I tried to self-diagnose by looking at other people's solutions.
I tried running the Malwarebytes anti-malware, and the problem was not solved.
I've also got Avast, Uniblue SpyEraser, and Spyblaster Search and Destroy.
Yahoo, Google redirect [Solved]
Started by
Peejster
, Jul 02 2010 02:28 PM
-
This topic is locked
#1
Posted 02 July 2010 - 02:28 PM
Peejster
-
- Member
-
- 4 posts
New Member
I tried to self-diagnose by looking at other people's solutions.
I tried running the Malwarebytes anti-malware, and the problem was not solved.
I've also got Avast, Uniblue SpyEraser, and Spyblaster Search and Destroy.
#2
Posted 02 July 2010 - 02:34 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Hi lets have a look see
GMER Rootkit Scanner - Download - Homepage
[*] Download GMER
[*] Extract the contents of the zipped file to desktop.
[*] Double click GMER.exe.
[*] If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
[*] In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
Please copy and paste the report into your Post.
THEN
Download OTL to your Desktop
GMER Rootkit Scanner - Download - Homepage[*] Download GMER
[*] Extract the contents of the zipped file to desktop.
[*] Double click GMER.exe.
[*] If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
[*] In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED ...
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
Click the image to enlarge it
- Then click the Scan button & wait for it to finish.
- Once done click on the [Save..] button, and in the File name area, type in "ark.txt"
- Save the log where you can easily find it, such as your desktop.
Please copy and paste the report into your Post.
THEN
Download OTL to your Desktop
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Select Scan all users
- Under the Custom Scan box paste this in
netsvcs
drivers32 /all
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\system32\*.wt
%systemroot%\system32\*.ruy
%systemroot%\Fonts\*.com
%systemroot%\system32\spool\prtprocs\w32x86\*.tmp
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\user32.dll /md5
%systemroot%\system32\ws2_32.dll /md5
%systemroot%\system32\ws2help.dll /md5
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Post both logs
#3
Posted 05 July 2010 - 02:52 PM
Peejster
- Topic Starter
-
- Member
-
- 4 posts
New Member
Talk about cutting it close...
Sorry about the sudden vacation.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-05 15:26:15
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\OWNERY~1.000\LOCALS~1\Temp\kxpcrpow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xA80516B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xA8051574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xA8051A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xA805114C]
SSDT sptd.sys ZwEnumerateKey [0xF74F2FB2]
SSDT sptd.sys ZwEnumerateValueKey [0xF74F3340]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xA805164E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xA805108C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xA80510F0]
SSDT sptd.sys ZwQueryKey [0xF74F3418]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xA805176E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xA805172E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xA80518AE]
---- Kernel code sections - GMER 1.0.15 ----
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB8F3B000, 0x1C5D38, 0xE8000020]
.text USBPORT.SYS!DllUnload B8E5C8AC 5 Bytes JMP 8AB381C8
.rsrc C:\WINDOWS\System32\DRIVERS\fsvga.sys entry point in ".rsrc" section [0xF7945694]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\System32\svchost.exe[1584] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 006E000A
.text C:\WINDOWS\System32\svchost.exe[1584] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 006F000A
.text C:\WINDOWS\System32\svchost.exe[1584] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 006D000C
.text C:\WINDOWS\System32\svchost.exe[1584] USER32.dll!GetCursorPos 7E42974E 5 Bytes JMP 010A000A
.text C:\WINDOWS\System32\svchost.exe[1584] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 00DD000A
.text C:\WINDOWS\Explorer.EXE[2008] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00B8000A
.text C:\WINDOWS\Explorer.EXE[2008] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00BE000A
.text C:\WINDOWS\Explorer.EXE[2008] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00B7000C
.text C:\Program Files\Mozilla Firefox\firefox.exe[4040] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 011D000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[4040] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 011E000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[4040] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 011C000C
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8AC5E1E8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \FatCdrom 8A9061E8
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\usbuhci \Device\USBPDO-0 8AAF61E8
Device \Driver\usbuhci \Device\USBPDO-1 8AAF61E8
Device \Driver\usbuhci \Device\USBPDO-2 8AAF61E8
Device \Driver\usbuhci \Device\USBPDO-3 8AAF61E8
Device \Driver\usbehci \Device\USBPDO-4 8AAEA1E8
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Ftdisk \Device\HarddiskVolume1 8AC601E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8AC601E8
Device \Driver\Cdrom \Device\CdRom0 8AB6F1E8
Device \Driver\Cdrom \Device\CdRom1 8AB6F1E8
Device \Driver\atapi \Device\Ide\IdePort0 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-10 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-8 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A93D1E8
Device \Driver\NetBT \Device\NetbiosSmb 8A93D1E8
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\usbuhci \Device\USBFDO-0 8AAF61E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E2D8D8E4-215E-41DA-BF09-10A76EFFA5E3} 8A93D1E8
Device \Driver\usbuhci \Device\USBFDO-1 8AAF61E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A8A3790
Device \Driver\usbuhci \Device\USBFDO-2 8AAF61E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A8A3790
Device \Driver\usbuhci \Device\USBFDO-3 8AAF61E8
Device \Driver\usbehci \Device\USBFDO-4 8AAEA1E8
Device \Driver\Ftdisk \Device\FtControl 8AC601E8
Device \FileSystem\Fastfat \Fat 8A9061E8
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Cdfs \Cdfs 8A0211E8
Device -> \Driver\atapi \Device\Harddisk0\DR0 8A9B5EC5
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x9A 0x3B 0xCF 0x5E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x40 0xE9 0x0A 0xE2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE1 0xB3 0x4E 0xEF ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x40 0xE9 0x0A 0xE2 ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE1 0xB3 0x4E 0xEF ...
---- Files - GMER 1.0.15 ----
File C:\WINDOWS\System32\DRIVERS\fsvga.sys suspicious modification
File C:\WINDOWS\system32\drivers\atapi.sys suspicious modification
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 7/3/2010 8:51:30 AM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 1008 2302 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.63 Gb Total Space | 36.09 Gb Free Space | 33.84% Space Free | Partition Type: NTFS
Drive D: | 5.14 Gb Total Space | 0.95 Gb Free Space | 18.51% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-W04GTXLD67
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
PRC - [2010/06/23 14:16:32 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/22 22:07:02 | 000,072,704 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2009/11/12 18:54:39 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2009/07/27 02:50:06 | 003,874,088 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe
PRC - [2009/07/27 02:37:30 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009/03/15 05:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/02/05 16:08:45 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/04/23 03:38:16 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/29 10:13:14 | 001,424,648 | ---- | M] (Uniblue Software) -- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/09/29 13:48:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
PRC - [2006/05/12 13:33:22 | 000,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2004/06/15 22:17:38 | 000,069,705 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\main\atidtct.exe
PRC - [2004/04/16 06:43:58 | 000,196,608 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
PRC - [2004/03/10 21:57:06 | 000,045,056 | ---- | M] () -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
========== Modules (SafeList) ==========
MOD - [2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (WUSB54Gv2SVC)
SRV - File not found [On_Demand | Stopped] -- -- (Tomcat5)
SRV - [2010/01/22 22:07:02 | 000,072,704 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009/08/23 16:50:00 | 003,330,164 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/07/27 02:37:30 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/05/23 13:12:42 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/09/19 17:07:15 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/09/29 13:48:06 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit)
SRV - [2005/08/11 00:17:28 | 000,118,272 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
========== Driver Services (SafeList) ==========
DRV - [2010/06/11 19:05:03 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2009/09/29 23:18:22 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/08/03 10:57:52 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/04/17 17:28:52 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\hwinterface.sys -- (hwinterface)
DRV - [2009/03/15 05:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/02/05 16:08:10 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/02/05 16:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/02/05 16:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/02/05 16:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/02/05 16:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/02/05 16:05:11 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/03/01 16:03:59 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/12/08 18:43:21 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2007/10/03 09:08:51 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007/04/25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/05/12 13:21:22 | 000,401,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/12 13:20:04 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/12 13:20:00 | 000,222,876 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2006/05/12 13:19:04 | 001,342,602 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/12 13:17:18 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/12 13:16:44 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/12 13:13:46 | 000,148,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/12 13:12:48 | 000,044,163 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2005/10/17 19:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/01/04 13:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 23:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/04/23 23:43:00 | 000,374,752 | ---- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WUSBGXP.sys -- (PRISM_A02)
DRV - [2003/12/15 12:28:46 | 000,257,872 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atirwvd.sys -- (ATI Remote Wonder II)
DRV - [2003/12/12 19:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/03 01:51:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/07/30 04:15:00 | 000,126,348 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvcap.sys -- (nvcap) nVidia WDM Video Capture (universal)
DRV - [2003/07/30 04:15:00 | 000,013,006 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvxbar.sys -- (NVXBAR)
DRV - [2003/07/02 13:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2003/06/19 03:59:00 | 000,140,800 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/08/29 14:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2002/07/30 00:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus10.hpwis.com/
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus10.hpwis.com/
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qus10.hpwis.com/
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: bug489729@alice0775:1.3
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.26
FF - prefs.js..extensions.enabledItems: [email protected]:0.12.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}:5.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}:5.0.17
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {3335F91D-2AEF-4097-B831-C96C60349822}:1.4.3
FF - prefs.js..extensions.enabledItems: {792BDDFE-2E7C-42ed-B18D-18154D2761BD}:0.9.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.4
FF - prefs.js..extensions.enabledItems: {89f8dde0-010a-11da-8cd6-0800200c9a66}:1.0.0.20
FF - prefs.js..extensions.enabledItems: {d596c130-b00a-11db-abbd-0800200c9a66}:2.080708
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/23 14:17:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/23 14:17:15 | 000,000,000 | ---D | M]
[2008/10/27 19:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Extensions
[2010/07/03 02:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions
[2010/06/22 04:03:25 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/08/25 08:11:30 | 000,000,000 | ---D | M] (Leet Key) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{3335F91D-2AEF-4097-B831-C96C60349822}
[2009/12/13 22:29:37 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009/06/03 20:50:35 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/10/07 06:53:54 | 000,000,000 | ---D | M] (TabRenamizer) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}
[2010/06/22 04:03:26 | 000,000,000 | ---D | M] (Yahoo! Mail Notifier) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66}
[2010/06/05 13:06:53 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010/06/05 13:06:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/10/27 19:12:40 | 000,000,000 | ---D | M] (Miint) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{d596c130-b00a-11db-abbd-0800200c9a66}
[2009/09/21 16:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\bug489729@alice0775
[2009/11/21 20:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2010/06/05 13:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2009/11/27 18:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2010/07/03 02:06:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/05/18 20:20:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
[2009/01/30 08:13:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}
[2007/08/15 19:05:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2008/12/10 20:21:54 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
[2008/09/10 02:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2006/10/13 15:09:24 | 000,638,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2008/05/12 16:52:59 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint_03050024.dll
O1 HOSTS File: ([2002/08/29 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {12E41032-8FFF-407A-A487-223B4983264F} - No CLSID value found.
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5462b56b-9b60-4f02-bda4-ba3535cc2a79} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {60BF5EE3-0105-4858-AD98-17C19F86B042} - No CLSID value found.
O2 - BHO: (no name) - {633813CE-346A-421A-B1EB-3E84D0722507} - No CLSID value found.
O2 - BHO: (no name) - {A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D} - No CLSID value found.
O2 - BHO: (no name) - {D4282067-EC45-4BAE-BD44-FB50B72BA49B} - No CLSID value found.
O2 - BHO: (no name) - {DCF05233-FF4C-4C89-9506-8C1EE608AA72} - No CLSID value found.
O2 - BHO: (no name) - {FE7A421D-FFA7-453A-9519-3D75F0E8FAF9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {267E332F-1684-4B6F-813E-186EEEE7F247} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found.
O3 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\..\Toolbar\WebBrowser: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found.
O3 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe ()
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [ATI Launchpad] C:\Program Files\ATI Multimedia\main\launchpd.exe (ATI Technologies Inc.)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe (ATI Technologies Inc.)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [NVIEW] C:\WINDOWS\System32\nview.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [Uniblue SpyEraser] C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe (Uniblue Software)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1233364808906 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} http://java.sun.com/...all-131-win.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\khfgeeb: DllName - khfgeeb.dll - File not found
O20 - Winlogon\Notify\mljgf: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\pmkhe: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/10/11 05:16:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 03:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Info.exe -- [2002/09/10 21:54:58 | 000,040,960 | -HS- | M] (XSS)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/06/17 21:08:57 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: uploadmgr - File not found
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co....hors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
Unable to start service SrService!
========== Files/Folders - Created Within 90 Days ==========
[2010/07/02 17:14:25 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
[2010/07/02 16:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brick_invcrest
[2010/07/01 22:32:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\PrivacIE
[2010/06/30 16:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Malwarebytes
[2010/06/30 16:00:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/30 16:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/30 16:00:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/30 16:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/29 23:29:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\yukari_mb
[2010/06/29 23:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\105THchars_M
[2010/06/29 21:05:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\08 - Imperishable Night
[2010/06/29 01:28:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Perfect Cherry Blossom
[2010/06/27 20:49:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\The Embodiment of Scarlet Devil
[2010/06/24 14:39:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\lhsp
[2010/06/22 19:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\StreetStrifer HomeStruck
[2010/06/20 17:49:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Unity
[2010/06/20 16:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\Unity
[2010/06/18 21:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\PFPortChecker
[2010/06/15 02:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ShameimaruCam
[2010/06/14 21:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010/06/14 21:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\WMV9_VCM
[2010/06/14 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\River Past G5
[2010/06/14 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2010/06/14 21:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\River Past
[2010/06/14 21:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\River Past
[2010/06/09 16:09:05 | 000,000,000 | ---D | C] -- C:\Program Files\LEGO Island
[2010/06/08 10:27:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\IETldCache
[2010/06/07 20:13:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/06/06 13:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/06/05 15:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\pxnvisrwt
[2010/06/05 14:27:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/06/05 14:27:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/05/14 18:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Fake Webcam
[2010/05/11 18:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Template
[2010/05/10 06:22:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Mountain of Faith
[2010/05/07 14:42:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\MysticalChain
[2010/04/28 16:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\Temp
[2010/04/26 07:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Game_Maker8
[2010/04/12 06:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\N8
[2010/04/10 16:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\FOnline
[2010/04/08 06:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Torque
[2008/09/03 19:57:42 | 000,131,072 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2008/08/02 17:45:04 | 000,103,424 | ---- | C] ( ) -- C:\WINDOWS\System32\nUI_nat.dll
[35 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/07/03 08:46:56 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/03 08:45:21 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/07/03 08:44:15 | 000,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/07/03 08:43:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/03 08:43:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/03 08:43:37 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/03 08:29:51 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2899075602-3811207098-2694297558-1003UA.job
[2010/07/03 08:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/07/03 08:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/07/03 07:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/07/03 07:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/07/03 06:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/07/03 06:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/07/03 05:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/07/03 05:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/07/03 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/07/03 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/07/03 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/07/03 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/07/03 02:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/07/03 02:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/07/03 02:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/07/03 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/07/03 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/07/03 00:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/07/03 00:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/07/02 23:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/07/02 23:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/07/02 22:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/07/02 22:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/07/02 21:16:01 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2899075602-3811207098-2694297558-1003Core.job
[2010/07/02 21:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/07/02 21:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/07/02 20:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/07/02 20:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/07/02 19:40:21 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/02 19:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/07/02 19:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/07/02 18:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/07/02 18:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
[2010/07/02 17:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/07/02 17:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/07/02 16:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/07/02 16:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/07/02 15:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/07/02 15:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/07/02 14:48:37 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/01 22:15:33 | 020,447,232 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\ntuser.dat
[2010/07/01 22:15:33 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\ntuser.ini
[2010/07/01 16:11:19 | 000,076,484 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2368599.png
[2010/07/01 16:09:44 | 000,147,956 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5155101.png
[2010/07/01 16:09:33 | 000,063,739 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5389529.png
[2010/07/01 16:08:19 | 000,029,753 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\7721616.png
[2010/07/01 16:07:12 | 000,144,009 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\9937788.png
[2010/07/01 04:29:28 | 000,301,790 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\1274097738954.png
[2010/07/01 03:34:40 | 000,004,229 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sanecho.png
[2010/07/01 03:08:40 | 000,109,836 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Tifa__who_did_this_to_you___by_ShadowAshi.jpg
[2010/06/30 16:00:43 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:04:47 | 000,138,702 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Gap.png
[2010/06/28 14:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/06/28 14:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/06/27 17:43:12 | 000,002,768 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\koakuma.png
[2010/06/27 13:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/06/27 13:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/06/27 01:40:18 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\logho.png
[2010/06/26 23:39:33 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Toribash.lnk
[2010/06/26 16:20:22 | 000,045,377 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.gif
[2010/06/26 16:06:55 | 000,006,002 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\almighty peej.png
[2010/06/26 16:01:19 | 000,028,687 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2ynf7l1.gif
