2010-02-27 07:32 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-17 01:28 . 2010-02-27 07:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-17 01:28 . 2010-02-27 07:32 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-16 22:32 . 1996-11-06 19:11 69632 ----a-w- c:\windows\RAUNINST.EXE
2010-04-16 18:30 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-16 18:29 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2010-04-15 18:43 . 2010-04-22 00:04 -------- d-----w- c:\users\Paul\AppData\Local\ElevatedDiagnostics
2010-04-15 15:28 . 2010-04-15 15:29 -------- d-----w- c:\program files\Unlocker
2010-04-15 01:45 . 2010-04-15 01:45 -------- d-----w- c:\users\Paul\AppData\Roaming\Red Alert 3
2010-04-15 01:42 . 2008-07-31 14:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-04-15 01:41 . 2007-07-19 22:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-04-15 01:40 . 2005-05-26 19:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-04-13 19:59 . 2010-04-24 03:12 -------- d-----w- C:\Games
2010-04-12 13:50 . 2010-04-25 21:57 -------- d-----w- c:\program files\Call of Duty
2010-04-12 01:22 . 2010-04-12 01:22 -------- d-----w- c:\users\Paul\dwhelper
2010-04-12 01:20 . 2010-04-12 01:20 -------- d-----w- c:\users\Paul\AppData\Local\Radical Software Ltd
2010-04-11 02:31 . 2005-07-16 06:39 374272 ----a-w- c:\windows\system\mss32.dll
2010-04-11 02:12 . 2010-04-11 02:12 -------- d-sh--w- c:\windows\ftpcache
2010-04-11 02:09 . 2010-04-11 02:09 -------- d-----w- c:\program files\Activision
2010-04-11 01:24 . 2010-04-11 01:24 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-04-10 00:43 . 2010-04-10 00:43 9591104 ----a-w- c:\users\Paul\DTLite4356-0091.exe
2010-04-09 23:50 . 2010-04-11 00:51 -------- d-----w- c:\program files\uTorrent Acceleration Tool
2010-04-09 16:34 . 2010-04-09 16:34 -------- d-----w- c:\users\Paul\AppData\Roaming\.BitTornado
2010-04-09 12:21 . 2010-04-09 12:21 4255072 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-04-09 12:08 . 2010-04-25 13:54 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-09 12:08 . 2010-04-09 12:11 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-04-09 12:02 . 2010-04-09 12:02 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-04-09 12:01 . 2010-04-30 14:00 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-09 12:01 . 2010-04-25 16:09 -------- d-----w- c:\users\Paul\AppData\Roaming\SUPERAntiSpyware.com
2010-04-08 23:32 . 2010-04-09 02:26 -------- d-----w- c:\users\Paul\Incomplete
2010-04-08 23:32 . 2010-04-08 23:32 -------- d-----w- c:\users\Paul\Shared
2010-04-08 23:32 . 2010-04-17 02:34 -------- d-----w- c:\users\Paul\AppData\Roaming\SkyDownloader
2010-04-08 21:53 . 2010-04-23 23:41 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-08 21:52 . 2010-04-11 01:45 -------- d-----w- c:\users\Paul\AppData\Roaming\DAEMON Tools Lite
2010-04-08 21:52 . 2010-04-08 21:52 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-04-08 13:40 . 2010-04-08 13:40 0 ----a-w- c:\windows\nsreg.dat
2010-04-08 02:47 . 2010-04-08 02:47 -------- d-----w- c:\program files\Conduit
2010-04-08 02:05 . 2010-04-08 02:45 -------- d-----w- C:\Downloads
2010-04-06 19:45 . 2010-04-06 19:45 -------- d--h--w- c:\windows\PIF
2010-04-05 14:47 . 2010-04-05 14:47 571 ----a-w- c:\windows\eReg.dat
2010-04-04 13:52 . 2010-04-29 11:59 -------- d-----w- c:\program files\uTorrent
2010-04-04 13:52 . 2010-05-02 22:42 -------- d-----w- c:\users\Paul\AppData\Roaming\uTorrent
2010-04-03 15:05 . 2010-04-29 00:40 -------- d-----w- c:\users\Paul\AppData\Local\Google
2010-04-03 15:04 . 2010-04-08 23:26 -------- d-----w- c:\program files\Google

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-02 21:52 . 2010-04-25 21:45 566432 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\EmailScanner.dll
2010-05-02 21:52 . 2010-04-25 21:45 893952 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\threatwork.exe
2010-05-02 21:51 . 2010-04-25 21:45 15880 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lsdelete.exe
2010-05-02 21:51 . 2010-04-25 21:45 211600 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavamessage.dll
2010-05-02 21:51 . 2010-04-25 21:45 397480 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavalicense.dll
2010-05-02 21:51 . 2010-04-25 21:45 574632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\aawapi.dll
2010-05-02 21:51 . 2010-04-25 21:45 221920 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2010-05-02 21:51 . 2010-04-25 21:45 443344 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2010-05-02 21:51 . 2010-04-25 21:45 167824 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\ShellExt.dll
2010-05-02 21:51 . 2010-04-25 21:45 6306640 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Resources.dll
2010-05-02 21:49 . 2010-04-25 21:45 335728 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\RPAPI.dll
2010-05-02 21:49 . 2010-04-25 21:45 95248 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2010-05-02 21:49 . 2010-04-25 21:45 16456 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\EmailScannerBridge.dll
2010-05-02 21:49 . 2010-04-25 21:45 967640 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\CEAPI.dll
2010-05-02 21:49 . 2010-04-25 21:45 866224 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2010-05-02 21:49 . 2010-04-25 21:45 871320 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2010-05-02 21:48 . 2010-04-25 21:45 1598464 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2010-05-02 21:47 . 2010-04-25 21:45 834248 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe
2010-05-02 21:47 . 2010-04-25 21:45 1285864 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2010-04-26 22:34 . 2010-03-27 01:24 -------- d-----w- c:\program files\Hewlett-Packard
2010-04-26 22:17 . 2010-03-27 01:29 -------- d-----w- c:\programdata\Hewlett-Packard
2010-04-26 02:02 . 2010-03-27 02:14 -------- d-----w- c:\program files\AviSynth 2.5
2010-04-25 21:45 . 2010-04-25 21:45 566608 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\sbap.dll
2010-04-25 21:45 . 2010-04-25 21:45 17632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\WSCUpdate.dll
2010-04-25 21:45 . 2010-04-25 21:45 1230160 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\SBTE.dll
2010-04-25 21:45 . 2010-04-25 21:45 247120 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\SBRE.dll
2010-04-25 21:41 . 2010-03-27 02:22 -------- d-----w- c:\programdata\Lavasoft
2010-04-25 21:41 . 2010-03-27 02:22 -------- d-----w- c:\program files\Lavasoft
2010-04-25 21:05 . 2010-03-27 18:15 -------- d-----w- c:\programdata\Microsoft Help
2010-04-25 20:25 . 2010-03-27 01:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-25 15:42 . 2010-03-27 01:50 -------- d-----w- c:\programdata\avg9
2010-04-24 23:04 . 2010-03-27 01:23 108824 ----a-w- c:\users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-24 21:03 . 2010-03-27 18:18 -------- d-----w- c:\program files\Microsoft Works
2010-04-24 01:36 . 2010-03-27 02:08 -------- d-----w- c:\users\Paul\AppData\Roaming\LimeWire
2010-04-22 23:48 . 2010-03-29 03:43 -------- d-----w- c:\program files\Common Files\Nero
2010-04-22 23:46 . 2010-03-29 03:43 -------- d-----w- c:\programdata\Nero
2010-04-22 18:11 . 2010-03-27 01:53 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-21 13:56 . 2010-03-30 16:39 -------- d-----w- c:\programdata\eMule
2010-04-21 13:55 . 2010-03-30 16:23 -------- d-----w- c:\users\Paul\AppData\Roaming\BitTorrent
2010-04-17 02:00 . 2010-03-27 02:04 -------- d-----w- c:\program files\LimeWire
2010-04-13 12:39 . 2010-04-05 20:29 112 ----a-w- c:\programdata\KM8S2d.dat
2010-04-11 02:01 . 2010-03-27 01:28 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-08 13:38 . 2010-04-03 01:37 -------- d-----w- c:\program files\Yahoo!
2010-04-08 13:37 . 2010-04-03 01:39 -------- d-----w- c:\programdata\Yahoo!
2010-04-08 02:08 . 2010-04-03 02:22 -------- d-----w- c:\users\Paul\AppData\Roaming\FrostWire
2010-04-03 02:38 . 2010-04-03 02:38 0 ----a-w- c:\users\Paul\AppData\Roaming\258A.tmp
2010-04-03 02:35 . 2010-04-03 02:35 0 ----a-w- c:\users\Paul\AppData\Roaming\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe
2010-04-03 02:05 . 2010-04-03 02:05 -------- d-----w- c:\program files\DS Clock
2010-04-03 02:05 . 2010-04-03 02:05 -------- d-----w- c:\users\Paul\AppData\Roaming\Duality Software
2010-04-03 02:05 . 2010-04-03 02:05 -------- d-----w- c:\programdata\Duality Software
2010-04-03 01:53 . 2010-04-03 01:39 -------- d-----w- c:\users\Paul\AppData\Roaming\Yahoo!
2010-04-03 01:47 . 2010-04-03 01:47 -------- d-----w- c:\program files\Quick Startup
2010-04-03 01:47 . 2010-04-03 01:47 -------- d-----w- c:\users\Paul\AppData\Roaming\GlarySoft
2010-04-03 01:25 . 2010-04-03 01:25 -------- d-----w- c:\program files\Realtek
2010-04-03 01:24 . 2010-04-03 01:25 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-04-03 01:24 . 2010-04-03 01:25 167936 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2010-04-03 01:22 . 2010-04-03 01:22 675840 ----a-w- c:\windows\system32\NETw5c32.dll
2010-04-03 01:22 . 2010-04-03 01:22 6755840 ----a-w- c:\windows\system32\drivers\NETw5s32.sys
2010-04-03 01:22 . 2010-04-03 01:22 2756608 ----a-w- c:\windows\system32\NETw5r32.dll
2010-04-03 01:22 . 2010-03-27 01:32 -------- d-----w- c:\users\Paul\AppData\Roaming\Hewlett-Packard
2010-04-02 00:16 . 2010-04-01 00:00 -------- d-----w- c:\programdata\NOS
2010-04-01 22:06 . 2010-04-01 00:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-01 22:03 . 2010-04-01 22:03 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2010-04-01 19:14 . 2010-04-01 19:14 -------- d-----w- c:\users\Paul\AppData\Roaming\Malwarebytes
2010-04-01 19:14 . 2010-04-01 19:14 -------- d-----w- c:\programdata\Malwarebytes
2010-04-01 14:20 . 2010-04-01 14:20 73728 ----a-w- c:\windows\system32\spwindrfc1.exe
2010-04-01 14:07 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Portable Devices
2010-04-01 14:07 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Defender
2010-04-01 14:07 . 2010-03-27 02:38 -------- d-----w- c:\program files\Common Files\LightScribe
2010-04-01 14:05 . 2010-03-29 03:44 -------- d-----w- c:\users\Paul\AppData\Roaming\Nero
2010-04-01 14:05 . 2010-03-29 13:56 -------- d-----w- c:\users\Paul\AppData\Roaming\Canneverbe Limited
2010-04-01 00:01 . 2010-04-01 00:01 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-03-31 02:05 . 2010-03-31 02:05 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-03-29 13:56 . 2010-03-29 13:56 -------- d-----w- c:\programdata\Canneverbe Limited
2010-03-29 12:44 . 2010-03-29 12:44 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2010-03-29 12:44 . 2010-03-29 12:44 3605256 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-03-29 12:44 . 2010-03-29 12:44 546624 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-03-29 03:45 . 2010-03-29 03:45 -------- d-----w- c:\programdata\LightScribe
2010-03-29 00:46 . 2010-03-27 13:41 -------- d-----w- c:\users\Paul\AppData\Roaming\Orbit
2010-03-28 21:02 . 2009-07-14 07:49 -------- d-----w- c:\program files\Windows Journal
2010-03-28 21:02 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Sidebar
2010-03-28 21:02 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Photo Viewer
2010-03-28 21:02 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-03-27 18:17 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-03-27 18:17 . 2010-03-27 18:17 -------- d-----w- c:\program files\Microsoft.NET
2010-03-27 18:15 . 2010-03-27 18:15 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-03-27 18:03 . 2010-03-27 18:03 -------- d-----w- c:\program files\Ubisoft
2010-03-27 17:55 . 2010-03-27 17:51 -------- d-----w- c:\program files\Ubi Soft
2010-03-27 13:41 . 2010-03-27 13:41 -------- d-----w- c:\users\Paul\AppData\Roaming\GrabPro
2010-03-27 04:13 . 2010-03-27 04:13 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-03-27 03:01 . 2010-03-27 02:50 53319 ----a-w- c:\programdata\Temp\{8C20787A-7402-4FA7-BF25-6E5750930FDC}\PostBuild.exe
2010-03-27 02:45 . 2010-03-27 02:45 -------- d-----w- c:\program files\LightScribe
2010-03-27 02:41 . 2010-03-27 02:41 -------- d-----w- c:\program files\LightScribe Template Labeler
2010-03-27 02:40 . 2010-03-27 02:39 -------- d-----w- c:\users\Paul\AppData\Roaming\CyberLink
2010-03-27 02:40 . 2010-03-27 01:29 -------- d-----w- c:\programdata\CyberLink
2010-03-27 02:26 . 2010-03-27 02:26 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-03-27 02:20 . 2010-03-27 02:19 -------- d-----w- c:\program files\CyberLink
2010-03-27 02:20 . 2010-03-27 02:20 -------- d-----w- c:\program files\Common Files\CyberLink
2010-03-27 02:18 . 2010-03-27 02:11 -------- d-----w- c:\users\Paul\AppData\Roaming\Winamp
2010-03-27 02:18 . 2010-03-27 02:19 29480 ----a-w- c:\windows\system32\msxml3a.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"DS Clock"="c:\program files\DS Clock\DSClock.exe" [2009-11-20 582528]
"Google Update"="c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-04-29 136176]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-30 2020592]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SNUVCDSM"="c:\windows\snuvcdsm.exe" [2009-08-10 27184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe"
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe"
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe"
"BDRegion"=c:\program files\Cyberlink\Shared Files\brs.exe
"PLFSetL"=c:\windows\PLFSetL.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QlbCtrl.exe"=c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"Bbivaq"=rundll32.exe "c:\users\Paul\AppData\Local\asazejow.dll",Startup
"AVG9_TRAY"=c:\progra~1\AVG\AVG9\avgtray.exe
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 135664]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-05-02 1285864]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2010-01-18 3200]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-29 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-04-23 691696]
S0 hotcore3;hc3ServiceName;c:\windows\system32\drivers\hotcore3.sys [2008-06-07 40464]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-02-04 64288]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-03-27 216200]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-04-22 242896]
S1 NetBurn;Paragon NetBurning Driver;c:\windows\system32\DRIVERS\NetBurn.sys [2008-06-07 84752]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-04-30 61440]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/03/26 22:20];c:\program files\CyberLink\PowerDVD9\000.fcl [2009-02-28 23:40 87536]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-27 916760]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-27 308064]
S2 DSClockSyncTime;DS Clock Synchronization Service www.dualitysoft.com;c:\program files\DS Clock\dsetime.exe [2009-11-20 62264]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 NetBurnerService;Net Burner iSCSI Service;c:\program files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe [2008-06-07 223248]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 NETw5s32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-04-03 6755840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-04-03 167936]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-02-22 15:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 15:05]