[2010/06/26 15:52:40 | 000,011,640 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.png
[2010/06/26 14:27:36 | 000,002,729 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\6019.png
[2010/06/26 12:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/06/26 12:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/06/26 11:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/06/26 11:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/06/26 10:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/06/26 10:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/06/26 09:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/06/26 09:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/06/26 02:24:35 | 000,003,991 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Orin.png
[2010/06/26 02:11:01 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/06/25 23:43:07 | 000,257,227 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\[bleep]s like a tiger.png
[2010/06/25 14:39:03 | 000,002,560 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\bmd.png
[2010/06/25 04:18:55 | 000,002,440 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Google Chrome.lnk
[2010/06/24 18:35:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2010/06/24 14:49:58 | 000,032,606 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\report.wav
[2010/06/24 14:49:44 | 000,049,986 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\girlfriend.wav
[2010/06/24 14:49:10 | 000,038,326 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brother.wav
[2010/06/24 14:48:55 | 000,045,586 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\lostmyemeralds.wav
[2010/06/24 14:48:08 | 000,115,546 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\superbionic.wav
[2010/06/24 14:46:58 | 000,047,126 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\original.wav
[2010/06/24 14:44:27 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Speakonia.lnk
[2010/06/24 14:38:13 | 000,064,084 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor3.png
[2010/06/24 14:34:51 | 000,065,649 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor2.png
[2010/06/24 14:34:42 | 000,146,012 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor1.png
[2010/06/24 14:31:14 | 000,199,717 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sonic_sonicx.png
[2010/06/24 02:56:15 | 000,000,881 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/23 22:07:29 | 000,152,714 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\easy mode.png
[2010/06/23 21:23:54 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/23 10:24:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Windows Update.job
[2010/06/22 19:54:14 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StreetStrifer HomeStruck.lnk
[2010/06/21 19:34:15 | 004,728,162 | -H-- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\IconCache.db
[2010/06/21 19:34:02 | 000,520,415 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ssss.png
[2010/06/18 21:54:44 | 000,000,750 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\PFPortChecker.lnk
[2010/06/14 21:39:03 | 000,162,785 | ---- | M] () -- C:\WINDOWS\Animated GIF Converter and Booster Pack Uninstaller.exe
[2010/06/14 21:28:15 | 000,165,898 | ---- | M] () -- C:\WINDOWS\Video Cleaner Uninstaller.exe
[2010/06/13 22:43:23 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Cheat Engine.lnk
[2010/06/11 19:05:03 | 000,028,256 | ---- | M] (MusicMatch, Inc.) -- C:\WINDOWS\System32\drivers\MxlW2k.sys
[2010/06/08 10:27:11 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/04 14:45:43 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sleep is Death.lnk
[2010/05/26 13:03:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/19 17:18:10 | 000,204,086 | ---- | M] () -- C:\scaledbunny.png
[2010/05/19 17:18:06 | 000,000,052 | ---- | M] () -- C:\Copy of scaler.bat
[2010/05/19 17:11:38 | 000,053,526 | ---- | M] () -- C:\bunny.png
[2010/05/12 05:56:25 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.INI
[2010/04/30 19:28:48 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sonic Robo Blast 2.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/28 06:07:21 | 000,399,144 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/27 17:16:09 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Half-Life 2.lnk
[2010/04/27 17:15:39 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Counter-Strike Source.lnk
[2010/04/27 17:13:12 | 000,001,626 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Garry's Mod.lnk
[2010/04/26 17:26:59 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2010/04/26 17:19:47 | 000,104,000 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010/04/26 07:39:05 | 000,000,842 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Hisoutensoku English.lnk
[2010/04/26 07:33:14 | 000,000,721 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Game Maker.lnk
[2010/04/10 16:44:00 | 000,000,497 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\FOnline 2238 Launcher.lnk
[2010/04/08 06:02:17 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Torque Constructor.lnk
========== Files Created - No Company Name ==========
[2010/07/01 16:11:18 | 000,076,484 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2368599.png
[2010/07/01 16:09:43 | 000,147,956 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5155101.png
[2010/07/01 16:09:32 | 000,063,739 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5389529.png
[2010/07/01 16:08:18 | 000,029,753 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\7721616.png
[2010/07/01 16:07:11 | 000,144,009 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\9937788.png
[2010/07/01 04:29:24 | 000,301,790 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\1274097738954.png
[2010/07/01 03:33:45 | 000,004,229 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sanecho.png
[2010/07/01 03:08:36 | 000,109,836 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Tifa__who_did_this_to_you___by_ShadowAshi.jpg
[2010/06/30 16:00:43 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:04:04 | 000,138,702 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Gap.png
[2010/06/27 17:43:05 | 000,002,768 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\koakuma.png
[2010/06/27 01:40:18 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\logho.png
[2010/06/26 23:39:33 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Toribash.lnk
[2010/06/26 16:20:20 | 000,045,377 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.gif
[2010/06/26 16:06:55 | 000,006,002 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\almighty peej.png
[2010/06/26 16:00:20 | 000,028,687 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2ynf7l1.gif
[2010/06/26 15:52:40 | 000,011,640 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.png
[2010/06/26 14:27:36 | 000,002,729 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\6019.png
[2010/06/26 02:24:34 | 000,003,991 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Orin.png
[2010/06/26 02:11:01 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/06/26 02:11:01 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/06/25 23:43:07 | 000,257,227 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\[bleep]s like a tiger.png
[2010/06/25 14:38:53 | 000,002,560 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\bmd.png
[2010/06/24 14:49:58 | 000,032,606 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\report.wav
[2010/06/24 14:49:44 | 000,049,986 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\girlfriend.wav
[2010/06/24 14:49:09 | 000,038,326 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brother.wav
[2010/06/24 14:48:55 | 000,045,586 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\lostmyemeralds.wav
[2010/06/24 14:48:08 | 000,115,546 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\superbionic.wav
[2010/06/24 14:46:58 | 000,047,126 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\original.wav
[2010/06/24 14:44:27 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Speakonia.lnk
[2010/06/24 14:38:12 | 000,064,084 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor3.png
[2010/06/24 14:34:51 | 000,065,649 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor2.png
[2010/06/24 14:34:17 | 000,146,012 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor1.png
[2010/06/24 14:31:13 | 000,199,717 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sonic_sonicx.png
[2010/06/23 22:07:28 | 000,152,714 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\easy mode.png
[2010/06/22 19:54:13 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StreetStrifer HomeStruck.lnk
[2010/06/21 19:34:02 | 000,520,415 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ssss.png
[2010/06/18 21:54:44 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\PFPortChecker.lnk
[2010/06/14 21:39:01 | 000,162,785 | ---- | C] () -- C:\WINDOWS\Animated GIF Converter and Booster Pack Uninstaller.exe
[2010/06/14 21:28:10 | 000,165,898 | ---- | C] () -- C:\WINDOWS\Video Cleaner Uninstaller.exe
[2010/06/13 22:43:23 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Cheat Engine.lnk
[2010/06/04 14:45:43 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sleep is Death.lnk
[2010/05/19 17:18:09 | 000,204,086 | ---- | C] () -- C:\scaledbunny.png
[2010/05/19 17:11:37 | 000,053,526 | ---- | C] () -- C:\bunny.png
[2010/04/30 19:28:47 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sonic Robo Blast 2.lnk
[2010/04/27 17:16:09 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Half-Life 2.lnk
[2010/04/27 17:15:39 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Counter-Strike Source.lnk
[2010/04/27 17:13:11 | 000,001,626 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Garry's Mod.lnk
[2010/04/26 07:39:05 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Hisoutensoku English.lnk
[2010/04/26 07:33:14 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Game Maker.lnk
[2010/04/10 16:44:00 | 000,000,497 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\FOnline 2238 Launcher.lnk
[2010/04/09 15:27:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/08 06:02:17 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Torque Constructor.lnk
[2010/01/23 15:04:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010/01/02 18:41:32 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mmpro.ini
[2009/09/25 17:20:28 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/05/28 23:13:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009/05/23 22:56:14 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/05/23 22:56:06 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/05/23 22:56:06 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/05/03 16:07:19 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/04/17 17:12:52 | 000,000,175 | ---- | C] () -- C:\WINDOWS\W2W.ini
[2009/04/17 16:13:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2009/01/14 22:46:43 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\VSCWR12.dll
[2008/12/30 23:08:52 | 000,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2008/12/14 17:08:49 | 000,000,016 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2008/11/13 16:43:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/11/13 16:43:28 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004045_.tmp.dll
[2008/11/13 16:43:24 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004013_.tmp.dll
[2008/11/05 20:34:58 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\770DD48848.sys
[2008/11/05 20:34:55 | 000,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/10/03 18:07:10 | 003,754,896 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-6.dll
[2008/09/28 12:33:01 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2008/09/06 12:33:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2008/08/28 06:20:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2008/08/28 06:17:22 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2008/08/28 06:17:20 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\NormalizeDSP.dll
[2008/08/02 00:49:50 | 000,036,972 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008/08/01 23:48:02 | 000,163,840 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLJNI12.dll
[2008/08/01 23:48:02 | 000,163,840 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLJNI.dll
[2008/08/01 23:48:02 | 000,069,632 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGljJNI.dll
[2008/08/01 23:48:02 | 000,065,536 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGljJNI12.dll
[2008/08/01 23:48:02 | 000,057,344 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLUJNI.dll
[2008/08/01 23:48:02 | 000,053,248 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLUJNI12.dll
[2008/08/01 23:48:02 | 000,036,864 | ---- | C] () -- C:\WINDOWS\GL4JavaGljMSJDirect.dll
[2008/07/23 11:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/23 11:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/07/23 11:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/07/23 11:46:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/07/21 21:53:43 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2008/06/19 14:48:13 | 000,473,600 | ---- | C] () -- C:\WINDOWS\System32\Harmony.dll
[2008/06/19 14:48:13 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\Unlha32.dll
[2008/05/29 22:45:40 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\NemuAudio08.ini
[2008/05/23 13:50:08 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/03/28 18:36:46 | 000,001,667 | ---- | C] () -- C:\WINDOWS\savegam.ini
[2008/02/25 20:14:11 | 000,000,126 | ---- | C] () -- C:\WINDOWS\64DISASM.INI
[2008/02/20 20:58:39 | 000,000,065 | ---- | C] () -- C:\WINDOWS\NARBACULARDROP.INI
[2008/01/23 19:14:30 | 001,117,442 | -HS- | C] () -- C:\WINDOWS\System32\uwoblquj.ini
[2008/01/21 11:51:03 | 001,079,292 | -HS- | C] () -- C:\WINDOWS\System32\awuscxqk.ini
[2008/01/17 01:17:09 | 001,079,652 | -HS- | C] () -- C:\WINDOWS\System32\wxphtypx.ini
[2008/01/16 20:04:16 | 001,066,126 | -HS- | C] () -- C:\WINDOWS\System32\tlbkpyeh.ini
[2008/01/16 19:58:10 | 000,335,017 | -HS- | C] () -- C:\WINDOWS\System32\rtutv.ini
[2008/01/14 20:55:19 | 001,066,006 | -HS- | C] () -- C:\WINDOWS\System32\rpnwcunk.ini
[2008/01/13 19:20:36 | 000,230,342 | -HS- | C] () -- C:\WINDOWS\System32\rtutv.ini2
[2008/01/11 18:50:01 | 001,053,015 | -HS- | C] () -- C:\WINDOWS\System32\oxyxibwg.ini
[2008/01/09 21:25:14 | 001,048,985 | -HS- | C] () -- C:\WINDOWS\System32\unliunyq.ini
[2008/01/06 14:19:26 | 001,049,041 | -HS- | C] () -- C:\WINDOWS\System32\oaihyhvq.ini
[2008/01/05 14:50:04 | 001,044,100 | -HS- | C] () -- C:\WINDOWS\System32\jlinbjre.ini
[2008/01/03 21:30:55 | 001,044,040 | -HS- | C] () -- C:\WINDOWS\System32\pyrufaho.ini
[2007/12/08 18:43:14 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007/12/08 18:43:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2007/12/08 18:43:04 | 000,001,512 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2007/12/05 20:33:00 | 000,000,200 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/11 21:19:03 | 000,000,009 | ---- | C] () -- C:\WINDOWS\NS3Tails.INI
[2007/11/11 21:17:12 | 000,000,009 | ---- | C] () -- C:\WINDOWS\NS3Amy.INI
[2007/11/11 21:14:39 | 000,000,008 | ---- | C] () -- C:\WINDOWS\NS3Sonic.INI
[2007/11/11 21:05:37 | 000,000,010 | ---- | C] () -- C:\WINDOWS\NS3Knux.INI
[2007/11/05 08:52:30 | 000,000,398 | ---- | C] () -- C:\WINDOWS\AudioConverter.INI
[2007/10/03 09:08:46 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/08/23 17:25:21 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/08/09 18:33:56 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/09 18:33:53 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/07/31 18:14:13 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus4.INI
[2007/07/31 18:07:39 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus3.INI
[2007/07/31 17:51:36 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus2.INI
[2007/07/23 14:57:03 | 001,208,100 | -HS- | C] () -- C:\WINDOWS\System32\nxklgwdc.ini
[2007/07/23 02:55:01 | 001,803,099 | -HS- | C] () -- C:\WINDOWS\System32\ihhkj.ini
[2007/07/20 16:28:59 | 000,057,792 | -HS- | C] () -- C:\WINDOWS\System32\ehkmp.ini
[2007/07/20 15:20:17 | 000,006,488 | -HS- | C] () -- C:\WINDOWS\System32\hhkmp.ini
[2007/07/19 20:41:57 | 000,000,014 | ---- | C] () -- C:\WINDOWS\NSGSSave.INI
[2007/07/19 20:39:16 | 000,001,857 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2007/07/19 20:23:58 | 000,000,031 | ---- | C] () -- C:\WINDOWS\NSGSLampPost.INI
[2007/07/19 20:11:11 | 000,000,015 | ---- | C] () -- C:\WINDOWS\zzzzNSGS2ZONES.INI
[2007/07/19 19:58:16 | 000,000,035 | ---- | C] () -- C:\WINDOWS\NSGS2LampPost.INI
[2007/07/19 19:06:16 | 000,000,145 | ---- | C] () -- C:\WINDOWS\chaobatt.ini
[2007/07/19 18:57:52 | 000,000,043 | ---- | C] () -- C:\WINDOWS\su3.ini
[2007/07/17 19:42:41 | 001,191,632 | -HS- | C] () -- C:\WINDOWS\System32\pryskyka.ini
[2007/07/16 19:42:36 | 001,191,527 | -HS- | C] () -- C:\WINDOWS\System32\gmobtisi.ini
[2007/07/16 02:50:14 | 001,817,185 | -HS- | C] () -- C:\WINDOWS\System32\ybadd.ini2
[2007/07/15 19:41:09 | 001,191,467 | -HS- | C] () -- C:\WINDOWS\System32\bofcjjqf.ini
[2007/07/11 21:42:45 | 001,102,641 | -HS- | C] () -- C:\WINDOWS\System32\mycojaxy.ini
[2007/07/11 18:46:52 | 000,000,056 | ---- | C] () -- C:\WINDOWS\kgt2k.INI
[2007/07/03 02:27:44 | 000,167,133 | ---- | C] () -- C:\WINDOWS\libgimp-2.0-0.dll
[2007/06/24 20:47:29 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/06/17 22:51:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/06/04 12:26:25 | 000,004,317 | ---- | C] () -- C:\WINDOWS\cs_cache.ini
[2007/04/12 18:23:52 | 000,000,161 | ---- | C] () -- C:\WINDOWS\option.ini
[2007/03/07 19:24:52 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2007/02/26 08:53:37 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/01/30 20:31:46 | 000,002,372 | ---- | C] () -- C:\WINDOWS\EaseAudioConverter.ini
[2007/01/27 10:10:00 | 000,000,656 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2007/01/06 03:11:25 | 000,000,050 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2006/12/27 18:45:40 | 000,000,009 | ---- | C] () -- C:\WINDOWS\qte3.INI
[2006/12/27 18:40:49 | 000,000,010 | ---- | C] () -- C:\WINDOWS\qte3_cd.ini
[2006/12/27 13:06:53 | 000,001,452 | ---- | C] () -- C:\WINDOWS\stasavegame.INI
[2006/12/02 22:21:08 | 000,000,023 | ---- | C] () -- C:\WINDOWS\clofghls.dll
[2006/12/02 22:19:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2006/11/18 00:39:30 | 000,000,421 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2006/11/11 21:11:21 | 000,000,209 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/11/06 15:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/09/18 23:22:32 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\LPubRay.dll
[2006/09/09 10:28:52 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll
[2006/05/12 13:23:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/04/14 11:37:26 | 000,000,031 | ---- | C] () -- C:\WINDOWS\aceg.ini
[2005/08/30 01:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005/08/30 01:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005/08/30 01:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2005/05/08 05:19:28 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
[2005/01/15 18:55:09 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2004/09/17 17:37:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/01/28 11:42:06 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003/10/14 08:52:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/10/14 08:51:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/10/14 08:35:01 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/10/11 07:51:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/10/11 07:50:32 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2003/10/11 07:50:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/10/11 07:45:41 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/10/11 07:40:57 | 000,029,222 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2003/10/11 07:40:38 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/10/11 07:40:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/10/11 07:29:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/10/11 07:16:42 | 000,000,889 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/10/11 06:15:11 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/10/11 06:07:05 | 000,126,348 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvcap.sys
[2003/10/11 05:39:21 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/10/11 05:39:21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/10/11 05:39:04 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/10/11 05:19:00 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/10/11 05:06:45 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/10/11 02:10:46 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/10/11 02:10:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/06 02:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2002/05/15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2008/08/28 18:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AGS Demo Game
[2010/01/22 21:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2007/12/08 00:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG7
[2007/04/23 20:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ErrorProtector Free
[2006/11/11 21:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/01/10 16:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IJJIGame
[2007/08/23 17:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006/11/16 17:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QubeSoft
[2010/06/14 21:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2008/10/04 17:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/03/18 17:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steinberg
[2010/06/14 16:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/10/21 19:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2007/12/08 00:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/04/25 17:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uniblue
[2007/01/23 17:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/02/27 13:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtuallTek
[2006/11/18 12:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/01/04 02:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoGen
[2006/12/21 14:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{0727B42B-1697-465F-8CDC-53A1EA7110EB}
[2009/05/20 10:23:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{17A03471-20EB-4604-8E72-66EF7398750D}
[2007/05/02 09:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\AVG7
[2006/11/11 20:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\BitTorrent
[2003/10/14 08:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\interMute
[2004/11/13 18:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Leadertech
[2003/10/11 08:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2006/01/08 07:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TuneUp Software
[2005/12/05 13:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Viewpoint
[2006/11/11 21:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVG7
[2010/06/21 02:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TeamViewer
[2007/01/23 17:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Viewpoint
[2009/08/01 18:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Anvil Studio
[2007/05/02 09:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\AVG7
[2008/01/27 03:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\bang
[2009/06/19 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\BitTorrent
[2008/04/29 21:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Clickteam
[2008/05/08 15:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Datel
[2010/07/03 08:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\DNA
[2008/12/30 23:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Eltima Software
[2007/08/23 17:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Eyeblaster
[2009/10/07 19:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\GameHouse
[2007/07/30 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\gtk-2.0
[2009/01/10 16:36:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ijjigame
[2008/01/21 16:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\interMute
[2004/11/13 18:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Leadertech
[2007/09/12 20:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\LEGO Company
[2009/05/30 03:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\MilkShape 3D 1.x.x
[2010/01/18 18:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Music Recognition
[2007/12/12 19:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Nexon
[2009/06/17 14:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Notepad++
[2008/07/01 19:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\OpenArena
[2008/01/16 20:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\PE Explorer
[2008/10/04 17:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Publish Providers
[2010/06/14 21:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\River Past G5
[2008/08/29 22:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ROBLOX
[2003/10/11 08:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\SampleView
[2010/03/14 23:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ShanghaiAlice
[2008/12/13 22:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Sony
[2010/03/18 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Steinberg
[2009/07/17 16:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\SystemRequirementsLab
[2009/12/22 21:19:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\TeamViewer
[2010/05/11 18:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Template
[2006/01/08 07:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\TuneUp Software
[2008/04/25 18:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Uniblue
[2010/06/20 17:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Unity
[2009/11/24 22:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\VBA-M
[2008/05/12 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Viewpoint
[2010/03/18 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\VST3 Presets
[2009/02/04 21:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\X10 Commander
[2010/07/03 02:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010/07/03 00:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2010/06/26 09:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2010/06/26 10:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2010/06/26 11:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2010/06/26 12:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010/06/27 13:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010/06/28 14:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010/07/02 15:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010/07/02 16:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010/07/02 17:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2010/07/02 18:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2010/07/03 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010/07/02 19:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2010/07/02 20:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2010/07/02 21:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2010/07/02 22:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2010/07/02 23:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2010/07/03 00:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2010/07/03 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2010/07/03 02:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2010/07/03 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2010/07/03 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2010/07/03 02:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2010/07/03 05:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2010/07/03 06:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2010/07/03 07:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2010/07/03 08:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2010/06/26 09:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2010/06/26 10:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2010/06/26 11:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2010/06/26 12:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2010/06/27 13:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2010/06/28 14:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2010/07/03 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010/07/02 15:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2010/07/02 16:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2010/07/02 17:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2010/07/02 18:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2010/07/02 19:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2010/07/02 20:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2010/07/02 21:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2010/07/02 22:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2010/07/02 23:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2010/07/03 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2010/07/03 05:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2010/07/03 06:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2010/07/03 07:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2010/07/03 08:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2010/07/03 08:46:56 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/06/24 18:35:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2008/04/25 18:35:08 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
[2008/04/25 17:04:05 | 000,000,338 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpyEraser.job
[2010/06/23 10:24:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Windows Update.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/17 16:20:47 | 000,000,000 | ---- | M] () -- C:\(null)
[2007/08/20 16:27:19 | 000,000,104 | ---- | M] () -- C:\.lnk
[2006/03/16 21:56:06 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009/01/24 20:09:26 | 000,192,039 | ---- | M] () -- C:\0000.jpeg
[2009/10/31 12:46:14 | 000,236,301 | ---- | M] () -- C:\12631.png
[2009/11/24 20:48:06 | 000,261,176 | ---- | M] () -- C:\45049606-128ba74f9272884f8ebfd48bd6787471.4b0c8cc7-full.png
[2009/11/25 21:56:14 | 000,023,054 | ---- | M] () -- C:\600px-TemplateMen.jpg
[2009/11/03 11:33:25 | 000,016,872 | ---- | M] () -- C:\8f6n5766tu.htm
[2009/11/28 12:39:50 | 000,042,810 | ---- | M] () -- C:\ALERT.WAV
[2009/11/28 12:41:48 | 000,046,469 | ---- | M] () -- C:\AUGH.WAV
[2003/10/11 05:16:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/11/11 21:33:43 | 012,286,415 | ---- | M] () -- C:\AVG7QT.DAT
[2009/07/20 00:28:03 | 000,435,185 | ---- | M] () -- C:\blaze.png
[2007/06/17 21:59:18 | 000,000,196 | RHS- | M] () -- C:\BOOT.BAK
[2007/07/04 14:54:38 | 000,000,283 | RHS- | M] () -- C:\boot.ini
[2009/11/28 12:39:22 | 000,017,476 | ---- | M] () -- C:\BREAK.WAV
[2010/05/19 17:11:38 | 000,053,526 | ---- | M] () -- C:\bunny.png
[2002/08/29 14:00:00 | 000,245,920 | RHS- | M] () -- C:\cmldr
[2003/10/11 05:16:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/05/19 17:18:06 | 000,000,052 | ---- | M] () -- C:\Copy of scaler.bat
[2009/10/23 21:35:35 | 000,000,963 | ---- | M] () -- C:\cream.png
[2009/10/31 08:48:16 | 002,471,349 | ---- | M] () -- C:\CWCTouhou.png
[2010/04/12 16:41:26 | 000,078,423 | ---- | M] () -- C:\debugfile.txt
[2007/11/29 12:49:19 | 000,000,158 | ---- | M] () -- C:\Delapp.bat
[2009/11/25 22:27:11 | 000,115,629 | ---- | M] () -- C:\gentlechen.png
[2009/12/19 09:57:11 | 000,175,587 | ---- | M] () -- C:\GentleMentleMen.mp3
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/07/03 08:43:37 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2003/10/11 05:16:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/03/28 19:45:34 | 000,224,771 | ---- | M] (LibPng) -- C:\libpng.dll
[2003/10/11 05:16:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2007/07/04 14:47:13 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/01/07 20:39:07 | 000,250,048 | ---- | M] () -- C:\ntldr
[2009/11/28 12:36:17 | 000,030,072 | ---- | M] () -- C:\OBJECTION.WAV
[2010/07/03 08:43:34 | 1056,964,608 | -HS- | M] () -- C:\pagefile.sys
[2009/11/01 11:14:40 | 000,114,302 | ---- | M] () -- C:\pl07_bs.png
[2009/12/18 13:52:09 | 001,343,926 | ---- | M] () -- C:\popstar.mp3
[2009/04/17 16:55:56 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\psapi.dll
[2009/11/28 12:37:30 | 000,039,645 | ---- | M] () -- C:\PUNCH.WAV
[2007/04/04 16:34:25 | 000,000,012 | -H-- | M] () -- C:\reachd.cz
[2009/01/31 22:11:03 | 000,287,173 | ---- | M] () -- C:\resized2.PNG
[2009/12/27 20:00:12 | 000,651,941 | ---- | M] () -- C:\Satori Maiden 3rd Eye.ogg
[2010/05/19 17:18:10 | 000,204,086 | ---- | M] () -- C:\scaledbunny.png
[2009/11/30 21:45:50 | 000,000,053 | ---- | M] () -- C:\scaler.bat
[2005/03/28 19:45:32 | 000,023,040 | ---- | M] () -- C:\scalerx.exe
[2005/03/28 19:45:32 | 000,038,400 | ---- | M] () -- C:\scalex.exe
[2009/12/06 00:25:13 | 000,008,012 | ---- | M] () -- C:\thmon15e1-19(3)(4).clt
[2009/12/05 23:59:18 | 000,005,908 | ---- | M] () -- C:\thmon15e1-19(3)(4).png
[2009/12/05 14:25:39 | 000,006,953 | ---- | M] () -- C:\thmon15e1-19(3)(4)1.png
[2010/06/12 21:49:28 | 000,124,416 | -HS- | M] () -- C:\Thumbs.db
[2010/04/03 20:47:05 | 000,008,012 | ---- | M] () -- C:\Touhoumon.clt
[2010/04/03 19:13:09 | 000,005,058 | ---- | M] () -- C:\Touhoumon.png
[2010/04/03 19:22:02 | 000,005,016 | ---- | M] () -- C:\TouhoumonAChen.png
[2010/04/03 19:25:25 | 000,005,690 | ---- | M] () -- C:\TouhoumonAcir.png
[2010/04/03 19:21:52 | 000,005,062 | ---- | M] () -- C:\TouhoumonAEirin.png
[2010/04/03 19:24:06 | 000,005,412 | ---- | M] () -- C:\TouhoumonALet.png
[2010/04/03 19:24:21 | 000,005,719 | ---- | M] () -- C:\TouhoumonAMar.png
[2010/04/03 19:23:50 | 000,005,389 | ---- | M] () -- C:\TouhoumonAMei.png
[2010/04/03 19:24:15 | 000,005,570 | ---- | M] () -- C:\TouhoumonAMok.png
[2010/04/03 19:23:58 | 000,005,759 | ---- | M] () -- C:\TouhoumonAMys.png
[2010/04/03 19:22:09 | 000,004,584 | ---- | M] () -- C:\TouhoumonARan.png
[2010/04/03 19:23:45 | 000,005,156 | ---- | M] () -- C:\TouhoumonARei.png
[2010/04/03 19:20:51 | 000,005,929 | ---- | M] () -- C:\TouhoumonAYuyu.png
[2010/04/03 19:20:27 | 000,004,958 | ---- | M] () -- C:\TouhoumonCAcir.png
[2010/04/03 19:21:11 | 000,004,726 | ---- | M] () -- C:\TouhoumonChatate.png
[2010/04/03 19:23:35 | 000,006,289 | ---- | M] () -- C:\TouhoumonEAcir.png
[2010/04/03 19:21:18 | 000,005,031 | ---- | M] () -- C:\TouhoumonHatate.png
[2009/11/24 20:13:44 | 000,072,150 | ---- | M] () -- C:\Vampiretoilet.gif
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2008/03/21 16:59:19 | 000,813,458 | ---- | M] () -- C:\YTP_Intro_5.avi
[2005/03/28 19:45:34 | 000,063,827 | ---- | M] (Zlib) -- C:\zlib.dll
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[35 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2003/10/10 22:09:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003/10/10 22:09:02 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003/10/10 22:09:02 | 000,385,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 19:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 19:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2008/04/13 19:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-06-04 18:02:16
========== Files - Unicode (All) ==========
[2007/06/12 10:05:10 | 000,000,000 | ---D | M](C:\WINDOWS\?icrosoft.NET) -- C:\WINDOWS\Μicrosoft.NET
[2007/06/12 06:23:58 | 000,000,000 | ---D | M](C:\WINDOWS\?icrosoft.NET\?icrosoft.NET) -- C:\WINDOWS\Μicrosoft.NET\Μicrosoft.NET
[2007/06/12 06:23:54 | 000,000,000 | ---D | M](C:\Program Files\Common Files\M?crosoft) -- C:\Program Files\Common Files\Mіcrosoft
[2007/06/04 12:24:22 | 000,000,000 | ---D | C](C:\WINDOWS\?icrosoft.NET) -- C:\WINDOWS\Μicrosoft.NET
[2007/05/08 21:48:59 | 000,000,000 | ---D | M](C:\Program Files\F?nts) -- C:\Program Files\Fоnts
[2007/05/04 02:01:47 | 000,000,000 | ---D | M](C:\Program Files\F?nts\S?mantec) -- C:\Program Files\Fоnts\Sуmantec
(C:\Program Files\F?nts) -- C:\Program Files\Fоnts
(C:\Program Files\Common Files\M?crosoft) -- C:\Program Files\Common Files\Mіcrosoft
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 346 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:408F95E5
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
Give me a moment to put up the OTL logs.
Sorry about the sudden vacation.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-05 15:26:15
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\OWNERY~1.000\LOCALS~1\Temp\kxpcrpow.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xA80516B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xA8051574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xA8051A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xA805114C]
SSDT sptd.sys ZwEnumerateKey [0xF74F2FB2]
SSDT sptd.sys ZwEnumerateValueKey [0xF74F3340]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xA805164E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xA805108C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xA80510F0]
SSDT sptd.sys ZwQueryKey [0xF74F3418]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xA805176E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xA805172E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xA80518AE]
---- Kernel code sections - GMER 1.0.15 ----
? C:\WINDOWS\system32\drivers\sptd.sys The process cannot access the file because it is being used by another process.
.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB8F3B000, 0x1C5D38, 0xE8000020]
.text USBPORT.SYS!DllUnload B8E5C8AC 5 Bytes JMP 8AB381C8
.rsrc C:\WINDOWS\System32\DRIVERS\fsvga.sys entry point in ".rsrc" section [0xF7945694]
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\System32\svchost.exe[1584] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 006E000A
.text C:\WINDOWS\System32\svchost.exe[1584] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 006F000A
.text C:\WINDOWS\System32\svchost.exe[1584] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 006D000C
.text C:\WINDOWS\System32\svchost.exe[1584] USER32.dll!GetCursorPos 7E42974E 5 Bytes JMP 010A000A
.text C:\WINDOWS\System32\svchost.exe[1584] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 00DD000A
.text C:\WINDOWS\Explorer.EXE[2008] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00B8000A
.text C:\WINDOWS\Explorer.EXE[2008] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00BE000A
.text C:\WINDOWS\Explorer.EXE[2008] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00B7000C
.text C:\Program Files\Mozilla Firefox\firefox.exe[4040] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 011D000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[4040] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 011E000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[4040] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 011C000C
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8AC5E1E8
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \FatCdrom 8A9061E8
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\usbuhci \Device\USBPDO-0 8AAF61E8
Device \Driver\usbuhci \Device\USBPDO-1 8AAF61E8
Device \Driver\usbuhci \Device\USBPDO-2 8AAF61E8
Device \Driver\usbuhci \Device\USBPDO-3 8AAF61E8
Device \Driver\usbehci \Device\USBPDO-4 8AAEA1E8
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\Ftdisk \Device\HarddiskVolume1 8AC601E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8AC601E8
Device \Driver\Cdrom \Device\CdRom0 8AB6F1E8
Device \Driver\Cdrom \Device\CdRom1 8AB6F1E8
Device \Driver\atapi \Device\Ide\IdePort0 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP3T1L0-10 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-8 [F7859B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A93D1E8
Device \Driver\NetBT \Device\NetbiosSmb 8A93D1E8
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \Driver\usbuhci \Device\USBFDO-0 8AAF61E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E2D8D8E4-215E-41DA-BF09-10A76EFFA5E3} 8A93D1E8
Device \Driver\usbuhci \Device\USBFDO-1 8AAF61E8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A8A3790
Device \Driver\usbuhci \Device\USBFDO-2 8AAF61E8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A8A3790
Device \Driver\usbuhci \Device\USBFDO-3 8AAF61E8
Device \Driver\usbehci \Device\USBFDO-4 8AAEA1E8
Device \Driver\Ftdisk \Device\FtControl 8AC601E8
Device \FileSystem\Fastfat \Fat 8A9061E8
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Cdfs \Cdfs 8A0211E8
Device -> \Driver\atapi \Device\Harddisk0\DR0 8A9B5EC5
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x9A 0x3B 0xCF 0x5E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x40 0xE9 0x0A 0xE2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE1 0xB3 0x4E 0xEF ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x40 0xE9 0x0A 0xE2 ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xE1 0xB3 0x4E 0xEF ...
---- Files - GMER 1.0.15 ----
File C:\WINDOWS\System32\DRIVERS\fsvga.sys suspicious modification
File C:\WINDOWS\system32\drivers\atapi.sys suspicious modification
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 7/3/2010 8:51:30 AM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 1008 2302 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.63 Gb Total Space | 36.09 Gb Free Space | 33.84% Space Free | Partition Type: NTFS
Drive D: | 5.14 Gb Total Space | 0.95 Gb Free Space | 18.51% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-W04GTXLD67
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
PRC - [2010/06/23 14:16:32 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/22 22:07:02 | 000,072,704 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2009/11/12 18:54:39 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2009/07/27 02:50:06 | 003,874,088 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe
PRC - [2009/07/27 02:37:30 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009/03/15 05:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/02/05 16:08:45 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/04/23 03:38:16 | 000,029,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/29 10:13:14 | 001,424,648 | ---- | M] (Uniblue Software) -- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/09/29 13:48:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
PRC - [2006/05/12 13:33:22 | 000,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2004/06/15 22:17:38 | 000,069,705 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\main\atidtct.exe
PRC - [2004/04/16 06:43:58 | 000,196,608 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
PRC - [2004/03/10 21:57:06 | 000,045,056 | ---- | M] () -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
========== Modules (SafeList) ==========
MOD - [2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (WUSB54Gv2SVC)
SRV - File not found [On_Demand | Stopped] -- -- (Tomcat5)
SRV - [2010/01/22 22:07:02 | 000,072,704 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009/08/23 16:50:00 | 003,330,164 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/07/27 02:37:30 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/05/23 13:12:42 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/09/19 17:07:15 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/09/29 13:48:06 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit)
SRV - [2005/08/11 00:17:28 | 000,118,272 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
========== Driver Services (SafeList) ==========
DRV - [2010/06/11 19:05:03 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2009/09/29 23:18:22 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/08/03 10:57:52 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/04/17 17:28:52 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\hwinterface.sys -- (hwinterface)
DRV - [2009/03/15 05:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/02/05 16:08:10 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/02/05 16:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/02/05 16:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/02/05 16:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/02/05 16:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/02/05 16:05:11 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/03/01 16:03:59 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/12/08 18:43:21 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2007/10/03 09:08:51 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007/04/25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/05/12 13:21:22 | 000,401,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/12 13:20:04 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/12 13:20:00 | 000,222,876 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2006/05/12 13:19:04 | 001,342,602 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/12 13:17:18 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/12 13:16:44 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/12 13:13:46 | 000,148,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/12 13:12:48 | 000,044,163 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2005/10/17 19:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/01/04 13:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 23:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/04/23 23:43:00 | 000,374,752 | ---- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WUSBGXP.sys -- (PRISM_A02)
DRV - [2003/12/15 12:28:46 | 000,257,872 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atirwvd.sys -- (ATI Remote Wonder II)
DRV - [2003/12/12 19:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/03 01:51:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/07/30 04:15:00 | 000,126,348 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvcap.sys -- (nvcap) nVidia WDM Video Capture (universal)
DRV - [2003/07/30 04:15:00 | 000,013,006 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvxbar.sys -- (NVXBAR)
DRV - [2003/07/02 13:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2003/06/19 03:59:00 | 000,140,800 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/08/29 14:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2002/07/30 00:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus10.hpwis.com/
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus10.hpwis.com/
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qus10.hpwis.com/
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: bug489729@alice0775:1.3
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.26
FF - prefs.js..extensions.enabledItems: [email protected]:0.12.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}:5.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}:5.0.17
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {3335F91D-2AEF-4097-B831-C96C60349822}:1.4.3
FF - prefs.js..extensions.enabledItems: {792BDDFE-2E7C-42ed-B18D-18154D2761BD}:0.9.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.4
FF - prefs.js..extensions.enabledItems: {89f8dde0-010a-11da-8cd6-0800200c9a66}:1.0.0.20
FF - prefs.js..extensions.enabledItems: {d596c130-b00a-11db-abbd-0800200c9a66}:2.080708
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/23 14:17:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/23 14:17:15 | 000,000,000 | ---D | M]
[2008/10/27 19:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Extensions
[2010/07/03 02:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions
[2010/06/22 04:03:25 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/08/25 08:11:30 | 000,000,000 | ---D | M] (Leet Key) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{3335F91D-2AEF-4097-B831-C96C60349822}
[2009/12/13 22:29:37 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009/06/03 20:50:35 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/10/07 06:53:54 | 000,000,000 | ---D | M] (TabRenamizer) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}
[2010/06/22 04:03:26 | 000,000,000 | ---D | M] (Yahoo! Mail Notifier) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66}
[2010/06/05 13:06:53 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010/06/05 13:06:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/10/27 19:12:40 | 000,000,000 | ---D | M] (Miint) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{d596c130-b00a-11db-abbd-0800200c9a66}
[2009/09/21 16:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\bug489729@alice0775
[2009/11/21 20:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2010/06/05 13:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2009/11/27 18:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2010/07/03 02:06:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/05/18 20:20:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
[2009/01/30 08:13:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}
[2007/08/15 19:05:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2008/12/10 20:21:54 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
[2008/09/10 02:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2006/10/13 15:09:24 | 000,638,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2008/05/12 16:52:59 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint_03050024.dll
O1 HOSTS File: ([2002/08/29 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {12E41032-8FFF-407A-A487-223B4983264F} - No CLSID value found.
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5462b56b-9b60-4f02-bda4-ba3535cc2a79} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {60BF5EE3-0105-4858-AD98-17C19F86B042} - No CLSID value found.
O2 - BHO: (no name) - {633813CE-346A-421A-B1EB-3E84D0722507} - No CLSID value found.
O2 - BHO: (no name) - {A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D} - No CLSID value found.
O2 - BHO: (no name) - {D4282067-EC45-4BAE-BD44-FB50B72BA49B} - No CLSID value found.
O2 - BHO: (no name) - {DCF05233-FF4C-4C89-9506-8C1EE608AA72} - No CLSID value found.
O2 - BHO: (no name) - {FE7A421D-FFA7-453A-9519-3D75F0E8FAF9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {267E332F-1684-4B6F-813E-186EEEE7F247} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found.
O3 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\..\Toolbar\WebBrowser: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found.
O3 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe ()
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [ATI Launchpad] C:\Program Files\ATI Multimedia\main\launchpd.exe (ATI Technologies Inc.)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe (ATI Technologies Inc.)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [NVIEW] C:\WINDOWS\System32\nview.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [Uniblue SpyEraser] C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe (Uniblue Software)
O4 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1233364808906 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} http://java.sun.com/...all-131-win.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\khfgeeb: DllName - khfgeeb.dll - File not found
O20 - Winlogon\Notify\mljgf: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\pmkhe: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/10/11 05:16:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 03:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Info.exe -- [2002/09/10 21:54:58 | 000,040,960 | -HS- | M] (XSS)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/06/17 21:08:57 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: uploadmgr - File not found
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co....hors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)
Unable to start service SrService!