2010-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-03 15:05]

2010-05-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
- c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-29 00:39]

2010-05-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
- c:\users\Paul\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-29 00:39]

2010-04-27 c:\windows\Tasks\HPCeeScheduleForPaul.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 08:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: kickasstorrents.com
FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1547340&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - google.com
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\users\Paul\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

BHO-{0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
BHO-{9D425283-D487-4337-BAB6-AB8354A81457} - (no file)



[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-05-03 09:59:56
ComboFix-quarantined-files.txt 2010-05-03 13:59
ComboFix2.txt 2010-05-03 00:06

Pre-Run: 222,056,058,880 bytes free
Post-Run: 222,008,954,880 bytes free

- - End Of File - - 7E11A725094BB22312144A603E263DC6



OTL Log

OTL logfile created on: 5/3/2010 10:05:33 AM - Run 4
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Users\Paul\Desktop\Utilities
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.07 Gb Total Space | 206.84 Gb Free Space | 72.05% Space Free | Partition Type: NTFS
Drive D: | 10.92 Gb Total Space | 1.82 Gb Free Space | 16.68% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PAUL-PC
Current User Name: Paul
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/05/01 23:58:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\Utilities\OTL.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/22 14:11:19 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/04/02 09:50:40 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/04/01 13:58:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/03/26 21:53:12 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/03/26 21:52:57 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/03/26 21:52:39 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/03/26 21:52:35 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/19 23:16:26 | 000,582,528 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsclock.exe
PRC - [2009/11/19 21:39:16 | 000,062,264 | ---- | M] (Duality Software) -- C:\Program Files\DS Clock\dsetime.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/09/30 17:57:20 | 000,718,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 21:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/06/07 14:54:28 | 000,223,248 | ---- | M] (Paragon GmbH) -- C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe


========== Modules (SafeList) ==========

MOD - [2010/05/01 23:58:12 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Paul\Desktop\Utilities\OTL.exe
MOD - [2009/07/13 21:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 21:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 21:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 21:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 21:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 21:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 21:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 21:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 21:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 21:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
SRV - File not found [Auto | Stopped] -- -- (HP Health Check Service)
SRV - [2010/05/02 17:47:19 | 001,285,864 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/03/29 08:40:55 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/26 21:52:39 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/03/26 21:52:35 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/11/19 21:39:16 | 000,062,264 | ---- | M] (Duality Software) [Auto | Running] -- C:\Program Files\DS Clock\dsetime.exe -- (DSClockSyncTime)
SRV - [2009/07/13 21:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 21:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 21:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 21:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 21:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 21:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 21:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 21:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 21:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 21:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 21:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 21:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 21:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 21:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 21:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 21:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/06/07 14:54:28 | 000,223,248 | ---- | M] (Paragon GmbH) [Auto | Running] -- C:\Program Files\Paragon Software\Drive Backup 9 Professional\Net Burner Service\NetBurnerService.exe -- (NetBurnerService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010/04/30 10:00:55 | 000,061,440 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/04/23 19:41:21 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/04/22 14:11:19 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/04/02 21:24:40 | 000,167,936 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2010/04/02 21:22:50 | 006,755,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel®
DRV - [2010/03/26 21:53:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/03/26 21:53:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/01/18 16:39:06 | 000,003,200 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2009/12/11 03:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/09/10 10:29:50 | 001,761,280 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/07/13 21:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/13 21:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/13 21:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/13 21:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/13 21:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/13 21:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/13 21:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/13 21:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/13 21:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/13 21:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/13 21:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/13 21:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/13 21:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/13 21:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/13 21:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/13 21:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/13 21:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/13 21:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/13 21:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/13 21:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/13 21:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/13 21:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/13 21:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/13 21:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/13 21:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/13 21:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/13 21:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/13 21:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/13 21:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/13 21:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/13 21:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/13 21:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/13 21:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/13 21:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/13 21:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/13 21:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/13 21:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/13 21:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/13 20:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/13 20:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/13 20:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/13 19:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/13 19:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/13 19:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/13 19:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009/07/13 19:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/13 19:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/13 19:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/13 19:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/13 19:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/13 19:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/13 19:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/13 19:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/13 19:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/13 19:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/13 19:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/13 19:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 18:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 18:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 18:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 18:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 18:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 18:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
DRV - [2009/07/13 18:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
DRV - [2009/07/13 18:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/07/13 18:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 18:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 18:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/06/10 17:19:30 | 004,756,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/29 08:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009/02/28 19:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/03/26 22:20:45] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008/06/07 14:54:28 | 000,084,752 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\NetBurn.sys -- (NetBurn)
DRV - [2008/06/07 14:53:02 | 000,040,464 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hotcore3.sys -- (hotcore3)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 90 15 AF 43 4E CD CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = EA 92 98 01 9E 56 4C 4B 90 BE 9A 16 B8 3E 7F 8F [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Gossiper"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/04/23 05:27:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/28 23:02:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/26 09:33:42 | 000,000,000 | ---D | M]