========== Files/Folders - Created Within 90 Days ==========
[2010/07/02 17:14:25 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
[2010/07/02 16:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brick_invcrest
[2010/07/01 22:32:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\PrivacIE
[2010/06/30 16:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Malwarebytes
[2010/06/30 16:00:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/30 16:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/30 16:00:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/30 16:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/29 23:29:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\yukari_mb
[2010/06/29 23:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\105THchars_M
[2010/06/29 21:05:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\08 - Imperishable Night
[2010/06/29 01:28:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Perfect Cherry Blossom
[2010/06/27 20:49:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\The Embodiment of Scarlet Devil
[2010/06/24 14:39:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\lhsp
[2010/06/22 19:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\StreetStrifer HomeStruck
[2010/06/20 17:49:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Unity
[2010/06/20 16:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\Unity
[2010/06/18 21:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\PFPortChecker
[2010/06/15 02:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ShameimaruCam
[2010/06/14 21:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010/06/14 21:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\WMV9_VCM
[2010/06/14 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\River Past G5
[2010/06/14 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2010/06/14 21:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\River Past
[2010/06/14 21:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\River Past
[2010/06/09 16:09:05 | 000,000,000 | ---D | C] -- C:\Program Files\LEGO Island
[2010/06/08 10:27:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\IETldCache
[2010/06/07 20:13:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/06/06 13:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/06/05 15:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\pxnvisrwt
[2010/06/05 14:27:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/06/05 14:27:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/05/14 18:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Fake Webcam
[2010/05/11 18:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Template
[2010/05/10 06:22:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Mountain of Faith
[2010/05/07 14:42:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\MysticalChain
[2010/04/28 16:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\Temp
[2010/04/26 07:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Game_Maker8
[2010/04/12 06:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\N8
[2010/04/10 16:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\FOnline
[2010/04/08 06:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Torque
[2008/09/03 19:57:42 | 000,131,072 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2008/08/02 17:45:04 | 000,103,424 | ---- | C] ( ) -- C:\WINDOWS\System32\nUI_nat.dll
[35 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/07/03 08:46:56 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/03 08:45:21 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/07/03 08:44:15 | 000,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/07/03 08:43:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/03 08:43:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/03 08:43:37 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/03 08:29:51 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2899075602-3811207098-2694297558-1003UA.job
[2010/07/03 08:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/07/03 08:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/07/03 07:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/07/03 07:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/07/03 06:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/07/03 06:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/07/03 05:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/07/03 05:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/07/03 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/07/03 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/07/03 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/07/03 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/07/03 02:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/07/03 02:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/07/03 02:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/07/03 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/07/03 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/07/03 00:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/07/03 00:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/07/02 23:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/07/02 23:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/07/02 22:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/07/02 22:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/07/02 21:16:01 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2899075602-3811207098-2694297558-1003Core.job
[2010/07/02 21:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/07/02 21:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/07/02 20:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/07/02 20:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/07/02 19:40:21 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/02 19:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/07/02 19:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/07/02 18:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/07/02 18:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
[2010/07/02 17:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/07/02 17:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/07/02 16:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/07/02 16:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/07/02 15:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/07/02 15:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/07/02 14:48:37 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/01 22:15:33 | 020,447,232 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\ntuser.dat
[2010/07/01 22:15:33 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\ntuser.ini
[2010/07/01 16:11:19 | 000,076,484 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2368599.png
[2010/07/01 16:09:44 | 000,147,956 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5155101.png
[2010/07/01 16:09:33 | 000,063,739 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5389529.png
[2010/07/01 16:08:19 | 000,029,753 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\7721616.png
[2010/07/01 16:07:12 | 000,144,009 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\9937788.png
[2010/07/01 04:29:28 | 000,301,790 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\1274097738954.png
[2010/07/01 03:34:40 | 000,004,229 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sanecho.png
[2010/07/01 03:08:40 | 000,109,836 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Tifa__who_did_this_to_you___by_ShadowAshi.jpg
[2010/06/30 16:00:43 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:04:47 | 000,138,702 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Gap.png
[2010/06/28 14:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/06/28 14:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/06/27 17:43:12 | 000,002,768 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\koakuma.png
[2010/06/27 13:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/06/27 13:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/06/27 01:40:18 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\logho.png
[2010/06/26 23:39:33 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Toribash.lnk
[2010/06/26 16:20:22 | 000,045,377 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.gif
[2010/06/26 16:06:55 | 000,006,002 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\almighty peej.png
[2010/06/26 16:01:19 | 000,028,687 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2ynf7l1.gif
[2010/06/26 15:52:40 | 000,011,640 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.png
[2010/06/26 14:27:36 | 000,002,729 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\6019.png
[2010/06/26 12:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/06/26 12:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/06/26 11:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/06/26 11:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/06/26 10:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/06/26 10:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/06/26 09:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/06/26 09:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/06/26 02:24:35 | 000,003,991 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Orin.png
[2010/06/26 02:11:01 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/06/25 23:43:07 | 000,257,227 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\[bleep]s like a tiger.png
[2010/06/25 14:39:03 | 000,002,560 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\bmd.png
[2010/06/25 04:18:55 | 000,002,440 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Google Chrome.lnk
[2010/06/24 18:35:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2010/06/24 14:49:58 | 000,032,606 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\report.wav
[2010/06/24 14:49:44 | 000,049,986 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\girlfriend.wav
[2010/06/24 14:49:10 | 000,038,326 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brother.wav
[2010/06/24 14:48:55 | 000,045,586 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\lostmyemeralds.wav
[2010/06/24 14:48:08 | 000,115,546 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\superbionic.wav
[2010/06/24 14:46:58 | 000,047,126 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\original.wav
[2010/06/24 14:44:27 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Speakonia.lnk
[2010/06/24 14:38:13 | 000,064,084 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor3.png
[2010/06/24 14:34:51 | 000,065,649 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor2.png
[2010/06/24 14:34:42 | 000,146,012 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor1.png
[2010/06/24 14:31:14 | 000,199,717 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sonic_sonicx.png
[2010/06/24 02:56:15 | 000,000,881 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/23 22:07:29 | 000,152,714 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\easy mode.png
[2010/06/23 21:23:54 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/23 10:24:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Windows Update.job
[2010/06/22 19:54:14 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StreetStrifer HomeStruck.lnk
[2010/06/21 19:34:15 | 004,728,162 | -H-- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\IconCache.db
[2010/06/21 19:34:02 | 000,520,415 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ssss.png
[2010/06/18 21:54:44 | 000,000,750 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\PFPortChecker.lnk
[2010/06/14 21:39:03 | 000,162,785 | ---- | M] () -- C:\WINDOWS\Animated GIF Converter and Booster Pack Uninstaller.exe
[2010/06/14 21:28:15 | 000,165,898 | ---- | M] () -- C:\WINDOWS\Video Cleaner Uninstaller.exe
[2010/06/13 22:43:23 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Cheat Engine.lnk
[2010/06/11 19:05:03 | 000,028,256 | ---- | M] (MusicMatch, Inc.) -- C:\WINDOWS\System32\drivers\MxlW2k.sys
[2010/06/08 10:27:11 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/04 14:45:43 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sleep is Death.lnk
[2010/05/26 13:03:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/19 17:18:10 | 000,204,086 | ---- | M] () -- C:\scaledbunny.png
[2010/05/19 17:18:06 | 000,000,052 | ---- | M] () -- C:\Copy of scaler.bat
[2010/05/19 17:11:38 | 000,053,526 | ---- | M] () -- C:\bunny.png
[2010/05/12 05:56:25 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.INI
[2010/04/30 19:28:48 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sonic Robo Blast 2.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/28 06:07:21 | 000,399,144 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/27 17:16:09 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Half-Life 2.lnk
[2010/04/27 17:15:39 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Counter-Strike Source.lnk
[2010/04/27 17:13:12 | 000,001,626 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Garry's Mod.lnk
[2010/04/26 17:26:59 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2010/04/26 17:19:47 | 000,104,000 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010/04/26 07:39:05 | 000,000,842 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Hisoutensoku English.lnk
[2010/04/26 07:33:14 | 000,000,721 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Game Maker.lnk
[2010/04/10 16:44:00 | 000,000,497 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\FOnline 2238 Launcher.lnk
[2010/04/08 06:02:17 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Torque Constructor.lnk
========== Files Created - No Company Name ==========
[2010/07/01 16:11:18 | 000,076,484 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2368599.png
[2010/07/01 16:09:43 | 000,147,956 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5155101.png
[2010/07/01 16:09:32 | 000,063,739 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5389529.png
[2010/07/01 16:08:18 | 000,029,753 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\7721616.png
[2010/07/01 16:07:11 | 000,144,009 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\9937788.png
[2010/07/01 04:29:24 | 000,301,790 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\1274097738954.png
[2010/07/01 03:33:45 | 000,004,229 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sanecho.png
[2010/07/01 03:08:36 | 000,109,836 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Tifa__who_did_this_to_you___by_ShadowAshi.jpg
[2010/06/30 16:00:43 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:04:04 | 000,138,702 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Gap.png
[2010/06/27 17:43:05 | 000,002,768 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\koakuma.png
[2010/06/27 01:40:18 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\logho.png
[2010/06/26 23:39:33 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Toribash.lnk
[2010/06/26 16:20:20 | 000,045,377 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.gif
[2010/06/26 16:06:55 | 000,006,002 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\almighty peej.png
[2010/06/26 16:00:20 | 000,028,687 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2ynf7l1.gif
[2010/06/26 15:52:40 | 000,011,640 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.png
[2010/06/26 14:27:36 | 000,002,729 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\6019.png
[2010/06/26 02:24:34 | 000,003,991 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Orin.png
[2010/06/26 02:11:01 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/06/26 02:11:01 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/06/25 23:43:07 | 000,257,227 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\[bleep]s like a tiger.png
[2010/06/25 14:38:53 | 000,002,560 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\bmd.png
[2010/06/24 14:49:58 | 000,032,606 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\report.wav
[2010/06/24 14:49:44 | 000,049,986 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\girlfriend.wav
[2010/06/24 14:49:09 | 000,038,326 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brother.wav
[2010/06/24 14:48:55 | 000,045,586 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\lostmyemeralds.wav
[2010/06/24 14:48:08 | 000,115,546 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\superbionic.wav
[2010/06/24 14:46:58 | 000,047,126 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\original.wav
[2010/06/24 14:44:27 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Speakonia.lnk
[2010/06/24 14:38:12 | 000,064,084 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor3.png
[2010/06/24 14:34:51 | 000,065,649 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor2.png
[2010/06/24 14:34:17 | 000,146,012 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor1.png
[2010/06/24 14:31:13 | 000,199,717 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sonic_sonicx.png
[2010/06/23 22:07:28 | 000,152,714 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\easy mode.png
[2010/06/22 19:54:13 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StreetStrifer HomeStruck.lnk
[2010/06/21 19:34:02 | 000,520,415 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ssss.png
[2010/06/18 21:54:44 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\PFPortChecker.lnk
[2010/06/14 21:39:01 | 000,162,785 | ---- | C] () -- C:\WINDOWS\Animated GIF Converter and Booster Pack Uninstaller.exe
[2010/06/14 21:28:10 | 000,165,898 | ---- | C] () -- C:\WINDOWS\Video Cleaner Uninstaller.exe
[2010/06/13 22:43:23 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Cheat Engine.lnk
[2010/06/04 14:45:43 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sleep is Death.lnk
[2010/05/19 17:18:09 | 000,204,086 | ---- | C] () -- C:\scaledbunny.png
[2010/05/19 17:11:37 | 000,053,526 | ---- | C] () -- C:\bunny.png
[2010/04/30 19:28:47 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sonic Robo Blast 2.lnk
[2010/04/27 17:16:09 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Half-Life 2.lnk
[2010/04/27 17:15:39 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Counter-Strike Source.lnk
[2010/04/27 17:13:11 | 000,001,626 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Garry's Mod.lnk
[2010/04/26 07:39:05 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Hisoutensoku English.lnk
[2010/04/26 07:33:14 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Game Maker.lnk
[2010/04/10 16:44:00 | 000,000,497 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\FOnline 2238 Launcher.lnk
[2010/04/09 15:27:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/08 06:02:17 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Torque Constructor.lnk
[2010/01/23 15:04:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010/01/02 18:41:32 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mmpro.ini
[2009/09/25 17:20:28 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/05/28 23:13:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009/05/23 22:56:14 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/05/23 22:56:06 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/05/23 22:56:06 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/05/03 16:07:19 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/04/17 17:12:52 | 000,000,175 | ---- | C] () -- C:\WINDOWS\W2W.ini
[2009/04/17 16:13:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2009/01/14 22:46:43 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\VSCWR12.dll
[2008/12/30 23:08:52 | 000,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2008/12/14 17:08:49 | 000,000,016 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2008/11/13 16:43:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/11/13 16:43:28 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004045_.tmp.dll
[2008/11/13 16:43:24 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004013_.tmp.dll
[2008/11/05 20:34:58 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\770DD48848.sys
[2008/11/05 20:34:55 | 000,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/10/03 18:07:10 | 003,754,896 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-6.dll
[2008/09/28 12:33:01 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2008/09/06 12:33:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2008/08/28 06:20:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2008/08/28 06:17:22 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2008/08/28 06:17:20 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\NormalizeDSP.dll
[2008/08/02 00:49:50 | 000,036,972 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008/08/01 23:48:02 | 000,163,840 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLJNI12.dll
[2008/08/01 23:48:02 | 000,163,840 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLJNI.dll
[2008/08/01 23:48:02 | 000,069,632 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGljJNI.dll
[2008/08/01 23:48:02 | 000,065,536 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGljJNI12.dll
[2008/08/01 23:48:02 | 000,057,344 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLUJNI.dll
[2008/08/01 23:48:02 | 000,053,248 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLUJNI12.dll
[2008/08/01 23:48:02 | 000,036,864 | ---- | C] () -- C:\WINDOWS\GL4JavaGljMSJDirect.dll
[2008/07/23 11:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/23 11:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/07/23 11:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/07/23 11:46:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/07/21 21:53:43 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2008/06/19 14:48:13 | 000,473,600 | ---- | C] () -- C:\WINDOWS\System32\Harmony.dll
[2008/06/19 14:48:13 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\Unlha32.dll
[2008/05/29 22:45:40 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\NemuAudio08.ini
[2008/05/23 13:50:08 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/03/28 18:36:46 | 000,001,667 | ---- | C] () -- C:\WINDOWS\savegam.ini
[2008/02/25 20:14:11 | 000,000,126 | ---- | C] () -- C:\WINDOWS\64DISASM.INI
[2008/02/20 20:58:39 | 000,000,065 | ---- | C] () -- C:\WINDOWS\NARBACULARDROP.INI
[2008/01/23 19:14:30 | 001,117,442 | -HS- | C] () -- C:\WINDOWS\System32\uwoblquj.ini
[2008/01/21 11:51:03 | 001,079,292 | -HS- | C] () -- C:\WINDOWS\System32\awuscxqk.ini
[2008/01/17 01:17:09 | 001,079,652 | -HS- | C] () -- C:\WINDOWS\System32\wxphtypx.ini
[2008/01/16 20:04:16 | 001,066,126 | -HS- | C] () -- C:\WINDOWS\System32\tlbkpyeh.ini
[2008/01/16 19:58:10 | 000,335,017 | -HS- | C] () -- C:\WINDOWS\System32\rtutv.ini
[2008/01/14 20:55:19 | 001,066,006 | -HS- | C] () -- C:\WINDOWS\System32\rpnwcunk.ini
[2008/01/13 19:20:36 | 000,230,342 | -HS- | C] () -- C:\WINDOWS\System32\rtutv.ini2
[2008/01/11 18:50:01 | 001,053,015 | -HS- | C] () -- C:\WINDOWS\System32\oxyxibwg.ini
[2008/01/09 21:25:14 | 001,048,985 | -HS- | C] () -- C:\WINDOWS\System32\unliunyq.ini
[2008/01/06 14:19:26 | 001,049,041 | -HS- | C] () -- C:\WINDOWS\System32\oaihyhvq.ini
[2008/01/05 14:50:04 | 001,044,100 | -HS- | C] () -- C:\WINDOWS\System32\jlinbjre.ini
[2008/01/03 21:30:55 | 001,044,040 | -HS- | C] () -- C:\WINDOWS\System32\pyrufaho.ini
[2007/12/08 18:43:14 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007/12/08 18:43:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2007/12/08 18:43:04 | 000,001,512 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2007/12/05 20:33:00 | 000,000,200 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/11 21:19:03 | 000,000,009 | ---- | C] () -- C:\WINDOWS\NS3Tails.INI
[2007/11/11 21:17:12 | 000,000,009 | ---- | C] () -- C:\WINDOWS\NS3Amy.INI
[2007/11/11 21:14:39 | 000,000,008 | ---- | C] () -- C:\WINDOWS\NS3Sonic.INI
[2007/11/11 21:05:37 | 000,000,010 | ---- | C] () -- C:\WINDOWS\NS3Knux.INI
[2007/11/05 08:52:30 | 000,000,398 | ---- | C] () -- C:\WINDOWS\AudioConverter.INI
[2007/10/03 09:08:46 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007/08/23 17:25:21 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/08/09 18:33:56 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/09 18:33:53 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/07/31 18:14:13 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus4.INI
[2007/07/31 18:07:39 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus3.INI
[2007/07/31 17:51:36 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus2.INI
[2007/07/23 14:57:03 | 001,208,100 | -HS- | C] () -- C:\WINDOWS\System32\nxklgwdc.ini
[2007/07/23 02:55:01 | 001,803,099 | -HS- | C] () -- C:\WINDOWS\System32\ihhkj.ini
[2007/07/20 16:28:59 | 000,057,792 | -HS- | C] () -- C:\WINDOWS\System32\ehkmp.ini
[2007/07/20 15:20:17 | 000,006,488 | -HS- | C] () -- C:\WINDOWS\System32\hhkmp.ini
[2007/07/19 20:41:57 | 000,000,014 | ---- | C] () -- C:\WINDOWS\NSGSSave.INI
[2007/07/19 20:39:16 | 000,001,857 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2007/07/19 20:23:58 | 000,000,031 | ---- | C] () -- C:\WINDOWS\NSGSLampPost.INI
[2007/07/19 20:11:11 | 000,000,015 | ---- | C] () -- C:\WINDOWS\zzzzNSGS2ZONES.INI
[2007/07/19 19:58:16 | 000,000,035 | ---- | C] () -- C:\WINDOWS\NSGS2LampPost.INI
[2007/07/19 19:06:16 | 000,000,145 | ---- | C] () -- C:\WINDOWS\chaobatt.ini
[2007/07/19 18:57:52 | 000,000,043 | ---- | C] () -- C:\WINDOWS\su3.ini