[2010/03/26 22:09:03 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions
[2010/03/26 22:09:03 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/05/02 22:05:01 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions
[2010/04/08 09:42:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/04/24 14:15:37 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010/04/11 21:20:45 | 000,001,948 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\bing-zugo.xml
[2010/04/17 13:16:13 | 000,000,877 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\conduit.xml
[2010/04/23 14:39:49 | 000,002,612 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\p01z92q3.default\searchplugins\kickasstorrents.xml
[2010/04/08 09:40:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/21 06:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010/01/13 18:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

O1 HOSTS File: ([2010/05/02 19:53:28 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - No CLSID value found.
O2 - BHO: (no name) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DS Clock] C:\Program Files\DS Clock\DSClock.exe (Duality Software)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: kickasstorrents.com ([]https in Trusted sites)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/04/01 20:00:19 | 000,000,000 | -H-D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/26 17:14:55 | 000,000,000 | -H-D | M] - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 90 Days ==========

[2010/05/03 09:59:59 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/05/03 09:59:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/05/03 09:48:16 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/05/03 09:47:29 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/05/02 19:50:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\temp
[2010/05/02 18:52:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/05/02 18:52:02 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/05/02 18:52:02 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/05/02 18:41:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/02 18:26:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Threat Expert
[2010/05/02 08:50:22 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/05/02 00:38:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/05/02 00:37:27 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/05/01 22:32:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Avira
[2010/05/01 22:13:25 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/05/01 22:13:22 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/05/01 22:13:22 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/05/01 22:13:22 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/05/01 22:13:22 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/05/01 22:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/05/01 22:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/05/01 21:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Free Window Registry Repair
[2010/05/01 15:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2010/04/29 09:08:06 | 000,000,000 | ---D | C] -- C:\Users\Paul\manager
[2010/04/28 21:57:49 | 000,000,000 | R--D | C] -- C:\Users\Paul\Downloads
[2010/04/28 20:48:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Downloads
[2010/04/26 19:09:16 | 005,739,160 | ---- | C] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_V3_Pad.exe
[2010/04/26 19:07:34 | 008,402,176 | ---- | C] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_Pad.exe
[2010/04/26 18:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\{DA06AA03-DF24-4ECE-939E-1B0939235C66}
[2010/04/25 22:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\SourceTec
[2010/04/25 21:15:17 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/04/25 19:11:56 | 000,000,000 | ---D | C] -- C:\dforce
[2010/04/25 17:45:57 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/04/25 17:41:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/04/25 12:10:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/25 12:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/25 11:58:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/25 11:58:03 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/25 11:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/04/24 14:21:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\BitComet Downloads
[2010/04/24 14:16:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\BitComet
[2010/04/24 14:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\BitComet
[2010/04/24 09:14:40 | 000,000,000 | ---D | C] -- C:\April 24, 2010
[2010/04/23 23:07:26 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll
[2010/04/23 23:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/04/23 23:06:36 | 000,000,000 | ---D | C] -- C:\Program Files\Haali
[2010/04/23 23:05:40 | 000,290,816 | ---- | C] (SourceTec Software Co., LTD) -- C:\Windows\System32\stFLVSource.ax
[2010/04/23 23:05:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SourceTec
[2010/04/23 23:05:38 | 000,438,272 | ---- | C] (Gabest) -- C:\Windows\System32\Mpeg2DecFilter.ax
[2010/04/23 23:05:38 | 000,217,088 | ---- | C] (-) -- C:\Windows\System32\CoreFLACDecoder.ax
[2010/04/23 23:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Sothink HD Video Converter
[2010/04/23 19:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\LSoft Technologies
[2010/04/23 10:04:36 | 000,040,464 | ---- | C] (Paragon Software Group) -- C:\Windows\System32\drivers\hotcore3.sys
[2010/04/23 10:04:08 | 000,000,000 | ---D | C] -- C:\Program Files\Paragon Software
[2010/04/22 08:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/04/21 22:18:13 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\Delta Force Xtreme
[2010/04/21 22:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2010/04/21 22:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010/04/19 09:56:35 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Leadertech
[2010/04/18 19:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\NovaLogic
[2010/04/18 08:47:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PunkBuster
[2010/04/18 08:47:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\BFBC2
[2010/04/18 08:35:08 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/04/17 12:46:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Game Guides
[2010/04/15 19:55:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Limewire Downloads
[2010/04/15 14:43:07 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\ElevatedDiagnostics
[2010/04/15 11:28:00 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010/04/14 21:45:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Red Alert 3
[2010/04/14 21:31:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/04/13 21:18:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Torrent Downloads
[2010/04/13 21:08:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Utilities
[2010/04/13 21:04:52 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\PC Games
[2010/04/13 16:51:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010/04/13 15:59:20 | 000,000,000 | ---D | C] -- C:\Games
[2010/04/12 09:50:53 | 000,000,000 | ---D | C] -- C:\Program Files\Call of Duty
[2010/04/11 21:22:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\dwhelper
[2010/04/11 21:20:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Radical Software Ltd
[2010/04/10 22:12:27 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/04/10 22:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/04/10 21:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010/04/09 20:43:41 | 009,591,104 | ---- | C] (DT Soft Ltd.) -- C:\Users\Paul\DTLite4356-0091.exe
[2010/04/09 19:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent Acceleration Tool
[2010/04/09 12:34:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\.BitTornado
[2010/04/09 11:00:22 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Virus Programs
[2010/04/09 08:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/04/09 08:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/04/09 08:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/04/09 08:01:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SUPERAntiSpyware.com
[2010/04/09 08:01:57 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/08 19:32:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Shared
[2010/04/08 19:32:57 | 000,000,000 | ---D | C] -- C:\Users\Paul\Incomplete
[2010/04/08 19:32:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\SkyDownloader
[2010/04/08 17:53:54 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010/04/08 17:52:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\DAEMON Tools Lite
[2010/04/08 17:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/04/07 22:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/04/07 22:05:51 | 000,000,000 | ---D | C] -- C:\Downloads
[2010/04/06 15:45:56 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2010/04/04 09:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/04/04 09:52:03 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\uTorrent
[2010/04/04 09:50:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\uTorrent Downloads
[2010/04/03 11:05:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Google
[2010/04/03 11:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/04/02 22:22:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\FrostWire
[2010/04/02 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\FrostWire
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Duality Software
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Duality Software
[2010/04/02 22:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\DS Clock
[2010/04/02 21:53:21 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Yahoo
[2010/04/02 21:47:24 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Startup
[2010/04/02 21:47:24 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\GlarySoft
[2010/04/02 21:39:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Yahoo!
[2010/04/02 21:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/04/02 21:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/04/02 21:25:00 | 000,167,936 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2010/04/02 21:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/04/01 20:00:19 | 000,000,000 | -H-D | C] -- C:\Autorun.inf
[2010/04/01 15:14:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Malwarebytes
[2010/04/01 15:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/31 22:32:13 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\CyberLink
[2010/03/31 20:03:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/31 20:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/31 20:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/03/31 20:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/03/31 20:00:48 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Adobe
[2010/03/31 20:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/03/31 12:54:59 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/03/30 22:34:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/03/30 12:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2010/03/30 12:39:17 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\eMule
[2010/03/30 12:23:37 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\BitTorrent
[2010/03/29 09:56:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Canneverbe Limited
[2010/03/29 09:56:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010/03/29 08:40:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010/03/28 23:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/03/28 23:44:53 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Nero
[2010/03/28 23:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/03/28 23:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/03/28 19:39:41 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/03/28 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Diagnostics
[2010/03/27 14:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/03/27 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010/03/27 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010/03/27 14:17:16 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/03/27 14:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/03/27 14:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010/03/27 14:15:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Microsoft Help
[2010/03/27 14:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/03/27 14:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010/03/27 14:13:33 | 000,000,000 | R--D | C] -- C:\MSOCache
[2010/03/27 14:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010/03/27 13:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ubi Soft
[2010/03/27 09:41:42 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\GrabPro
[2010/03/27 09:41:40 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Orbit
[2010/03/27 01:10:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/03/27 00:14:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/03/27 00:12:04 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/03/27 00:11:14 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/26 22:47:45 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Ares
[2010/03/26 22:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribe
[2010/03/26 22:41:40 | 000,000,000 | ---D | C] -- C:\Program Files\LightScribe Template Labeler
[2010/03/26 22:40:38 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PowerDVDCox
[2010/03/26 22:40:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\PowerDVDCinema
[2010/03/26 22:39:37 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\CyberLink
[2010/03/26 22:39:36 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\CyberLink
[2010/03/26 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2010/03/26 22:27:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/03/26 22:26:58 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 22:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/03/26 22:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/03/26 22:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010/03/26 22:19:58 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010/03/26 22:18:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010/03/26 22:14:55 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/03/26 22:14:45 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/03/26 22:14:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\WinRAR
[2010/03/26 22:11:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/03/26 22:11:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Winamp
[2010/03/26 22:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010/03/26 22:10:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Incomplete
[2010/03/26 22:09:10 | 000,000,000 | ---D | C] -- C:\Users\Paul\Documents\LimeWire
[2010/03/26 22:08:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2010/03/26 22:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/03/26 22:07:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/26 22:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/26 22:04:49 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/03/26 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Macromedia
[2010/03/26 22:03:18 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Adobe
[2010/03/26 21:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/03/26 21:56:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/03/26 21:53:49 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/26 21:53:47 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/03/26 21:53:42 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/26 21:53:41 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/26 21:53:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010/03/26 21:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/03/26 21:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/03/26 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Mozilla
[2010/03/26 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Mozilla
[2010/03/26 21:45:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/26 21:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{657095DF-DBDB-4B17-8245-B38845C97069}
[2010/03/26 21:32:32 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Hewlett-Packard
[2010/03/26 21:32:05 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Hewlett-Packard
[2010/03/26 21:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010/03/26 21:29:25 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/03/26 21:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010/03/26 21:28:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/03/26 21:26:08 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
[2010/03/26 21:25:27 | 000,000,000 | ---D | C] -- C:\Intel
[2010/03/26 21:24:41 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/03/26 21:24:41 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\hpqLog
[2010/03/26 21:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010/03/26 21:24:19 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/03/26 21:23:43 | 000,000,000 | ---D | C] -- C:\SwSetup
[2010/03/26 21:20:53 | 000,000,000 | R--D | C] -- C:\Users\Paul\Searches
[2010/03/26 21:20:44 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Identities
[2010/03/26 21:20:41 | 000,000,000 | R--D | C] -- C:\Users\Paul\Contacts
[2010/03/26 21:20:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\VirtualStore
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Temporary Internet Files
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Templates
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Local Settings
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\History
[2010/03/26 21:20:30 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Application Data
[2010/03/26 21:20:29 | 000,000,000 | --SD | C] -- C:\Users\Paul\AppData\Roaming\Microsoft
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Videos
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Saved Games
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Pictures
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Music
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Links
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Favorites
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\My Documents
[2010/03/26 21:20:29 | 000,000,000 | R--D | C] -- C:\Users\Paul\Desktop
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Start Menu
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\SendTo
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Recent