[2007/07/17 19:42:41 | 001,191,632 | -HS- | C] () -- C:\WINDOWS\System32\pryskyka.ini
[2007/07/16 19:42:36 | 001,191,527 | -HS- | C] () -- C:\WINDOWS\System32\gmobtisi.ini
[2007/07/16 02:50:14 | 001,817,185 | -HS- | C] () -- C:\WINDOWS\System32\ybadd.ini2
[2007/07/15 19:41:09 | 001,191,467 | -HS- | C] () -- C:\WINDOWS\System32\bofcjjqf.ini
[2007/07/11 21:42:45 | 001,102,641 | -HS- | C] () -- C:\WINDOWS\System32\mycojaxy.ini
[2007/07/11 18:46:52 | 000,000,056 | ---- | C] () -- C:\WINDOWS\kgt2k.INI
[2007/07/03 02:27:44 | 000,167,133 | ---- | C] () -- C:\WINDOWS\libgimp-2.0-0.dll
[2007/06/24 20:47:29 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/06/17 22:51:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/06/04 12:26:25 | 000,004,317 | ---- | C] () -- C:\WINDOWS\cs_cache.ini
[2007/04/12 18:23:52 | 000,000,161 | ---- | C] () -- C:\WINDOWS\option.ini
[2007/03/07 19:24:52 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2007/02/26 08:53:37 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/01/30 20:31:46 | 000,002,372 | ---- | C] () -- C:\WINDOWS\EaseAudioConverter.ini
[2007/01/27 10:10:00 | 000,000,656 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2007/01/06 03:11:25 | 000,000,050 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2006/12/27 18:45:40 | 000,000,009 | ---- | C] () -- C:\WINDOWS\qte3.INI
[2006/12/27 18:40:49 | 000,000,010 | ---- | C] () -- C:\WINDOWS\qte3_cd.ini
[2006/12/27 13:06:53 | 000,001,452 | ---- | C] () -- C:\WINDOWS\stasavegame.INI
[2006/12/02 22:21:08 | 000,000,023 | ---- | C] () -- C:\WINDOWS\clofghls.dll
[2006/12/02 22:19:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2006/11/18 00:39:30 | 000,000,421 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2006/11/11 21:11:21 | 000,000,209 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/11/06 15:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/09/18 23:22:32 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\LPubRay.dll
[2006/09/09 10:28:52 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll
[2006/05/12 13:23:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/04/14 11:37:26 | 000,000,031 | ---- | C] () -- C:\WINDOWS\aceg.ini
[2005/08/30 01:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005/08/30 01:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005/08/30 01:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2005/05/08 05:19:28 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
[2005/01/15 18:55:09 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2004/09/17 17:37:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/01/28 11:42:06 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003/10/14 08:52:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/10/14 08:51:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/10/14 08:35:01 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/10/11 07:51:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/10/11 07:50:32 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2003/10/11 07:50:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/10/11 07:45:41 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/10/11 07:40:57 | 000,029,222 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2003/10/11 07:40:38 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/10/11 07:40:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/10/11 07:29:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/10/11 07:16:42 | 000,000,889 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/10/11 06:15:11 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/10/11 06:07:05 | 000,126,348 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvcap.sys
[2003/10/11 05:39:21 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/10/11 05:39:21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/10/11 05:39:04 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/10/11 05:19:00 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/10/11 05:06:45 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/10/11 02:10:46 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/10/11 02:10:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/06 02:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2002/05/15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2008/08/28 18:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AGS Demo Game
[2010/01/22 21:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2007/12/08 00:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG7
[2007/04/23 20:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ErrorProtector Free
[2006/11/11 21:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/01/10 16:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IJJIGame
[2007/08/23 17:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006/11/16 17:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QubeSoft
[2010/06/14 21:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2008/10/04 17:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/03/18 17:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steinberg
[2010/06/14 16:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/10/21 19:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2007/12/08 00:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/04/25 17:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uniblue
[2007/01/23 17:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/02/27 13:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtuallTek
[2006/11/18 12:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/01/04 02:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoGen
[2006/12/21 14:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{0727B42B-1697-465F-8CDC-53A1EA7110EB}
[2009/05/20 10:23:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{17A03471-20EB-4604-8E72-66EF7398750D}
[2007/05/02 09:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\AVG7
[2006/11/11 20:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\BitTorrent
[2003/10/14 08:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\interMute
[2004/11/13 18:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Leadertech
[2003/10/11 08:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2006/01/08 07:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\TuneUp Software
[2005/12/05 13:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Viewpoint
[2006/11/11 21:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVG7
[2010/06/21 02:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TeamViewer
[2007/01/23 17:46:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Viewpoint
[2009/08/01 18:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Anvil Studio
[2007/05/02 09:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\AVG7
[2008/01/27 03:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\bang
[2009/06/19 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\BitTorrent
[2008/04/29 21:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Clickteam
[2008/05/08 15:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Datel
[2010/07/03 08:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\DNA
[2008/12/30 23:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Eltima Software
[2007/08/23 17:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Eyeblaster
[2009/10/07 19:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\GameHouse
[2007/07/30 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\gtk-2.0
[2009/01/10 16:36:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ijjigame
[2008/01/21 16:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\interMute
[2004/11/13 18:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Leadertech
[2007/09/12 20:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\LEGO Company
[2009/05/30 03:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\MilkShape 3D 1.x.x
[2010/01/18 18:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Music Recognition
[2007/12/12 19:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Nexon
[2009/06/17 14:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Notepad++
[2008/07/01 19:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\OpenArena
[2008/01/16 20:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\PE Explorer
[2008/10/04 17:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Publish Providers
[2010/06/14 21:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\River Past G5
[2008/08/29 22:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ROBLOX
[2003/10/11 08:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\SampleView
[2010/03/14 23:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ShanghaiAlice
[2008/12/13 22:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Sony
[2010/03/18 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Steinberg
[2009/07/17 16:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\SystemRequirementsLab
[2009/12/22 21:19:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\TeamViewer
[2010/05/11 18:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Template
[2006/01/08 07:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\TuneUp Software
[2008/04/25 18:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Uniblue
[2010/06/20 17:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Unity
[2009/11/24 22:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\VBA-M
[2008/05/12 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Viewpoint
[2010/03/18 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\VST3 Presets
[2009/02/04 21:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\X10 Commander
[2010/07/03 02:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010/07/03 00:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2010/06/26 09:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2010/06/26 10:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2010/06/26 11:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2010/06/26 12:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010/06/27 13:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010/06/28 14:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010/07/02 15:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010/07/02 16:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010/07/02 17:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2010/07/02 18:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2010/07/03 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010/07/02 19:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2010/07/02 20:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2010/07/02 21:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2010/07/02 22:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2010/07/02 23:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2010/07/03 00:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2010/07/03 01:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2010/07/03 02:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2010/07/03 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2010/07/03 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2010/07/03 02:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2010/07/03 05:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2010/07/03 06:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2010/07/03 07:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2010/07/03 08:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2010/06/26 09:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2010/06/26 10:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2010/06/26 11:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2010/06/26 12:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2010/06/27 13:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2010/06/28 14:00:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2010/07/03 03:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010/07/02 15:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2010/07/02 16:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2010/07/02 17:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2010/07/02 18:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2010/07/02 19:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2010/07/02 20:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2010/07/02 21:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2010/07/02 22:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2010/07/02 23:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2010/07/03 04:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2010/07/03 05:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2010/07/03 06:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2010/07/03 07:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2010/07/03 08:00:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2010/07/03 08:46:56 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/06/24 18:35:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2008/04/25 18:35:08 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
[2008/04/25 17:04:05 | 000,000,338 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpyEraser.job
[2010/06/23 10:24:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Windows Update.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/17 16:20:47 | 000,000,000 | ---- | M] () -- C:\(null)
[2007/08/20 16:27:19 | 000,000,104 | ---- | M] () -- C:\.lnk
[2006/03/16 21:56:06 | 000,001,024 | ---- | M] () -- C:\.rnd
[2009/01/24 20:09:26 | 000,192,039 | ---- | M] () -- C:\0000.jpeg
[2009/10/31 12:46:14 | 000,236,301 | ---- | M] () -- C:\12631.png
[2009/11/24 20:48:06 | 000,261,176 | ---- | M] () -- C:\45049606-128ba74f9272884f8ebfd48bd6787471.4b0c8cc7-full.png
[2009/11/25 21:56:14 | 000,023,054 | ---- | M] () -- C:\600px-TemplateMen.jpg
[2009/11/03 11:33:25 | 000,016,872 | ---- | M] () -- C:\8f6n5766tu.htm
[2009/11/28 12:39:50 | 000,042,810 | ---- | M] () -- C:\ALERT.WAV
[2009/11/28 12:41:48 | 000,046,469 | ---- | M] () -- C:\AUGH.WAV
[2003/10/11 05:16:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/11/11 21:33:43 | 012,286,415 | ---- | M] () -- C:\AVG7QT.DAT
[2009/07/20 00:28:03 | 000,435,185 | ---- | M] () -- C:\blaze.png
[2007/06/17 21:59:18 | 000,000,196 | RHS- | M] () -- C:\BOOT.BAK
[2007/07/04 14:54:38 | 000,000,283 | RHS- | M] () -- C:\boot.ini
[2009/11/28 12:39:22 | 000,017,476 | ---- | M] () -- C:\BREAK.WAV
[2010/05/19 17:11:38 | 000,053,526 | ---- | M] () -- C:\bunny.png
[2002/08/29 14:00:00 | 000,245,920 | RHS- | M] () -- C:\cmldr
[2003/10/11 05:16:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/05/19 17:18:06 | 000,000,052 | ---- | M] () -- C:\Copy of scaler.bat
[2009/10/23 21:35:35 | 000,000,963 | ---- | M] () -- C:\cream.png
[2009/10/31 08:48:16 | 002,471,349 | ---- | M] () -- C:\CWCTouhou.png
[2010/04/12 16:41:26 | 000,078,423 | ---- | M] () -- C:\debugfile.txt
[2007/11/29 12:49:19 | 000,000,158 | ---- | M] () -- C:\Delapp.bat
[2009/11/25 22:27:11 | 000,115,629 | ---- | M] () -- C:\gentlechen.png
[2009/12/19 09:57:11 | 000,175,587 | ---- | M] () -- C:\GentleMentleMen.mp3
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/07/03 08:43:37 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2003/10/11 05:16:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/03/28 19:45:34 | 000,224,771 | ---- | M] (LibPng) -- C:\libpng.dll
[2003/10/11 05:16:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2007/07/04 14:47:13 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2010/01/07 20:39:07 | 000,250,048 | ---- | M] () -- C:\ntldr
[2009/11/28 12:36:17 | 000,030,072 | ---- | M] () -- C:\OBJECTION.WAV
[2010/07/03 08:43:34 | 1056,964,608 | -HS- | M] () -- C:\pagefile.sys
[2009/11/01 11:14:40 | 000,114,302 | ---- | M] () -- C:\pl07_bs.png
[2009/12/18 13:52:09 | 001,343,926 | ---- | M] () -- C:\popstar.mp3
[2009/04/17 16:55:56 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\psapi.dll
[2009/11/28 12:37:30 | 000,039,645 | ---- | M] () -- C:\PUNCH.WAV
[2007/04/04 16:34:25 | 000,000,012 | -H-- | M] () -- C:\reachd.cz
[2009/01/31 22:11:03 | 000,287,173 | ---- | M] () -- C:\resized2.PNG
[2009/12/27 20:00:12 | 000,651,941 | ---- | M] () -- C:\Satori Maiden 3rd Eye.ogg
[2010/05/19 17:18:10 | 000,204,086 | ---- | M] () -- C:\scaledbunny.png
[2009/11/30 21:45:50 | 000,000,053 | ---- | M] () -- C:\scaler.bat
[2005/03/28 19:45:32 | 000,023,040 | ---- | M] () -- C:\scalerx.exe
[2005/03/28 19:45:32 | 000,038,400 | ---- | M] () -- C:\scalex.exe
[2009/12/06 00:25:13 | 000,008,012 | ---- | M] () -- C:\thmon15e1-19(3)(4).clt
[2009/12/05 23:59:18 | 000,005,908 | ---- | M] () -- C:\thmon15e1-19(3)(4).png
[2009/12/05 14:25:39 | 000,006,953 | ---- | M] () -- C:\thmon15e1-19(3)(4)1.png
[2010/06/12 21:49:28 | 000,124,416 | -HS- | M] () -- C:\Thumbs.db
[2010/04/03 20:47:05 | 000,008,012 | ---- | M] () -- C:\Touhoumon.clt
[2010/04/03 19:13:09 | 000,005,058 | ---- | M] () -- C:\Touhoumon.png
[2010/04/03 19:22:02 | 000,005,016 | ---- | M] () -- C:\TouhoumonAChen.png
[2010/04/03 19:25:25 | 000,005,690 | ---- | M] () -- C:\TouhoumonAcir.png
[2010/04/03 19:21:52 | 000,005,062 | ---- | M] () -- C:\TouhoumonAEirin.png
[2010/04/03 19:24:06 | 000,005,412 | ---- | M] () -- C:\TouhoumonALet.png
[2010/04/03 19:24:21 | 000,005,719 | ---- | M] () -- C:\TouhoumonAMar.png
[2010/04/03 19:23:50 | 000,005,389 | ---- | M] () -- C:\TouhoumonAMei.png
[2010/04/03 19:24:15 | 000,005,570 | ---- | M] () -- C:\TouhoumonAMok.png
[2010/04/03 19:23:58 | 000,005,759 | ---- | M] () -- C:\TouhoumonAMys.png
[2010/04/03 19:22:09 | 000,004,584 | ---- | M] () -- C:\TouhoumonARan.png
[2010/04/03 19:23:45 | 000,005,156 | ---- | M] () -- C:\TouhoumonARei.png
[2010/04/03 19:20:51 | 000,005,929 | ---- | M] () -- C:\TouhoumonAYuyu.png
[2010/04/03 19:20:27 | 000,004,958 | ---- | M] () -- C:\TouhoumonCAcir.png
[2010/04/03 19:21:11 | 000,004,726 | ---- | M] () -- C:\TouhoumonChatate.png
[2010/04/03 19:23:35 | 000,006,289 | ---- | M] () -- C:\TouhoumonEAcir.png
[2010/04/03 19:21:18 | 000,005,031 | ---- | M] () -- C:\TouhoumonHatate.png
[2009/11/24 20:13:44 | 000,072,150 | ---- | M] () -- C:\Vampiretoilet.gif
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2008/03/21 16:59:19 | 000,813,458 | ---- | M] () -- C:\YTP_Intro_5.avi
[2005/03/28 19:45:34 | 000,063,827 | ---- | M] (Zlib) -- C:\zlib.dll
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
< %systemroot%\system32\*.wt >
< %systemroot%\system32\*.ruy >
< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[35 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
< %systemroot%\system32\spool\prtprocs\w32x86\*.tmp >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2003/10/10 22:09:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003/10/10 22:09:02 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003/10/10 22:09:02 | 000,385,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\user32.dll /md5 >
[2008/04/13 19:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/13 19:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\system32\ws2help.dll /md5 >
[2008/04/13 19:12:10 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=9789E95E1D88EEB4B922BF3EA7779C28 -- C:\WINDOWS\system32\ws2help.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-06-04 18:02:16
========== Files - Unicode (All) ==========
[2007/06/12 10:05:10 | 000,000,000 | ---D | M](C:\WINDOWS\?icrosoft.NET) -- C:\WINDOWS\Μicrosoft.NET
[2007/06/12 06:23:58 | 000,000,000 | ---D | M](C:\WINDOWS\?icrosoft.NET\?icrosoft.NET) -- C:\WINDOWS\Μicrosoft.NET\Μicrosoft.NET
[2007/06/12 06:23:54 | 000,000,000 | ---D | M](C:\Program Files\Common Files\M?crosoft) -- C:\Program Files\Common Files\Mіcrosoft
[2007/06/04 12:24:22 | 000,000,000 | ---D | C](C:\WINDOWS\?icrosoft.NET) -- C:\WINDOWS\Μicrosoft.NET
[2007/05/08 21:48:59 | 000,000,000 | ---D | M](C:\Program Files\F?nts) -- C:\Program Files\Fоnts
[2007/05/04 02:01:47 | 000,000,000 | ---D | M](C:\Program Files\F?nts\S?mantec) -- C:\Program Files\Fоnts\Sуmantec
(C:\Program Files\F?nts) -- C:\Program Files\Fоnts
(C:\Program Files\Common Files\M?crosoft) -- C:\Program Files\Common Files\Mіcrosoft
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 346 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:408F95E5
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
Give me a moment to put up the OTL logs.
Attached Files
-
OTL.Txt 192.06KB
85 downloads
-
Extras.Txt 95.25KB
297 downloads
Edited by Essexboy, 05 July 2010 - 03:00 PM.
#4
Posted 05 July 2010 - 03:11 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
OK found them - this will be a big fix as I will try to kill as many as possible in one go
Run OTL
THEN
Download TDSSKiller and save it to your Desktop.
FINALLY
Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL O2 - BHO: (no name) - {12E41032-8FFF-407A-A487-223B4983264F} - No CLSID value found. O2 - BHO: (no name) - {5462b56b-9b60-4f02-bda4-ba3535cc2a79} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (no name) - {60BF5EE3-0105-4858-AD98-17C19F86B042} - No CLSID value found. O2 - BHO: (no name) - {633813CE-346A-421A-B1EB-3E84D0722507} - No CLSID value found. O2 - BHO: (no name) - {A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D} - No CLSID value found. O2 - BHO: (no name) - {D4282067-EC45-4BAE-BD44-FB50B72BA49B} - No CLSID value found. O2 - BHO: (no name) - {DCF05233-FF4C-4C89-9506-8C1EE608AA72} - No CLSID value found. O2 - BHO: (no name) - {FE7A421D-FFA7-453A-9519-3D75F0E8FAF9} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {267E332F-1684-4B6F-813E-186EEEE7F247} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found. O3 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\..\Toolbar\WebBrowser: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found. O3 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. O4 - HKLM..\Run: [] File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2899075602-3811207098-2694297558-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present O16 - DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/...all-131-win.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Reg Error: Value error.) O20 - Winlogon\Notify\khfgeeb: DllName - khfgeeb.dll - File not found O20 - Winlogon\Notify\mljgf: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O20 - Winlogon\Notify\pmkhe: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O28 - HKLM ShellExecuteHooks: {A74F3FC3-CC9A-4D4C-AFB5-B56F0CAA445D} - Reg Error: Key error. File not found [2008/01/23 19:14:30 | 001,117,442 | -HS- | C] () -- C:\WINDOWS\System32\uwoblquj.ini [2008/01/21 11:51:03 | 001,079,292 | -HS- | C] () -- C:\WINDOWS\System32\awuscxqk.ini [2008/01/17 01:17:09 | 001,079,652 | -HS- | C] () -- C:\WINDOWS\System32\wxphtypx.ini [2008/01/16 20:04:16 | 001,066,126 | -HS- | C] () -- C:\WINDOWS\System32\tlbkpyeh.ini [2008/01/16 19:58:10 | 000,335,017 | -HS- | C] () -- C:\WINDOWS\System32\rtutv.ini [2008/01/14 20:55:19 | 001,066,006 | -HS- | C] () -- C:\WINDOWS\System32\rpnwcunk.ini [2008/01/13 19:20:36 | 000,230,342 | -HS- | C] () -- C:\WINDOWS\System32\rtutv.ini2 [2008/01/11 18:50:01 | 001,053,015 | -HS- | C] () -- C:\WINDOWS\System32\oxyxibwg.ini [2008/01/09 21:25:14 | 001,048,985 | -HS- | C] () -- C:\WINDOWS\System32\unliunyq.ini [2008/01/06 14:19:26 | 001,049,041 | -HS- | C] () -- C:\WINDOWS\System32\oaihyhvq.ini [2008/01/05 14:50:04 | 001,044,100 | -HS- | C] () -- C:\WINDOWS\System32\jlinbjre.ini [2008/01/03 21:30:55 | 001,044,040 | -HS- | C] () -- C:\WINDOWS\System32\pyrufaho.ini [2007/07/23 14:57:03 | 001,208,100 | -HS- | C] () -- C:\WINDOWS\System32\nxklgwdc.ini [2007/07/23 02:55:01 | 001,803,099 | -HS- | C] () -- C:\WINDOWS\System32\ihhkj.ini [2007/07/20 16:28:59 | 000,057,792 | -HS- | C] () -- C:\WINDOWS\System32\ehkmp.ini [2007/07/20 15:20:17 | 000,006,488 | -HS- | C] () -- C:\WINDOWS\System32\hhkmp.ini [2007/07/17 19:42:41 | 001,191,632 | -HS- | C] () -- C:\WINDOWS\System32\pryskyka.ini [2007/07/16 19:42:36 | 001,191,527 | -HS- | C] () -- C:\WINDOWS\System32\gmobtisi.ini [2007/07/16 02:50:14 | 001,817,185 | -HS- | C] () -- C:\WINDOWS\System32\ybadd.ini2 [2007/07/15 19:41:09 | 001,191,467 | -HS- | C] () -- C:\WINDOWS\System32\bofcjjqf.ini [2007/07/11 21:42:45 | 001,102,641 | -HS- | C] () -- C:\WINDOWS\System32\mycojaxy.ini [2007/06/12 10:05:10 | 000,000,000 | ---D | M](C:\WINDOWS\?icrosoft.NET) -- C:\WINDOWS\Μicrosoft.NET [2007/06/12 06:23:58 | 000,000,000 | ---D | M](C:\WINDOWS\?icrosoft.NET\?icrosoft.NET) -- C:\WINDOWS\Μicrosoft.NET\Μicrosoft.NET [2007/06/12 06:23:54 | 000,000,000 | ---D | M](C:\Program Files\Common Files\M?crosoft) -- C:\Program Files\Common Files\Mіcrosoft [2007/06/04 12:24:22 | 000,000,000 | ---D | C](C:\WINDOWS\?icrosoft.NET) -- C:\WINDOWS\Μicrosoft.NET [2007/05/08 21:48:59 | 000,000,000 | ---D | M](C:\Program Files\F?nts) -- C:\Program Files\Fоnts [2007/05/04 02:01:47 | 000,000,000 | ---D | M](C:\Program Files\F?nts\S?mantec) -- C:\Program Files\Fоnts\Sуmantec :Files C:\WINDOWS\tasks\At*.job :Commands [resethosts] [purity] [emptytemp] [EMPTYFLASH] [Reboot] - Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN
Download TDSSKiller and save it to your Desktop.
- Extract the file and run it.
- Once completed it will create a log in your C:\ drive
- Reboot your computer
- Please post the contents of that log
FINALLY
Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
#5
Posted 05 July 2010 - 11:14 PM
Peejster
- Topic Starter
-
- Member
-
- 4 posts
New Member
Video games are bad for your health schedule, kids.
Anyway, everything seems to be working just fine.
I think I'm clean now. Thanks for the help.
OTL logfile created on: 7/6/2010 12:03:15 AM - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 1008 2302 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.63 Gb Total Space | 38.78 Gb Free Space | 36.37% Space Free | Partition Type: NTFS
Drive D: | 5.14 Gb Total Space | 0.95 Gb Free Space | 18.51% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-W04GTXLD67
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
PRC - [2010/06/23 14:16:32 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/22 22:07:02 | 000,072,704 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2009/11/12 18:54:39 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2009/07/27 02:50:06 | 003,874,088 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe
PRC - [2009/07/27 02:37:30 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009/03/15 05:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/02/05 16:08:45 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/29 10:13:14 | 001,424,648 | ---- | M] (Uniblue Software) -- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/09/29 13:48:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
PRC - [2006/05/12 13:33:22 | 000,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2004/06/15 22:17:38 | 000,069,705 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\main\atidtct.exe
PRC - [2004/05/06 16:22:28 | 002,401,280 | ---- | M] (Cisco Linksys Corporation) -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
PRC - [2004/04/16 06:43:58 | 000,196,608 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
PRC - [2004/03/10 21:57:06 | 000,045,056 | ---- | M] () -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
PRC - [2004/02/06 23:56:14 | 000,041,025 | ---- | M] (GEMTEKS) -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
========== Modules (SafeList) ==========
MOD - [2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- -- (WUSB54Gv2SVC)
SRV - File not found [On_Demand | Stopped] -- -- (Tomcat5)
SRV - [2010/01/22 22:07:02 | 000,072,704 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009/08/23 16:50:00 | 003,330,164 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/07/27 02:37:30 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/05/23 13:12:42 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/09/19 17:07:15 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/09/29 13:48:06 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit)
SRV - [2005/08/11 00:17:28 | 000,118,272 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010/07/05 16:51:24 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2010/06/11 19:05:03 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2009/09/29 23:18:22 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/08/03 10:57:52 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/04/17 17:28:52 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\hwinterface.sys -- (hwinterface)
DRV - [2009/03/15 05:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/02/05 16:08:10 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/02/05 16:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/02/05 16:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/02/05 16:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/02/05 16:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/02/05 16:05:11 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/03/01 16:03:59 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/12/08 18:43:21 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2007/10/03 09:08:51 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007/04/25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/05/12 13:21:22 | 000,401,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/12 13:20:04 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/12 13:20:00 | 000,222,876 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2006/05/12 13:19:04 | 001,342,602 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/12 13:17:18 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/12 13:16:44 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/12 13:13:46 | 000,148,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/12 13:12:48 | 000,044,163 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2005/10/17 19:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/01/04 13:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 23:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/04/23 23:43:00 | 000,374,752 | ---- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WUSBGXP.sys -- (PRISM_A02)
DRV - [2003/12/15 12:28:46 | 000,257,872 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atirwvd.sys -- (ATI Remote Wonder II)
DRV - [2003/12/12 19:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/03 01:51:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/07/30 04:15:00 | 000,126,348 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvcap.sys -- (nvcap) nVidia WDM Video Capture (universal)
DRV - [2003/07/30 04:15:00 | 000,013,006 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvxbar.sys -- (NVXBAR)
DRV - [2003/07/02 13:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2003/06/19 03:59:00 | 000,140,800 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/30 00:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qus10.hpwis.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: bug489729@alice0775:1.3
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.26
FF - prefs.js..extensions.enabledItems: [email protected]:0.12.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}:5.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}:5.0.17
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {3335F91D-2AEF-4097-B831-C96C60349822}:1.4.3
FF - prefs.js..extensions.enabledItems: {792BDDFE-2E7C-42ed-B18D-18154D2761BD}:0.9.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.4
FF - prefs.js..extensions.enabledItems: {89f8dde0-010a-11da-8cd6-0800200c9a66}:1.0.0.20
FF - prefs.js..extensions.enabledItems: {d596c130-b00a-11db-abbd-0800200c9a66}:2.080708
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/23 14:17:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/23 14:17:15 | 000,000,000 | ---D | M]
[2008/10/27 19:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Extensions
[2010/07/05 17:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions
[2010/06/22 04:03:25 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/08/25 08:11:30 | 000,000,000 | ---D | M] (Leet Key) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{3335F91D-2AEF-4097-B831-C96C60349822}
[2009/12/13 22:29:37 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009/06/03 20:50:35 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/10/07 06:53:54 | 000,000,000 | ---D | M] (TabRenamizer) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}
[2010/06/22 04:03:26 | 000,000,000 | ---D | M] (Yahoo! Mail Notifier) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66}
[2010/06/05 13:06:53 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010/06/05 13:06:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/10/27 19:12:40 | 000,000,000 | ---D | M] (Miint) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{d596c130-b00a-11db-abbd-0800200c9a66}
[2009/09/21 16:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\bug489729@alice0775
[2009/11/21 20:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2010/06/05 13:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2009/11/27 18:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2010/07/05 17:15:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/05/18 20:20:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
[2009/01/30 08:13:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}
[2007/08/15 19:05:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2008/12/10 20:21:54 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
[2008/09/10 02:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2006/10/13 15:09:24 | 000,638,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2008/05/12 16:52:59 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint_03050024.dll
O1 HOSTS File: ([2010/07/05 17:53:05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe ()
O4 - HKCU..\Run: [ATI Launchpad] C:\Program Files\ATI Multimedia\main\launchpd.exe (ATI Technologies Inc.)
O4 - HKCU..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe (ATI Technologies Inc.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [NVIEW] C:\WINDOWS\System32\nview.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [Uniblue SpyEraser] C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe (Uniblue Software)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1233364808906 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/10/11 05:16:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 90 Days ==========
[2010/07/05 20:44:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/07/05 17:19:21 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/07/05 17:19:21 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/07/05 17:19:21 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/07/05 17:19:21 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/05 17:17:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/05 17:14:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/05 16:48:23 | 001,013,584 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\TDSSKiller.exe
[2010/07/05 16:34:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/02 17:14:25 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
[2010/07/02 16:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brick_invcrest
[2010/07/01 22:32:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\PrivacIE
[2010/06/30 16:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Malwarebytes
[2010/06/30 16:00:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/30 16:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/30 16:00:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/30 16:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/29 23:29:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\yukari_mb
[2010/06/29 23:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\105THchars_M
[2010/06/29 21:05:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Imperishable Night
[2010/06/29 01:28:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Perfect Cherry Blossom
[2010/06/27 20:49:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\The Embodiment of Scarlet Devil
[2010/06/24 14:39:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\lhsp
[2010/06/22 19:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\StreetStrifer HomeStruck
[2010/06/20 17:49:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Unity
[2010/06/20 16:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\Unity
[2010/06/18 21:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\PFPortChecker
[2010/06/15 02:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ShameimaruCam
[2010/06/14 21:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010/06/14 21:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\WMV9_VCM
[2010/06/14 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\River Past G5
[2010/06/14 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2010/06/14 21:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\River Past
[2010/06/14 21:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\River Past
[2010/06/09 16:09:05 | 000,000,000 | ---D | C] -- C:\Program Files\LEGO Island
[2010/06/08 10:27:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\IETldCache
[2010/06/07 20:13:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/06/06 13:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/06/05 15:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\pxnvisrwt
[2010/06/05 14:27:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/06/05 14:27:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/05/14 18:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Fake Webcam
[2010/05/11 18:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Template
[2010/05/10 06:22:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Mountain of Faith
[2010/05/07 14:42:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\MysticalChain
[2010/04/28 16:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\Temp
[2010/04/26 07:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Game_Maker8
[2010/04/12 06:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\N8
[2010/04/10 16:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\FOnline
[2010/04/08 06:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Torque
[2008/09/03 19:57:42 | 000,131,072 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2008/08/02 17:45:04 | 000,103,424 | ---- | C] ( ) -- C:\WINDOWS\System32\nUI_nat.dll
[35 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/07/05 23:17:00 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2899075602-3811207098-2694297558-1003UA.job
[2010/07/05 21:16:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2899075602-3811207098-2694297558-1003Core.job
[2010/07/05 17:56:02 | 000,000,243 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/05 17:53:52 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/07/05 17:53:21 | 000,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/07/05 17:53:05 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/05 17:52:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/05 17:50:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/05 17:47:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/05 17:47:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/05 17:46:59 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/05 17:45:39 | 020,447,232 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\ntuser.dat
[2010/07/05 17:45:39 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\ntuser.ini
[2010/07/05 16:39:43 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/07/05 16:18:27 | 000,002,440 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Google Chrome.lnk
[2010/07/05 02:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/07/04 18:35:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
[2010/07/02 14:48:37 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/01 22:38:11 | 003,725,496 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ComboFix.exe
[2010/07/01 16:11:19 | 000,076,484 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2368599.png
[2010/07/01 16:09:44 | 000,147,956 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5155101.png
[2010/07/01 16:09:33 | 000,063,739 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5389529.png
[2010/07/01 16:08:19 | 000,029,753 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\7721616.png
[2010/07/01 16:07:12 | 000,144,009 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\9937788.png
[2010/07/01 04:29:28 | 000,301,790 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\1274097738954.png
[2010/07/01 03:34:40 | 000,004,229 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sanecho.png
[2010/07/01 03:08:40 | 000,109,836 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Tifa__who_did_this_to_you___by_ShadowAshi.jpg
[2010/06/30 17:25:08 | 001,013,584 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\TDSSKiller.exe
[2010/06/30 16:00:43 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:04:47 | 000,138,702 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Gap.png
[2010/06/27 17:43:12 | 000,002,768 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\koakuma.png
[2010/06/27 01:40:18 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\logho.png
[2010/06/26 23:39:33 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Toribash.lnk
[2010/06/26 16:20:22 | 000,045,377 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.gif
[2010/06/26 16:06:55 | 000,006,002 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\almighty peej.png
[2010/06/26 16:01:19 | 000,028,687 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2ynf7l1.gif
[2010/06/26 15:52:40 | 000,011,640 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.png
[2010/06/26 14:27:36 | 000,002,729 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\6019.png
[2010/06/26 02:24:35 | 000,003,991 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Orin.png
[2010/06/25 23:43:07 | 000,257,227 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\[bleep]s like a tiger.png
[2010/06/25 14:39:03 | 000,002,560 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\bmd.png
[2010/06/24 14:49:58 | 000,032,606 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\report.wav
[2010/06/24 14:49:44 | 000,049,986 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\girlfriend.wav
[2010/06/24 14:49:10 | 000,038,326 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brother.wav
[2010/06/24 14:48:55 | 000,045,586 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\lostmyemeralds.wav
[2010/06/24 14:48:08 | 000,115,546 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\superbionic.wav
[2010/06/24 14:46:58 | 000,047,126 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\original.wav
[2010/06/24 14:44:27 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Speakonia.lnk
[2010/06/24 14:38:13 | 000,064,084 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor3.png
[2010/06/24 14:34:51 | 000,065,649 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor2.png
[2010/06/24 14:34:42 | 000,146,012 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor1.png
[2010/06/24 14:31:14 | 000,199,717 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sonic_sonicx.png
[2010/06/24 02:56:15 | 000,000,881 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/23 22:07:29 | 000,152,714 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\easy mode.png
[2010/06/23 21:23:54 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/23 10:24:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Windows Update.job
[2010/06/22 19:54:14 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StreetStrifer HomeStruck.lnk
[2010/06/21 19:34:15 | 004,728,162 | -H-- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\IconCache.db
[2010/06/21 19:34:02 | 000,520,415 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ssss.png
[2010/06/18 21:54:44 | 000,000,750 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\PFPortChecker.lnk
[2010/06/14 21:39:03 | 000,162,785 | ---- | M] () -- C:\WINDOWS\Animated GIF Converter and Booster Pack Uninstaller.exe
[2010/06/14 21:28:15 | 000,165,898 | ---- | M] () -- C:\WINDOWS\Video Cleaner Uninstaller.exe
[2010/06/13 22:43:23 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Cheat Engine.lnk
[2010/06/11 19:05:03 | 000,028,256 | ---- | M] (MusicMatch, Inc.) -- C:\WINDOWS\System32\drivers\MxlW2k.sys
[2010/06/08 10:27:11 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/04 14:45:43 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sleep is Death.lnk
[2010/05/26 13:03:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/19 17:18:10 | 000,204,086 | ---- | M] () -- C:\scaledbunny.png
[2010/05/19 17:18:06 | 000,000,052 | ---- | M] () -- C:\Copy of scaler.bat
[2010/05/19 17:11:38 | 000,053,526 | ---- | M] () -- C:\bunny.png
[2010/05/12 05:56:25 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.INI
[2010/04/30 19:28:48 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sonic Robo Blast 2.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/28 06:07:21 | 000,399,144 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/27 17:16:09 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Half-Life 2.lnk
[2010/04/27 17:15:39 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Counter-Strike Source.lnk
[2010/04/27 17:13:12 | 000,001,626 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Garry's Mod.lnk
[2010/04/26 17:26:59 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2010/04/26 17:19:47 | 000,104,000 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/26 07:39:05 | 000,000,842 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Hisoutensoku English.lnk
[2010/04/26 07:33:14 | 000,000,721 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Game Maker.lnk
[2010/04/10 16:44:00 | 000,000,497 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\FOnline 2238 Launcher.lnk
[2010/04/08 06:02:17 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Torque Constructor.lnk
========== Files Created - No Company Name ==========
[2010/07/05 17:19:21 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/05 17:19:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/07/05 17:19:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/07/05 17:19:21 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/05 17:19:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/05 17:10:27 | 003,725,496 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ComboFix.exe
[2010/07/05 16:39:43 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/07/05 16:39:38 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/07/03 09:10:43 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\gmer.exe
[2010/07/01 16:11:18 | 000,076,484 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2368599.png
[2010/07/01 16:09:43 | 000,147,956 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5155101.png
[2010/07/01 16:09:32 | 000,063,739 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5389529.png
[2010/07/01 16:08:18 | 000,029,753 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\7721616.png
[2010/07/01 16:07:11 | 000,144,009 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\9937788.png
[2010/07/01 04:29:24 | 000,301,790 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\1274097738954.png
[2010/07/01 03:33:45 | 000,004,229 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sanecho.png
[2010/07/01 03:08:36 | 000,109,836 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Tifa__who_did_this_to_you___by_ShadowAshi.jpg
[2010/06/30 16:00:43 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:04:04 | 000,138,702 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Gap.png
[2010/06/27 17:43:05 | 000,002,768 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\koakuma.png
[2010/06/27 01:40:18 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\logho.png
[2010/06/26 23:39:33 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Toribash.lnk
[2010/06/26 16:20:20 | 000,045,377 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.gif
[2010/06/26 16:06:55 | 000,006,002 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\almighty peej.png
[2010/06/26 16:00:20 | 000,028,687 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2ynf7l1.gif
[2010/06/26 15:52:40 | 000,011,640 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.png
[2010/06/26 14:27:36 | 000,002,729 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\6019.png
[2010/06/26 02:24:34 | 000,003,991 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Orin.png
[2010/06/25 23:43:07 | 000,257,227 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\[bleep]s like a tiger.png
[2010/06/25 14:38:53 | 000,002,560 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\bmd.png
[2010/06/24 14:49:58 | 000,032,606 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\report.wav
[2010/06/24 14:49:44 | 000,049,986 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\girlfriend.wav
[2010/06/24 14:49:09 | 000,038,326 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brother.wav
[2010/06/24 14:48:55 | 000,045,586 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\lostmyemeralds.wav
[2010/06/24 14:48:08 | 000,115,546 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\superbionic.wav
[2010/06/24 14:46:58 | 000,047,126 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\original.wav
[2010/06/24 14:44:27 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Speakonia.lnk
[2010/06/24 14:38:12 | 000,064,084 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor3.png
[2010/06/24 14:34:51 | 000,065,649 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor2.png
[2010/06/24 14:34:17 | 000,146,012 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor1.png
[2010/06/24 14:31:13 | 000,199,717 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sonic_sonicx.png
[2010/06/23 22:07:28 | 000,152,714 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\easy mode.png
[2010/06/22 19:54:13 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StreetStrifer HomeStruck.lnk
[2010/06/21 19:34:02 | 000,520,415 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ssss.png
[2010/06/18 21:54:44 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\PFPortChecker.lnk
[2010/06/14 21:39:01 | 000,162,785 | ---- | C] () -- C:\WINDOWS\Animated GIF Converter and Booster Pack Uninstaller.exe
[2010/06/14 21:28:10 | 000,165,898 | ---- | C] () -- C:\WINDOWS\Video Cleaner Uninstaller.exe
[2010/06/13 22:43:23 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Cheat Engine.lnk
[2010/06/04 14:45:43 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sleep is Death.lnk
[2010/05/19 17:18:09 | 000,204,086 | ---- | C] () -- C:\scaledbunny.png
[2010/05/19 17:11:37 | 000,053,526 | ---- | C] () -- C:\bunny.png
[2010/04/30 19:28:47 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sonic Robo Blast 2.lnk
[2010/04/27 17:16:09 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Half-Life 2.lnk
[2010/04/27 17:15:39 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Counter-Strike Source.lnk
[2010/04/27 17:13:11 | 000,001,626 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Garry's Mod.lnk
[2010/04/26 07:39:05 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Hisoutensoku English.lnk
[2010/04/26 07:33:14 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Game Maker.lnk
[2010/04/10 16:44:00 | 000,000,497 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\FOnline 2238 Launcher.lnk
[2010/04/09 15:27:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/08 06:02:17 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Torque Constructor.lnk
[2010/01/23 15:04:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010/01/02 18:41:32 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mmpro.ini
[2009/09/25 17:20:28 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/05/28 23:13:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009/05/23 22:56:14 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/05/23 22:56:06 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/05/23 22:56:06 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/05/03 16:07:19 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/04/17 17:12:52 | 000,000,175 | ---- | C] () -- C:\WINDOWS\W2W.ini
[2009/04/17 16:13:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2009/01/14 22:46:43 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\VSCWR12.dll
[2008/12/30 23:08:52 | 000,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2008/12/14 17:08:49 | 000,000,016 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2008/11/13 16:43:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/11/05 20:34:58 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\770DD48848.sys
[2008/11/05 20:34:55 | 000,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/10/03 18:07:10 | 003,754,896 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-6.dll
[2008/09/28 12:33:01 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2008/09/06 12:33:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2008/08/28 06:20:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2008/08/28 06:17:22 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2008/08/28 06:17:20 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\NormalizeDSP.dll
[2008/08/02 00:49:50 | 000,036,972 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008/08/01 23:48:02 | 000,163,840 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLJNI12.dll
[2008/08/01 23:48:02 | 000,163,840 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLJNI.dll
[2008/08/01 23:48:02 | 000,069,632 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGljJNI.dll
[2008/08/01 23:48:02 | 000,065,536 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGljJNI12.dll
[2008/08/01 23:48:02 | 000,057,344 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLUJNI.dll
[2008/08/01 23:48:02 | 000,053,248 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLUJNI12.dll
[2008/08/01 23:48:02 | 000,036,864 | ---- | C] () -- C:\WINDOWS\GL4JavaGljMSJDirect.dll