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\PrintHood
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\NetHood
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Videos
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Pictures
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documents\My Music
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\My Documents
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Cookies
[2010/03/26 21:20:29 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Application Data
[2010/03/26 21:20:29 | 000,000,000 | -H-D | C] -- C:\Users\Paul\AppData
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Microsoft
[2010/03/26 21:20:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Media Center Programs
[2010/03/26 21:20:19 | 000,000,000 | ---D | C] -- C:\Recovery
[1 C:\Users\Paul\AppData\Roaming\*.tmp files -> C:\Users\Paul\AppData\Roaming\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/05/03 10:06:22 | 006,029,312 | -HS- | M] () -- C:\Users\Paul\ntuser.dat
[2010/05/03 09:57:42 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/05/03 09:47:17 | 003,926,394 | R--- | M] () -- C:\Users\Paul\Desktop\ComboFix.exe
[2010/05/03 09:44:14 | 059,525,945 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/05/03 09:44:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
[2010/05/03 09:23:43 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/03 09:23:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/03 05:36:14 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/03 05:36:14 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/03 05:33:01 | 000,717,892 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/05/03 05:33:01 | 000,618,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/05/03 05:33:01 | 000,104,546 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/05/03 05:28:34 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/03 05:28:28 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/03 05:28:23 | 2361,802,752 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/02 22:22:07 | 002,480,870 | -H-- | M] () -- C:\Users\Paul\AppData\Local\IconCache.db
[2010/05/02 20:44:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
[2010/05/02 19:53:28 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/05/02 09:05:41 | 394,960,444 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/05/02 08:20:01 | 000,002,959 | ---- | M] () -- C:\Users\Paul\Desktop\HiJackThis.lnk
[2010/05/02 01:20:34 | 000,000,000 | ---- | M] () -- C:\Users\Paul\AppData\Local\prvlcl.dat
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/28 21:55:06 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000002.regtrans-ms
[2010/04/28 21:55:06 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000001.regtrans-ms
[2010/04/28 21:55:06 | 000,065,536 | -HS- | M] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TM.blf
[2010/04/28 20:42:58 | 000,002,249 | ---- | M] () -- C:\Users\Paul\Desktop\Google Chrome.lnk
[2010/04/27 22:06:25 | 000,001,683 | ---- | M] () -- C:\Users\Paul\Desktop\Sniper Elite.lnk
[2010/04/27 21:18:08 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/27 05:34:22 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job
[2010/04/26 21:15:07 | 000,000,479 | ---- | M] () -- C:\Users\Paul\Desktop\Desktop.lnk
[2010/04/26 19:13:12 | 005,739,160 | ---- | M] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_V3_Pad.exe
[2010/04/26 19:12:56 | 008,402,176 | ---- | M] (Saitek ) -- C:\Users\Paul\Desktop\Saitek_Cyborg_Pad.exe
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe
[2010/04/26 09:33:46 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/25 22:02:33 | 000,001,212 | ---- | M] () -- C:\Users\Public\Desktop\Sothink Movie DVD Maker.lnk
[2010/04/25 19:09:25 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/04/25 17:45:47 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010/04/25 16:39:38 | 000,001,245 | ---- | M] () -- C:\Users\Paul\Desktop\Delta Force BHD.lnk
[2010/04/25 11:46:09 | 000,001,816 | ---- | M] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/04/24 20:47:47 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/24 20:47:47 | 000,022,328 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\PnkBstrK.sys
[2010/04/24 20:25:11 | 000,410,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/24 19:04:22 | 000,108,824 | ---- | M] () -- C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/24 17:01:56 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010/04/24 14:15:36 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010/04/24 09:02:57 | 000,002,357 | ---- | M] () -- C:\Users\Public\Desktop\Paragon Drive Backup™.lnk
[2010/04/24 07:22:56 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2010/04/23 23:05:49 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Sothink HD Video Converter.lnk
[2010/04/23 20:38:18 | 000,007,598 | ---- | M] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
[2010/04/23 19:41:21 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010/04/22 14:11:19 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010/04/22 08:42:24 | 000,000,938 | ---- | M] () -- C:\Users\Paul\Desktop\7-Zip File Manager.lnk
[2010/04/21 22:06:54 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2010/04/21 19:14:57 | 000,000,950 | ---- | M] () -- C:\Users\Paul\Desktop\HP Instant Care.url
[2010/04/21 19:13:30 | 000,000,000 | ---- | M] () -- C:\Windows\System32\file.ext
[2010/04/21 10:01:07 | 000,001,005 | ---- | M] () -- C:\Users\Paul\Desktop\Start Unlocker.lnk
[2010/04/18 21:25:24 | 000,001,191 | ---- | M] () -- C:\Users\Paul\Desktop\Delta Force 2 Xtreme.lnk
[2010/04/18 08:51:27 | 000,215,128 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/04/18 08:48:15 | 000,001,848 | ---- | M] () -- C:\Users\Paul\Desktop\Battlefield-Bad Company 2.lnk
[2010/04/18 08:44:19 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/04/16 22:46:00 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/16 22:00:37 | 000,001,873 | ---- | M] () -- C:\Users\Paul\Desktop\LimeWire PRO 5.3.6.lnk
[2010/04/16 21:44:57 | 000,011,324 | ---- | M] () -- C:\Users\Paul\Desktop\300 Ultra Mag.jpg
[2010/04/13 08:39:54 | 000,000,112 | ---- | M] () -- C:\ProgramData\KM8S2d.dat
[2010/04/12 10:13:43 | 000,000,910 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty 1 SP.lnk
[2010/04/12 09:56:27 | 000,000,960 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty Multiplayer.lnk
[2010/04/12 09:56:23 | 000,000,745 | ---- | M] () -- C:\Windows\CoD.INI
[2010/04/10 22:35:18 | 000,001,062 | ---- | M] () -- C:\Users\Paul\Desktop\Call of Duty 2.lnk
[2010/04/10 22:12:15 | 000,000,287 | ---- | M] () -- C:\Windows\game.ini
[2010/04/10 21:24:42 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/04/09 21:45:38 | 000,002,058 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 9.lnk
[2010/04/09 20:43:36 | 009,591,104 | ---- | M] (DT Soft Ltd.) -- C:\Users\Paul\DTLite4356-0091.exe
[2010/04/09 19:51:15 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\uTorrent Acceleration Tool.lnk
[2010/04/09 11:03:23 | 000,385,990 | R--- | M] () -- C:\Windows\System32\drivers\etc\hostsold
[2010/04/08 19:26:25 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/08 09:40:49 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/06 10:48:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/05 10:47:20 | 000,000,571 | ---- | M] () -- C:\Windows\eReg.dat
[2010/04/04 09:52:57 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/04/02 21:47:25 | 000,000,935 | ---- | M] () -- C:\Users\Paul\Desktop\Quick Startup.lnk
[2010/04/02 21:39:26 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/02 21:24:40 | 000,167,936 | ---- | M] (Realtek ) -- C:\Windows\System32\drivers\Rt86win7.sys
[2010/04/02 21:24:40 | 000,073,728 | ---- | M] () -- C:\Windows\System32\RtNicProp32.dll
[2010/04/02 09:05:05 | 000,000,313 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2010/04/01 20:24:29 | 146,220,896 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100401).reg
[2010/04/01 10:20:44 | 000,073,728 | ---- | M] () -- C:\Windows\System32\spwindrfc1.exe
[2010/03/28 23:30:49 | 144,381,288 | ---- | M] () -- C:\Users\Paul\Documents\BackupRegistry(20100328).reg
[2010/03/27 14:27:40 | 000,002,059 | ---- | M] () -- C:\Users\Public\Desktop\Play Splinter Cell Pandora Tomorrow.lnk
[2010/03/27 13:51:17 | 000,001,036 | ---- | M] () -- C:\Users\Public\Desktop\Play Splinter Cell.lnk
[2010/03/27 00:15:25 | 000,041,962 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/03/27 00:13:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/03/26 22:38:19 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010/03/26 22:28:39 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 22:28:39 | 000,524,288 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/26 22:28:39 | 000,065,536 | -HS- | M] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/26 22:26:58 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/03/26 22:11:52 | 000,000,941 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 21:53:51 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010/03/26 21:53:43 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010/03/26 21:53:42 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010/03/26 21:53:41 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/26 21:36:57 | 000,000,104 | ---- | M] () -- C:\Users\Paul\Desktop\Control Panel.lnk