[2008/07/23 11:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/23 11:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/07/23 11:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/07/23 11:46:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/07/21 21:53:43 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2008/06/19 14:48:13 | 000,473,600 | ---- | C] () -- C:\WINDOWS\System32\Harmony.dll
[2008/06/19 14:48:13 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\Unlha32.dll
[2008/05/29 22:45:40 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\NemuAudio08.ini
[2008/05/23 13:50:08 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/03/28 18:36:46 | 000,001,667 | ---- | C] () -- C:\WINDOWS\savegam.ini
[2008/02/25 20:14:11 | 000,000,126 | ---- | C] () -- C:\WINDOWS\64DISASM.INI
[2008/02/20 20:58:39 | 000,000,065 | ---- | C] () -- C:\WINDOWS\NARBACULARDROP.INI
[2007/12/08 18:43:14 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007/12/08 18:43:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2007/12/08 18:43:04 | 000,001,512 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2007/12/05 20:33:00 | 000,000,200 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/11 21:19:03 | 000,000,009 | ---- | C] () -- C:\WINDOWS\NS3Tails.INI
[2007/11/11 21:17:12 | 000,000,009 | ---- | C] () -- C:\WINDOWS\NS3Amy.INI
[2007/11/11 21:14:39 | 000,000,008 | ---- | C] () -- C:\WINDOWS\NS3Sonic.INI
[2007/11/11 21:05:37 | 000,000,010 | ---- | C] () -- C:\WINDOWS\NS3Knux.INI
[2007/11/05 08:52:30 | 000,000,398 | ---- | C] () -- C:\WINDOWS\AudioConverter.INI
[2007/08/23 17:25:21 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/08/09 18:33:56 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/09 18:33:53 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/07/31 18:14:13 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus4.INI
[2007/07/31 18:07:39 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus3.INI
[2007/07/31 17:51:36 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus2.INI
[2007/07/19 20:41:57 | 000,000,014 | ---- | C] () -- C:\WINDOWS\NSGSSave.INI
[2007/07/19 20:39:16 | 000,001,857 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2007/07/19 20:23:58 | 000,000,031 | ---- | C] () -- C:\WINDOWS\NSGSLampPost.INI
[2007/07/19 20:11:11 | 000,000,015 | ---- | C] () -- C:\WINDOWS\zzzzNSGS2ZONES.INI
[2007/07/19 19:58:16 | 000,000,035 | ---- | C] () -- C:\WINDOWS\NSGS2LampPost.INI
[2007/07/19 19:06:16 | 000,000,145 | ---- | C] () -- C:\WINDOWS\chaobatt.ini
[2007/07/19 18:57:52 | 000,000,043 | ---- | C] () -- C:\WINDOWS\su3.ini
[2007/07/11 18:46:52 | 000,000,056 | ---- | C] () -- C:\WINDOWS\kgt2k.INI
[2007/07/03 02:27:44 | 000,167,133 | ---- | C] () -- C:\WINDOWS\libgimp-2.0-0.dll
[2007/06/24 20:47:29 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/06/17 22:51:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/04/12 18:23:52 | 000,000,161 | ---- | C] () -- C:\WINDOWS\option.ini
[2007/03/07 19:24:52 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2007/02/26 08:53:37 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/01/30 20:31:46 | 000,002,372 | ---- | C] () -- C:\WINDOWS\EaseAudioConverter.ini
[2007/01/27 10:10:00 | 000,000,656 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2007/01/06 03:11:25 | 000,000,050 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2006/12/27 18:45:40 | 000,000,009 | ---- | C] () -- C:\WINDOWS\qte3.INI
[2006/12/27 18:40:49 | 000,000,010 | ---- | C] () -- C:\WINDOWS\qte3_cd.ini
[2006/12/27 13:06:53 | 000,001,452 | ---- | C] () -- C:\WINDOWS\stasavegame.INI
[2006/12/02 22:21:08 | 000,000,023 | ---- | C] () -- C:\WINDOWS\clofghls.dll
[2006/12/02 22:19:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2006/11/18 00:39:30 | 000,000,421 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2006/11/11 21:11:21 | 000,000,209 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/11/06 15:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/09/18 23:22:32 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\LPubRay.dll
[2006/09/09 10:28:52 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll
[2006/05/12 13:23:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/04/14 11:37:26 | 000,000,031 | ---- | C] () -- C:\WINDOWS\aceg.ini
[2005/08/30 01:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005/08/30 01:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005/08/30 01:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2005/05/08 05:19:28 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
[2005/01/15 18:55:09 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2004/09/17 17:37:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/01/28 11:42:06 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003/10/14 08:52:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/10/14 08:51:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/10/14 08:35:01 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/10/11 07:51:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/10/11 07:50:32 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2003/10/11 07:50:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/10/11 07:45:41 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/10/11 07:40:57 | 000,029,222 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2003/10/11 07:40:38 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/10/11 07:40:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/10/11 07:29:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/10/11 07:16:42 | 000,000,889 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/10/11 06:15:11 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/10/11 06:07:05 | 000,126,348 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvcap.sys
[2003/10/11 05:39:21 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/10/11 05:39:21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/10/11 05:39:04 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/10/11 05:19:00 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/10/11 05:06:45 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/10/11 02:10:46 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/10/11 02:10:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/06 02:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2002/05/15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2008/08/28 18:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AGS Demo Game
[2010/01/22 21:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2007/12/08 00:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG7
[2006/11/11 21:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/01/10 16:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IJJIGame
[2007/08/23 17:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006/11/16 17:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QubeSoft
[2010/06/14 21:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2008/10/04 17:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/03/18 17:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steinberg
[2010/06/14 16:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/10/21 19:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2007/12/08 00:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/04/25 17:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uniblue
[2007/01/23 17:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/02/27 13:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtuallTek
[2006/11/18 12:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/01/04 02:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoGen
[2006/12/21 14:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{0727B42B-1697-465F-8CDC-53A1EA7110EB}
[2009/05/20 10:23:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{17A03471-20EB-4604-8E72-66EF7398750D}
[2009/08/01 18:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Anvil Studio
[2007/05/02 09:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\AVG7
[2008/01/27 03:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\bang
[2009/06/19 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\BitTorrent
[2008/04/29 21:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Clickteam
[2008/05/08 15:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Datel
[2010/07/06 00:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\DNA
[2008/12/30 23:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Eltima Software
[2007/08/23 17:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Eyeblaster
[2009/10/07 19:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\GameHouse
[2007/07/30 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\gtk-2.0
[2009/01/10 16:36:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ijjigame
[2008/01/21 16:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\interMute
[2004/11/13 18:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Leadertech
[2007/09/12 20:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\LEGO Company
[2009/05/30 03:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\MilkShape 3D 1.x.x
[2010/01/18 18:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Music Recognition
[2007/12/12 19:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Nexon
[2009/06/17 14:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Notepad++
[2008/07/01 19:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\OpenArena
[2008/01/16 20:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\PE Explorer
[2008/10/04 17:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Publish Providers
[2010/06/14 21:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\River Past G5
[2003/10/11 08:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\SampleView
[2010/03/14 23:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ShanghaiAlice
[2008/12/13 22:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Sony
[2010/03/18 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Steinberg
[2009/07/17 16:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\SystemRequirementsLab
[2009/12/22 21:19:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\TeamViewer
[2010/05/11 18:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Template
[2006/01/08 07:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\TuneUp Software
[2008/04/25 18:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Uniblue
[2010/06/20 17:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Unity
[2009/11/24 22:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\VBA-M
[2008/05/12 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Viewpoint
[2010/03/18 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\VST3 Presets
[2009/02/04 21:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\X10 Commander
[2010/07/05 02:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010/07/05 17:50:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/07/04 18:35:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2008/04/25 18:35:08 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
[2008/04/25 17:04:05 | 000,000,338 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpyEraser.job
[2010/06/23 10:24:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Windows Update.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 346 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:408F95E5
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
Anyway, everything seems to be working just fine.
I think I'm clean now. Thanks for the help.
OTL logfile created on: 7/6/2010 12:03:15 AM - Run 2
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 1008 2302 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 106.63 Gb Total Space | 38.78 Gb Free Space | 36.37% Space Free | Partition Type: NTFS
Drive D: | 5.14 Gb Total Space | 0.95 Gb Free Space | 18.51% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-W04GTXLD67
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
PRC - [2010/06/23 14:16:32 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/22 22:07:02 | 000,072,704 | ---- | M] (Autodesk) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2009/11/12 18:54:39 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\DNA\btdna.exe
PRC - [2009/07/27 02:50:06 | 003,874,088 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe
PRC - [2009/07/27 02:37:30 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009/03/15 05:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/02/05 16:08:45 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/29 10:13:14 | 001,424,648 | ---- | M] (Uniblue Software) -- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
PRC - [2007/04/16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/09/29 13:48:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
PRC - [2006/05/12 13:33:22 | 000,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2004/06/15 22:17:38 | 000,069,705 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\main\atidtct.exe
PRC - [2004/05/06 16:22:28 | 002,401,280 | ---- | M] (Cisco Linksys Corporation) -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
PRC - [2004/04/16 06:43:58 | 000,196,608 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.EXE
PRC - [2004/03/10 21:57:06 | 000,045,056 | ---- | M] () -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
PRC - [2004/02/06 23:56:14 | 000,041,025 | ---- | M] (GEMTEKS) -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
========== Modules (SafeList) ==========
MOD - [2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Running] -- -- (WUSB54Gv2SVC)
SRV - File not found [On_Demand | Stopped] -- -- (Tomcat5)
SRV - [2010/01/22 22:07:02 | 000,072,704 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009/08/23 16:50:00 | 003,330,164 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/07/27 02:37:30 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2009/02/05 16:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/02/05 16:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/02/05 16:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/02/05 16:01:25 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008/05/23 13:12:42 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/09/19 17:07:15 | 000,068,096 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/09/29 13:48:06 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe -- (mi-raysat_3dsmax9_32) mental ray 3.5 Satellite (32-bit)
SRV - [2005/08/11 00:17:28 | 000,118,272 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010/07/05 16:51:24 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2010/06/11 19:05:03 | 000,028,256 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2009/09/29 23:18:22 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/08/03 10:57:52 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/04/17 17:28:52 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\hwinterface.sys -- (hwinterface)
DRV - [2009/03/15 05:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/02/05 16:08:10 | 000,094,032 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009/02/05 16:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/02/05 16:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/02/05 16:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/02/05 16:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/02/05 16:05:11 | 000,026,944 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008/03/01 16:03:59 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/12/08 18:43:21 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2007/10/03 09:08:51 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007/04/25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/05/12 13:21:22 | 000,401,664 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/12 13:20:04 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/12 13:20:00 | 000,222,876 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2006/05/12 13:19:04 | 001,342,602 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/12 13:17:18 | 000,030,363 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/12 13:16:44 | 000,057,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/12 13:13:46 | 000,148,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/12 13:12:48 | 000,044,163 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2005/10/17 19:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/01/04 13:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 23:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/04/23 23:43:00 | 000,374,752 | ---- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WUSBGXP.sys -- (PRISM_A02)
DRV - [2003/12/15 12:28:46 | 000,257,872 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atirwvd.sys -- (ATI Remote Wonder II)
DRV - [2003/12/12 19:03:10 | 000,652,689 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/09/25 22:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/09/03 01:51:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/07/30 04:15:00 | 000,126,348 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvcap.sys -- (nvcap) nVidia WDM Video Capture (universal)
DRV - [2003/07/30 04:15:00 | 000,013,006 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvxbar.sys -- (NVXBAR)
DRV - [2003/07/02 13:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2003/06/19 03:59:00 | 000,140,800 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/30 00:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qus10.hpwis.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: bug489729@alice0775:1.3
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.26
FF - prefs.js..extensions.enabledItems: [email protected]:0.12.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}:5.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}:5.0.17
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {3335F91D-2AEF-4097-B831-C96C60349822}:1.4.3
FF - prefs.js..extensions.enabledItems: {792BDDFE-2E7C-42ed-B18D-18154D2761BD}:0.9.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.4
FF - prefs.js..extensions.enabledItems: {89f8dde0-010a-11da-8cd6-0800200c9a66}:1.0.0.20
FF - prefs.js..extensions.enabledItems: {d596c130-b00a-11db-abbd-0800200c9a66}:2.080708
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/23 14:17:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/23 14:17:15 | 000,000,000 | ---D | M]
[2008/10/27 19:09:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Extensions
[2010/07/05 17:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions
[2010/06/22 04:03:25 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/08/25 08:11:30 | 000,000,000 | ---D | M] (Leet Key) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{3335F91D-2AEF-4097-B831-C96C60349822}
[2009/12/13 22:29:37 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2009/06/03 20:50:35 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/10/07 06:53:54 | 000,000,000 | ---D | M] (TabRenamizer) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}
[2010/06/22 04:03:26 | 000,000,000 | ---D | M] (Yahoo! Mail Notifier) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{89f8dde0-010a-11da-8cd6-0800200c9a66}
[2010/06/05 13:06:53 | 000,000,000 | ---D | M] (Easy Youtube Video Downloader) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2010/06/05 13:06:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008/10/27 19:12:40 | 000,000,000 | ---D | M] (Miint) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\{d596c130-b00a-11db-abbd-0800200c9a66}
[2009/09/21 16:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\bug489729@alice0775
[2009/11/21 20:23:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2010/06/05 13:06:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2009/11/27 18:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Profiles\v0vskgvl.default\extensions\[email protected]
[2010/07/05 17:15:15 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/05/18 20:20:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
[2009/01/30 08:13:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}
[2007/08/15 19:05:00 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
[2008/12/10 20:21:54 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
[2008/09/10 02:39:42 | 000,075,184 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2006/10/13 15:09:24 | 000,638,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2008/05/12 16:52:59 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint_03050024.dll
O1 HOSTS File: ([2010/07/05 17:53:05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE (ATI Technologies Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe ()
O4 - HKCU..\Run: [ATI Launchpad] C:\Program Files\ATI Multimedia\main\launchpd.exe (ATI Technologies Inc.)
O4 - HKCU..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe (ATI Technologies Inc.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [NVIEW] C:\WINDOWS\System32\nview.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [Uniblue SpyEraser] C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe (Uniblue Software)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1233364808906 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/10/11 05:16:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 90 Days ==========
[2010/07/05 20:44:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/07/05 17:19:21 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/07/05 17:19:21 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/07/05 17:19:21 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/07/05 17:19:21 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/05 17:17:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/05 17:14:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/05 16:48:23 | 001,013,584 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\TDSSKiller.exe
[2010/07/05 16:34:15 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/02 17:14:25 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
[2010/07/02 16:52:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brick_invcrest
[2010/07/01 22:32:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\PrivacIE
[2010/06/30 16:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Malwarebytes
[2010/06/30 16:00:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/30 16:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/30 16:00:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/30 16:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/29 23:29:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\yukari_mb
[2010/06/29 23:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\105THchars_M
[2010/06/29 21:05:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Imperishable Night
[2010/06/29 01:28:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Perfect Cherry Blossom
[2010/06/27 20:49:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\The Embodiment of Scarlet Devil
[2010/06/24 14:39:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\lhsp
[2010/06/22 19:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\StreetStrifer HomeStruck
[2010/06/20 17:49:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Unity
[2010/06/20 16:56:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\Unity
[2010/06/18 21:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\PFPortChecker
[2010/06/15 02:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ShameimaruCam
[2010/06/14 21:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010/06/14 21:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\WMV9_VCM
[2010/06/14 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\River Past G5
[2010/06/14 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2010/06/14 21:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\River Past
[2010/06/14 21:27:56 | 000,000,000 | ---D | C] -- C:\Program Files\River Past
[2010/06/09 16:09:05 | 000,000,000 | ---D | C] -- C:\Program Files\LEGO Island
[2010/06/08 10:27:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\IETldCache
[2010/06/07 20:13:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/06/06 13:09:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/06/05 15:41:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\pxnvisrwt
[2010/06/05 14:27:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/06/05 14:27:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/05/14 18:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Fake Webcam
[2010/05/11 18:15:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Template
[2010/05/10 06:22:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Mountain of Faith
[2010/05/07 14:42:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\MysticalChain
[2010/04/28 16:10:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\Temp
[2010/04/26 07:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Game_Maker8
[2010/04/12 06:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\N8
[2010/04/10 16:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\FOnline
[2010/04/08 06:01:53 | 000,000,000 | ---D | C] -- C:\Program Files\Torque
[2008/09/03 19:57:42 | 000,131,072 | R--- | C] ( ) -- C:\WINDOWS\System32\ATIDEMGR.dll
[2008/08/02 17:45:04 | 000,103,424 | ---- | C] ( ) -- C:\WINDOWS\System32\nUI_nat.dll
[35 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010/07/05 23:17:00 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2899075602-3811207098-2694297558-1003UA.job
[2010/07/05 21:16:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2899075602-3811207098-2694297558-1003Core.job
[2010/07/05 17:56:02 | 000,000,243 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/05 17:53:52 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/07/05 17:53:21 | 000,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/07/05 17:53:05 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/05 17:52:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/05 17:50:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/07/05 17:47:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/05 17:47:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/05 17:46:59 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/05 17:45:39 | 020,447,232 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\ntuser.dat
[2010/07/05 17:45:39 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\ntuser.ini
[2010/07/05 16:39:43 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/07/05 16:18:27 | 000,002,440 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Google Chrome.lnk
[2010/07/05 02:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010/07/04 18:35:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
[2010/07/02 17:14:25 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\OTL.exe
[2010/07/02 14:48:37 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/07/01 22:38:11 | 003,725,496 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ComboFix.exe
[2010/07/01 16:11:19 | 000,076,484 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2368599.png
[2010/07/01 16:09:44 | 000,147,956 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5155101.png
[2010/07/01 16:09:33 | 000,063,739 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5389529.png
[2010/07/01 16:08:19 | 000,029,753 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\7721616.png
[2010/07/01 16:07:12 | 000,144,009 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\9937788.png
[2010/07/01 04:29:28 | 000,301,790 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\1274097738954.png
[2010/07/01 03:34:40 | 000,004,229 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sanecho.png
[2010/07/01 03:08:40 | 000,109,836 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Tifa__who_did_this_to_you___by_ShadowAshi.jpg
[2010/06/30 17:25:08 | 001,013,584 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\TDSSKiller.exe
[2010/06/30 16:00:43 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:04:47 | 000,138,702 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Gap.png
[2010/06/27 17:43:12 | 000,002,768 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\koakuma.png
[2010/06/27 01:40:18 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\logho.png
[2010/06/26 23:39:33 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Toribash.lnk
[2010/06/26 16:20:22 | 000,045,377 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.gif
[2010/06/26 16:06:55 | 000,006,002 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\almighty peej.png
[2010/06/26 16:01:19 | 000,028,687 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2ynf7l1.gif
[2010/06/26 15:52:40 | 000,011,640 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.png
[2010/06/26 14:27:36 | 000,002,729 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\6019.png
[2010/06/26 02:24:35 | 000,003,991 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Orin.png
[2010/06/25 23:43:07 | 000,257,227 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\[bleep]s like a tiger.png
[2010/06/25 14:39:03 | 000,002,560 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\bmd.png
[2010/06/24 14:49:58 | 000,032,606 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\report.wav
[2010/06/24 14:49:44 | 000,049,986 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\girlfriend.wav
[2010/06/24 14:49:10 | 000,038,326 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brother.wav
[2010/06/24 14:48:55 | 000,045,586 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\lostmyemeralds.wav
[2010/06/24 14:48:08 | 000,115,546 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\superbionic.wav
[2010/06/24 14:46:58 | 000,047,126 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\original.wav
[2010/06/24 14:44:27 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Speakonia.lnk
[2010/06/24 14:38:13 | 000,064,084 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor3.png
[2010/06/24 14:34:51 | 000,065,649 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor2.png
[2010/06/24 14:34:42 | 000,146,012 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor1.png
[2010/06/24 14:31:14 | 000,199,717 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sonic_sonicx.png
[2010/06/24 02:56:15 | 000,000,881 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/23 22:07:29 | 000,152,714 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\easy mode.png
[2010/06/23 21:23:54 | 000,201,216 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/23 10:24:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Windows Update.job
[2010/06/22 19:54:14 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\StreetStrifer HomeStruck.lnk
[2010/06/21 19:34:15 | 004,728,162 | -H-- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Local Settings\Application Data\IconCache.db
[2010/06/21 19:34:02 | 000,520,415 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ssss.png
[2010/06/18 21:54:44 | 000,000,750 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\PFPortChecker.lnk
[2010/06/14 21:39:03 | 000,162,785 | ---- | M] () -- C:\WINDOWS\Animated GIF Converter and Booster Pack Uninstaller.exe
[2010/06/14 21:28:15 | 000,165,898 | ---- | M] () -- C:\WINDOWS\Video Cleaner Uninstaller.exe
[2010/06/13 22:43:23 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Cheat Engine.lnk
[2010/06/11 19:05:03 | 000,028,256 | ---- | M] (MusicMatch, Inc.) -- C:\WINDOWS\System32\drivers\MxlW2k.sys
[2010/06/08 10:27:11 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/06/04 14:45:43 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sleep is Death.lnk
[2010/05/26 13:03:44 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/19 17:18:10 | 000,204,086 | ---- | M] () -- C:\scaledbunny.png
[2010/05/19 17:18:06 | 000,000,052 | ---- | M] () -- C:\Copy of scaler.bat
[2010/05/19 17:11:38 | 000,053,526 | ---- | M] () -- C:\bunny.png
[2010/05/12 05:56:25 | 000,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.INI
[2010/04/30 19:28:48 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sonic Robo Blast 2.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/28 06:07:21 | 000,399,144 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/27 17:16:09 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Half-Life 2.lnk
[2010/04/27 17:15:39 | 000,001,624 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Counter-Strike Source.lnk
[2010/04/27 17:13:12 | 000,001,626 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Garry's Mod.lnk
[2010/04/26 17:26:59 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint.NET.lnk
[2010/04/26 17:19:47 | 000,104,000 | ---- | M] () -- C:\WINDOWS\System32\GDIPFONTCACHEV1.DAT
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/26 07:39:05 | 000,000,842 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Hisoutensoku English.lnk
[2010/04/26 07:33:14 | 000,000,721 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Game Maker.lnk
[2010/04/10 16:44:00 | 000,000,497 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\FOnline 2238 Launcher.lnk
[2010/04/08 06:02:17 | 000,000,819 | ---- | M] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Torque Constructor.lnk
========== Files Created - No Company Name ==========
[2010/07/05 17:19:21 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/05 17:19:21 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/07/05 17:19:21 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/07/05 17:19:21 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/05 17:19:21 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/05 17:10:27 | 003,725,496 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ComboFix.exe
[2010/07/05 16:39:43 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/07/05 16:39:38 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/07/03 09:10:43 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\gmer.exe
[2010/07/01 16:11:18 | 000,076,484 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2368599.png
[2010/07/01 16:09:43 | 000,147,956 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5155101.png
[2010/07/01 16:09:32 | 000,063,739 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\5389529.png
[2010/07/01 16:08:18 | 000,029,753 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\7721616.png
[2010/07/01 16:07:11 | 000,144,009 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\9937788.png
[2010/07/01 04:29:24 | 000,301,790 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\1274097738954.png
[2010/07/01 03:33:45 | 000,004,229 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sanecho.png
[2010/07/01 03:08:36 | 000,109,836 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Tifa__who_did_this_to_you___by_ShadowAshi.jpg
[2010/06/30 16:00:43 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/29 23:04:04 | 000,138,702 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Gap.png
[2010/06/27 17:43:05 | 000,002,768 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\koakuma.png
[2010/06/27 01:40:18 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\logho.png
[2010/06/26 23:39:33 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Toribash.lnk
[2010/06/26 16:20:20 | 000,045,377 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.gif
[2010/06/26 16:06:55 | 000,006,002 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\almighty peej.png
[2010/06/26 16:00:20 | 000,028,687 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\2ynf7l1.gif
[2010/06/26 15:52:40 | 000,011,640 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\hina.png
[2010/06/26 14:27:36 | 000,002,729 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\6019.png
[2010/06/26 02:24:34 | 000,003,991 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Orin.png
[2010/06/25 23:43:07 | 000,257,227 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\[bleep]s like a tiger.png
[2010/06/25 14:38:53 | 000,002,560 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\bmd.png
[2010/06/24 14:49:58 | 000,032,606 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\report.wav
[2010/06/24 14:49:44 | 000,049,986 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\girlfriend.wav
[2010/06/24 14:49:09 | 000,038,326 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\brother.wav
[2010/06/24 14:48:55 | 000,045,586 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\lostmyemeralds.wav
[2010/06/24 14:48:08 | 000,115,546 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\superbionic.wav
[2010/06/24 14:46:58 | 000,047,126 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\original.wav
[2010/06/24 14:44:27 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Microsoft\Internet Explorer\Quick Launch\Speakonia.lnk
[2010/06/24 14:38:12 | 000,064,084 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor3.png
[2010/06/24 14:34:51 | 000,065,649 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor2.png
[2010/06/24 14:34:17 | 000,146,012 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\recolor1.png
[2010/06/24 14:31:13 | 000,199,717 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\sonic_sonicx.png
[2010/06/23 22:07:28 | 000,152,714 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\easy mode.png
[2010/06/22 19:54:13 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\StreetStrifer HomeStruck.lnk
[2010/06/21 19:34:02 | 000,520,415 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\ssss.png
[2010/06/18 21:54:44 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\PFPortChecker.lnk
[2010/06/14 21:39:01 | 000,162,785 | ---- | C] () -- C:\WINDOWS\Animated GIF Converter and Booster Pack Uninstaller.exe
[2010/06/14 21:28:10 | 000,165,898 | ---- | C] () -- C:\WINDOWS\Video Cleaner Uninstaller.exe
[2010/06/13 22:43:23 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Cheat Engine.lnk
[2010/06/04 14:45:43 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sleep is Death.lnk
[2010/05/19 17:18:09 | 000,204,086 | ---- | C] () -- C:\scaledbunny.png
[2010/05/19 17:11:37 | 000,053,526 | ---- | C] () -- C:\bunny.png
[2010/04/30 19:28:47 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Sonic Robo Blast 2.lnk
[2010/04/27 17:16:09 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Half-Life 2.lnk
[2010/04/27 17:15:39 | 000,001,624 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Counter-Strike Source.lnk
[2010/04/27 17:13:11 | 000,001,626 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Garry's Mod.lnk
[2010/04/26 07:39:05 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Hisoutensoku English.lnk
[2010/04/26 07:33:14 | 000,000,721 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Game Maker.lnk
[2010/04/10 16:44:00 | 000,000,497 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\FOnline 2238 Launcher.lnk
[2010/04/09 15:27:41 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/04/08 06:02:17 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Desktop\Torque Constructor.lnk
[2010/01/23 15:04:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010/01/02 18:41:32 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mmpro.ini
[2009/09/25 17:20:28 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009/05/28 23:13:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009/05/23 22:56:14 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/05/23 22:56:06 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/05/23 22:56:06 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/05/03 16:07:19 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/04/17 17:12:52 | 000,000,175 | ---- | C] () -- C:\WINDOWS\W2W.ini
[2009/04/17 16:13:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2009/01/14 22:46:43 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\VSCWR12.dll
[2008/12/30 23:08:52 | 000,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2008/12/14 17:08:49 | 000,000,016 | ---- | C] () -- C:\WINDOWS\entpack.ini
[2008/11/13 16:43:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/11/05 20:34:58 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\770DD48848.sys
[2008/11/05 20:34:55 | 000,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008/10/03 18:07:10 | 003,754,896 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-6.dll
[2008/09/28 12:33:01 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2008/09/06 12:33:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2008/08/28 06:20:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2008/08/28 06:17:22 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2008/08/28 06:17:20 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\NormalizeDSP.dll
[2008/08/02 00:49:50 | 000,036,972 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008/08/01 23:48:02 | 000,163,840 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLJNI12.dll
[2008/08/01 23:48:02 | 000,163,840 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLJNI.dll
[2008/08/01 23:48:02 | 000,069,632 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGljJNI.dll
[2008/08/01 23:48:02 | 000,065,536 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGljJNI12.dll
[2008/08/01 23:48:02 | 000,057,344 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLUJNI.dll
[2008/08/01 23:48:02 | 000,053,248 | ---- | C] () -- C:\WINDOWS\GL4JavaJauGLUJNI12.dll
[2008/08/01 23:48:02 | 000,036,864 | ---- | C] () -- C:\WINDOWS\GL4JavaGljMSJDirect.dll
[2008/07/23 11:50:52 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/07/23 11:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/07/23 11:47:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/07/23 11:46:38 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/07/21 21:53:43 | 000,000,035 | ---- | C] () -- C:\WINDOWS\WDIRECT.INI
[2008/06/19 14:48:13 | 000,473,600 | ---- | C] () -- C:\WINDOWS\System32\Harmony.dll
[2008/06/19 14:48:13 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\Unlha32.dll
[2008/05/29 22:45:40 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\NemuAudio08.ini
[2008/05/23 13:50:08 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/03/28 18:36:46 | 000,001,667 | ---- | C] () -- C:\WINDOWS\savegam.ini
[2008/02/25 20:14:11 | 000,000,126 | ---- | C] () -- C:\WINDOWS\64DISASM.INI
[2008/02/20 20:58:39 | 000,000,065 | ---- | C] () -- C:\WINDOWS\NARBACULARDROP.INI
[2007/12/08 18:43:14 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007/12/08 18:43:14 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2007/12/08 18:43:04 | 000,001,512 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2007/12/05 20:33:00 | 000,000,200 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/11/11 21:19:03 | 000,000,009 | ---- | C] () -- C:\WINDOWS\NS3Tails.INI
[2007/11/11 21:17:12 | 000,000,009 | ---- | C] () -- C:\WINDOWS\NS3Amy.INI
[2007/11/11 21:14:39 | 000,000,008 | ---- | C] () -- C:\WINDOWS\NS3Sonic.INI
[2007/11/11 21:05:37 | 000,000,010 | ---- | C] () -- C:\WINDOWS\NS3Knux.INI
[2007/11/05 08:52:30 | 000,000,398 | ---- | C] () -- C:\WINDOWS\AudioConverter.INI
[2007/08/23 17:25:21 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/08/09 18:33:56 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/08/09 18:33:53 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/07/31 18:14:13 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus4.INI
[2007/07/31 18:07:39 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus3.INI
[2007/07/31 17:51:36 | 000,000,012 | ---- | C] () -- C:\WINDOWS\nsgsbonus2.INI
[2007/07/19 20:41:57 | 000,000,014 | ---- | C] () -- C:\WINDOWS\NSGSSave.INI
[2007/07/19 20:39:16 | 000,001,857 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2007/07/19 20:23:58 | 000,000,031 | ---- | C] () -- C:\WINDOWS\NSGSLampPost.INI
[2007/07/19 20:11:11 | 000,000,015 | ---- | C] () -- C:\WINDOWS\zzzzNSGS2ZONES.INI
[2007/07/19 19:58:16 | 000,000,035 | ---- | C] () -- C:\WINDOWS\NSGS2LampPost.INI
[2007/07/19 19:06:16 | 000,000,145 | ---- | C] () -- C:\WINDOWS\chaobatt.ini
[2007/07/19 18:57:52 | 000,000,043 | ---- | C] () -- C:\WINDOWS\su3.ini
[2007/07/11 18:46:52 | 000,000,056 | ---- | C] () -- C:\WINDOWS\kgt2k.INI
[2007/07/03 02:27:44 | 000,167,133 | ---- | C] () -- C:\WINDOWS\libgimp-2.0-0.dll
[2007/06/24 20:47:29 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/06/17 22:51:40 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/04/12 18:23:52 | 000,000,161 | ---- | C] () -- C:\WINDOWS\option.ini
[2007/03/07 19:24:52 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2007/02/26 08:53:37 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/01/30 20:31:46 | 000,002,372 | ---- | C] () -- C:\WINDOWS\EaseAudioConverter.ini
[2007/01/27 10:10:00 | 000,000,656 | ---- | C] () -- C:\WINDOWS\kaillera.ini
[2007/01/06 03:11:25 | 000,000,050 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2006/12/27 18:45:40 | 000,000,009 | ---- | C] () -- C:\WINDOWS\qte3.INI
[2006/12/27 18:40:49 | 000,000,010 | ---- | C] () -- C:\WINDOWS\qte3_cd.ini
[2006/12/27 13:06:53 | 000,001,452 | ---- | C] () -- C:\WINDOWS\stasavegame.INI
[2006/12/02 22:21:08 | 000,000,023 | ---- | C] () -- C:\WINDOWS\clofghls.dll
[2006/12/02 22:19:39 | 000,000,020 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2006/11/18 00:39:30 | 000,000,421 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2006/11/11 21:11:21 | 000,000,209 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2006/11/06 15:30:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/09/18 23:22:32 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\LPubRay.dll
[2006/09/09 10:28:52 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\glut32.dll
[2006/05/12 13:23:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006/04/14 11:37:26 | 000,000,031 | ---- | C] () -- C:\WINDOWS\aceg.ini
[2005/08/30 01:00:00 | 000,781,312 | ---- | C] () -- C:\WINDOWS\System32\RGSS102J.dll
[2005/08/30 01:00:00 | 000,778,752 | ---- | C] () -- C:\WINDOWS\System32\RGSS102E.dll
[2005/08/30 01:00:00 | 000,771,584 | ---- | C] () -- C:\WINDOWS\System32\RGSS100J.dll
[2005/05/08 05:19:28 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
[2005/01/15 18:55:09 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD_Start.INI
[2004/09/17 17:37:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2004/01/28 11:42:06 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2003/10/14 08:52:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/10/14 08:51:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/10/14 08:35:01 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/10/11 07:51:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2003/10/11 07:50:32 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2003/10/11 07:50:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2003/10/11 07:45:41 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/10/11 07:40:57 | 000,029,222 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2003/10/11 07:40:38 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/10/11 07:40:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/10/11 07:29:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/10/11 07:16:42 | 000,000,889 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/10/11 06:15:11 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/10/11 06:07:05 | 000,126,348 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvcap.sys
[2003/10/11 05:39:21 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/10/11 05:39:21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/10/11 05:39:04 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/10/11 05:19:00 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/10/11 05:06:45 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/10/11 02:10:46 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/10/11 02:10:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2003/01/08 00:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/06 02:01:58 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\asutl8.dll
[2002/05/15 23:29:04 | 000,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 18:18:00 | 000,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2008/08/28 18:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AGS Demo Game
[2010/01/22 21:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2007/12/08 00:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG7
[2006/11/11 21:31:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009/01/10 16:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IJJIGame
[2007/08/23 17:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\n7-89-o9-3r-4t-r9
[2006/11/16 17:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QubeSoft
[2010/06/14 21:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\River Past G5
[2008/10/04 17:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010/03/18 17:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Steinberg
[2010/06/14 16:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/10/21 19:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2007/12/08 00:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2008/04/25 17:03:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uniblue
[2007/01/23 17:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/02/27 13:48:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtuallTek
[2006/11/18 12:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/01/04 02:55:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YoGen
[2006/12/21 14:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{0727B42B-1697-465F-8CDC-53A1EA7110EB}
[2009/05/20 10:23:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{17A03471-20EB-4604-8E72-66EF7398750D}
[2009/08/01 18:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Anvil Studio
[2007/05/02 09:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\AVG7
[2008/01/27 03:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\bang
[2009/06/19 22:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\BitTorrent
[2008/04/29 21:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Clickteam
[2008/05/08 15:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Datel
[2010/07/06 00:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\DNA
[2008/12/30 23:14:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Eltima Software
[2007/08/23 17:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Eyeblaster
[2009/10/07 19:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\GameHouse
[2007/07/30 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\gtk-2.0
[2009/01/10 16:36:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ijjigame
[2008/01/21 16:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\interMute
[2004/11/13 18:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Leadertech
[2007/09/12 20:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\LEGO Company
[2009/05/30 03:12:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\MilkShape 3D 1.x.x
[2010/01/18 18:42:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Music Recognition
[2007/12/12 19:38:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Nexon
[2009/06/17 14:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Notepad++
[2008/07/01 19:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\OpenArena
[2008/01/16 20:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\PE Explorer
[2008/10/04 17:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Publish Providers
[2010/06/14 21:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\River Past G5
[2003/10/11 08:03:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\SampleView
[2010/03/14 23:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\ShanghaiAlice
[2008/12/13 22:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Sony
[2010/03/18 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Steinberg
[2009/07/17 16:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\SystemRequirementsLab
[2009/12/22 21:19:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\TeamViewer
[2010/05/11 18:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Template
[2006/01/08 07:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\TuneUp Software
[2008/04/25 18:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Uniblue
[2010/06/20 17:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Unity
[2009/11/24 22:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\VBA-M
[2008/05/12 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\Viewpoint
[2010/03/18 17:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\VST3 Presets
[2009/02/04 21:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner.YOUR-W04GTXLD67.000\Application Data\X10 Commander
[2010/07/05 02:15:00 | 000,000,390 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010/07/05 17:50:14 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/07/04 18:35:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2008/04/25 18:35:08 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
[2008/04/25 17:04:05 | 000,000,338 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpyEraser.job
[2010/06/23 10:24:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Windows Update.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0F8F5844
@Alternate Data Stream - 346 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 193 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:408F95E5
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4B7BEAFF
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
Attached Files
-
ComboFix.txt 29.29KB
100 downloads
-
07052010_163415.log.txt 26.26KB
99 downloads
-
OTL.Txt 136.49KB
57 downloads
-
log.txt 29.29KB
67 downloads
Edited by Essexboy, 06 July 2010 - 12:35 PM.
#6
Posted 06 July 2010 - 12:39 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Just a few more bits to remove and then I will clear my tools and tidy you up 
1. Please open Notepad
2. Now copy/paste the entire content of the codebox below into the Notepad window:
3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES
4. Save the above as CFScript.txt
5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.
6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
THEN
Please download Malwarebytes' Anti-Malware from Here.
Double Click mbam-setup.exe to install the application.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
1. Please open Notepad
- Click Start , then Run
- Type notepad .exe in the Run Box.
2. Now copy/paste the entire content of the codebox below into the Notepad window:
File:: c:\docume~1\OWNERY~1.000\LOCALS~1\Temp\pnicml.sys Driver:: pnicml
3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES
4. Save the above as CFScript.txt
5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.
6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
- Combofix.txt .
THEN
Please download Malwarebytes' Anti-Malware from Here.Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
#7
Posted 06 July 2010 - 10:49 PM
Peejster
- Topic Starter
-
- Member
-
- 4 posts
New Member
Logs.
Attached Files
-
mbam_log_2010_07_06__23_30_26_.txt 895bytes
88 downloads
-
ComboFix.txt 21KB
125 downloads
#8
Posted 07 July 2010 - 12:35 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
That does not look to shabby - subject to no further problems
I will remove my tools now and give some recommendations, but I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
Click Start > Run and copy/paste the following bolded text into the Run box and click OK:
ComboFix /Uninstall
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems
Upgrading Java:
SPRING CLEAN
Download and run Puran Disc Defragmenter
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe
I will remove my tools now and give some recommendations, but I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:Commands [resethosts] [purity] [emptytemp] [EMPTYFLASH] [CLEARALLRESTOREPOINTS] [Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
Click Start > Run and copy/paste the following bolded text into the Run box and click OK:
ComboFix /Uninstall
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
- Click Start.
- Open My Computer.
- Select the Tools menu and click Folder Options.
- Select the View Tab.
- Under the Hidden files and folders heading select Do not show hidden files and folders.
- Click Yes to confirm.
- Click OK.
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systemsUpgrading Java:
- Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 20.
- Click the "Download" button to the right.
- Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
- Click on Continue.
- Click on the link to download Windows Offline Installation (jre-6u20-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
- Close any programs you may have running - especially your web browser.
- Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java version.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u20-windows-i586-p.exe and select "Run as an Administrator.")
SPRING CLEAN
Download and run Puran Disc Defragmenter
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
- SpywareBlaster to help prevent spyware from installing in the first place.
Malwarebytes. Run weekly to keep your system clean
To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe
#9
Posted 08 July 2010 - 12:21 PM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