[2010/03/26 21:36:10 | 000,000,355 | ---- | M] () -- C:\Users\Paul\Desktop\Computer.lnk
[2010/03/26 21:22:03 | 000,001,417 | ---- | M] () -- C:\Users\Paul\Desktop\Internet Explorer.lnk
[2010/03/26 21:20:30 | 000,000,020 | -HS- | M] () -- C:\Users\Paul\ntuser.ini
[2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[1 C:\Users\Paul\AppData\Roaming\*.tmp files -> C:\Users\Paul\AppData\Roaming\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/02 18:52:03 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/05/02 18:52:02 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/05/02 18:52:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/05/02 18:52:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/05/02 18:52:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/05/02 18:40:17 | 003,926,394 | R--- | C] () -- C:\Users\Paul\Desktop\ComboFix.exe
[2010/05/02 09:04:05 | 000,293,376 | ---- | C] () -- C:\Users\Paul\Desktop\gmer.exe
[2010/04/28 20:42:58 | 000,002,249 | ---- | C] () -- C:\Users\Paul\Desktop\Google Chrome.lnk
[2010/04/28 20:39:26 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000UA.job
[2010/04/28 20:39:26 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130715792-4014861670-1953933601-1000Core.job
[2010/04/28 18:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000002.regtrans-ms
[2010/04/28 18:07:02 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TMContainer00000000000000000001.regtrans-ms
[2010/04/28 18:07:02 | 000,065,536 | -HS- | C] () -- C:\Users\Paul\ntuser.dat{d23aa1a4-5310-11df-811c-001f16e2d06b}.TM.blf
[2010/04/28 01:08:51 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/04/26 21:14:46 | 000,000,479 | ---- | C] () -- C:\Users\Paul\Desktop\Desktop.lnk
[2010/04/25 22:02:33 | 000,001,212 | ---- | C] () -- C:\Users\Public\Desktop\Sothink Movie DVD Maker.lnk
[2010/04/25 17:41:54 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/04/25 12:10:21 | 000,002,959 | ---- | C] () -- C:\Users\Paul\Desktop\HiJackThis.lnk
[2010/04/25 11:58:14 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/25 11:46:09 | 000,001,816 | ---- | C] () -- C:\Users\Public\Desktop\AVG Free 9.0.lnk
[2010/04/24 14:15:36 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\BitComet.lnk
[2010/04/24 09:02:57 | 000,002,357 | ---- | C] () -- C:\Users\Public\Desktop\Paragon Drive Backup™.lnk
[2010/04/23 23:15:17 | 000,001,683 | ---- | C] () -- C:\Users\Paul\Desktop\Sniper Elite.lnk
[2010/04/23 23:07:27 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/04/23 23:05:49 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Sothink HD Video Converter.lnk
[2010/04/23 20:38:18 | 000,007,598 | ---- | C] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg
[2010/04/23 10:04:36 | 000,247,560 | ---- | C] () -- C:\Windows\System32\prgiso.dll
[2010/04/22 08:42:24 | 000,000,938 | ---- | C] () -- C:\Users\Paul\Desktop\7-Zip File Manager.lnk
[2010/04/21 22:06:54 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2010/04/21 21:40:28 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2010/04/21 19:14:57 | 000,000,950 | ---- | C] () -- C:\Users\Paul\Desktop\HP Instant Care.url
[2010/04/21 19:13:29 | 000,000,000 | ---- | C] () -- C:\Windows\System32\file.ext
[2010/04/21 10:01:07 | 000,001,005 | ---- | C] () -- C:\Users\Paul\Desktop\Start Unlocker.lnk
[2010/04/21 06:45:20 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\prvlcl.dat
[2010/04/19 10:07:09 | 000,001,245 | ---- | C] () -- C:\Users\Paul\Desktop\Delta Force BHD.lnk
[2010/04/18 21:25:24 | 000,001,191 | ---- | C] () -- C:\Users\Paul\Desktop\Delta Force 2 Xtreme.lnk
[2010/04/18 08:48:15 | 000,001,848 | ---- | C] () -- C:\Users\Paul\Desktop\Battlefield-Bad Company 2.lnk
[2010/04/18 08:47:26 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/04/18 08:44:35 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/04/18 08:44:35 | 000,022,328 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\PnkBstrK.sys
[2010/04/18 08:44:21 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/04/18 08:44:19 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/04/18 08:44:19 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/04/16 22:00:37 | 000,001,873 | ---- | C] () -- C:\Users\Paul\Desktop\LimeWire PRO 5.3.6.lnk
[2010/04/16 21:44:56 | 000,011,324 | ---- | C] () -- C:\Users\Paul\Desktop\300 Ultra Mag.jpg
[2010/04/16 18:32:49 | 000,069,632 | ---- | C] () -- C:\Windows\RAUNINST.EXE
[2010/04/13 22:05:04 | 394,960,444 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/04/12 10:13:43 | 000,000,910 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty 1 SP.lnk
[2010/04/12 09:56:27 | 000,000,960 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty Multiplayer.lnk
[2010/04/12 09:48:52 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2010/04/10 22:35:18 | 000,001,062 | ---- | C] () -- C:\Users\Paul\Desktop\Call of Duty 2.lnk
[2010/04/10 22:31:28 | 000,374,272 | ---- | C] () -- C:\Windows\System\mss32.dll
[2010/04/10 22:12:15 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2010/04/10 21:24:42 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/04/09 19:51:15 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\uTorrent Acceleration Tool.lnk
[2010/04/08 19:26:25 | 000,002,170 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/04/08 09:40:49 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/04/08 09:40:34 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/06 10:48:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/06 10:48:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/05 16:29:18 | 000,000,112 | ---- | C] () -- C:\ProgramData\KM8S2d.dat
[2010/04/05 10:47:20 | 000,000,571 | ---- | C] () -- C:\Windows\eReg.dat
[2010/04/04 09:52:57 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010/04/03 11:05:31 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/03 11:05:31 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/02 21:47:25 | 000,000,935 | ---- | C] () -- C:\Users\Paul\Desktop\Quick Startup.lnk
[2010/04/02 21:39:26 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2010/04/02 21:25:00 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/04/01 20:24:18 | 146,220,896 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100401).reg
[2010/04/01 18:06:45 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/01 10:20:34 | 000,073,728 | ---- | C] () -- C:\Windows\System32\spwindrfc1.exe
[2010/03/28 23:30:41 | 144,381,288 | ---- | C] () -- C:\Users\Paul\Documents\BackupRegistry(20100328).reg
[2010/03/27 14:27:40 | 000,002,059 | ---- | C] () -- C:\Users\Public\Desktop\Play Splinter Cell Pandora Tomorrow.lnk
[2010/03/27 13:55:54 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010/03/27 13:55:54 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010/03/27 13:55:54 | 000,035,840 | R--- | C] () -- C:\Windows\System32\comdlg32.oca
[2010/03/27 13:55:54 | 000,029,184 | R--- | C] () -- C:\Windows\System32\MSINET.oca
[2010/03/27 13:51:02 | 000,001,036 | ---- | C] () -- C:\Users\Public\Desktop\Play Splinter Cell.lnk
[2010/03/27 00:13:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/03/27 00:11:14 | 2361,802,752 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/26 22:38:19 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010/03/26 22:30:46 | 000,000,186 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\QSwitch.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\DSwitch.txt
[2010/03/26 22:30:43 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\AtStart.txt
[2010/03/26 22:20:41 | 000,002,058 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 9.lnk
[2010/03/26 22:11:52 | 000,000,941 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010/03/26 21:53:41 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010/03/26 21:53:40 | 059,525,945 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/03/26 21:51:14 | 000,000,316 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForPaul.job
[2010/03/26 21:36:57 | 000,000,104 | ---- | C] () -- C:\Users\Paul\Desktop\Control Panel.lnk
[2010/03/26 21:36:10 | 000,000,355 | ---- | C] () -- C:\Users\Paul\Desktop\Computer.lnk
[2010/03/26 21:29:47 | 000,000,313 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2010/03/26 21:22:03 | 000,001,417 | ---- | C] () -- C:\Users\Paul\Desktop\Internet Explorer.lnk
[2010/03/26 21:20:30 | 000,000,020 | -HS- | C] () -- C:\Users\Paul\ntuser.ini
[2010/03/26 21:20:29 | 006,029,312 | -HS- | C] () -- C:\Users\Paul\ntuser.dat
[2010/03/26 21:20:29 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/26 21:20:29 | 000,524,288 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/26 21:20:29 | 000,262,144 | -HS- | C] () -- C:\Users\Paul\ntuser.dat.LOG1
[2010/03/26 21:20:29 | 000,065,536 | -HS- | C] () -- C:\Users\Paul\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/26 21:20:29 | 000,000,000 | -HS- | C] () -- C:\Users\Paul\ntuser.dat.LOG2
[2010/01/18 16:38:46 | 000,010,496 | ---- | C] () -- C:\Windows\System32\rcmirror.dll
[2009/09/10 10:29:50 | 001,761,280 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/05/11 09:39:16 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2008/12/29 09:13:30 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/06/07 14:53:02 | 004,244,744 | ---- | C] () -- C:\Windows\System32\qtp-mt334.dll
[2008/06/07 14:53:02 | 000,013,576 | ---- | C] () -- C:\Windows\System32\wnaspi32.dll
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll

========== LOP Check ==========

[2010/04/09 12:34:34 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\.BitTornado
[2010/05/01 21:06:23 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BitComet
[2010/04/21 09:55:52 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BitTorrent
[2010/04/01 10:05:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Canneverbe Limited
[2010/04/10 21:45:11 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\DAEMON Tools Lite
[2010/04/02 22:05:46 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Duality Software
[2010/04/07 22:08:47 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\FrostWire
[2010/04/02 21:47:24 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GlarySoft
[2010/03/27 09:41:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GrabPro
[2010/04/19 09:56:35 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Leadertech
[2010/04/23 21:36:49 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\LimeWire
[2010/03/28 20:46:00 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Orbit
[2010/04/14 21:45:56 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Red Alert 3
[2010/04/16 22:34:56 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\SkyDownloader
[2010/05/02 18:42:13 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\uTorrent
[2010/03/26 21:26:08 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\{8126D2ED-1984-4573-9D57-97637E10C716}
[2010/04/27 07:17:52 | 000,027,840 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >
  • 0

#12
Essexboy
Posted 03 May 2010 - 08:19 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets tidy up a few orphans now - are you able to access websites now ?

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
FF - prefs.js..browser.search.defaultthis.engineName: "Gossiper"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1547340&SearchSource=3&q={searchTerms}"
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - No CLSID value found.
O2 - BHO: (no name) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - No CLSID value found.
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

  • 0

#13
Bullet90
Posted 03 May 2010 - 08:36 AM

Bullet90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Still no access to sites.

All processes killed
========== OTL ==========
Prefs.js: "Gossiper" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.condui...={searchTerms}" removed from browser.search.defaulturl
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D425283-D487-4337-BAB6-AB8354A81457}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Paul
->Temp folder emptied: 2 bytes
->Temporary Internet Files folder emptied: 361144 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 4601852 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 5381 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 5.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Paul
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.4.0 log created on 05032010_102841

Files\Folders moved on Reboot...
C:\Users\Paul\AppData\Local\Temp\ehmsas.txt moved successfully.

Registry entries deleted on Reboot...
  • 0

#14
Essexboy
Posted 03 May 2010 - 08:40 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you give me some examples of the sites that will not load in both IE and FF
  • 0

#15
Bullet90
Posted 03 May 2010 - 08:54 AM

Bullet90

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
Sure,
kickasstorents.com
torrentroom.com
and several others. I have those two bookmarked but I have ran into problems randomly surfing. I was thinking it may be a security issue but my friend has a similar problem and he is unable to load google or yahoo. He also experienced an occurrence of the Win 7 Defender Pro but under a different alias. I also noticed a Russian cookie, "something".ru, which in my research I found that this is where the Win 7 Defender program originated from.
Thanks..
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP