Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

file permissions

Started by wizzy2k5 , Jul 18 2010 06:44 AM

  • Please log in to reply

#1
wizzy2k5
Posted 18 July 2010 - 06:44 AM

wizzy2k5

    Member 1K

  • Member
  • PipPipPipPip
  • 1,057 posts
For some reason or other whenever I try to run a report to my hard drive I keep getting a message saying I need permissions when I am an administrator :s I did recently have a virus which got removed by Malware Bytes and I know their detection rate is good.

I have attached a file so you can see what's what. I've alao tried taking ownership within the security tab and it came up with cannot change permissions of root directory which that has never happened with my time using windows xp / vista or Windows 7 which I am now using.

These entries I know what they are

[2010/07/18 01:39:18 | 000,621,944 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\pskill.exe
[2010/07/18 01:39:18 | 000,220,024 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\sigcheck.exe
[2010/07/18 01:39:18 | 000,207,664 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\psshutdown.exe
[2010/07/18 01:39:18 | 000,105,264 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\pspasswd.exe

Here is an OTL log for your viewing.

OTL logfile created on: 18/07/2010 13:29:19 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\wizzy\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 74.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.00 Gb Total Space | 54.55 Gb Free Space | 36.61% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JASON-PC
Current User Name: wizzy
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/07/18 13:24:25 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\wizzy\Desktop\OTL.exe
PRC - [2010/06/11 07:57:55 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/06/07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/05/26 12:59:26 | 001,730,944 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010/05/26 12:59:26 | 000,198,528 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/06/04 00:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe
PRC - [2009/06/04 00:49:56 | 001,213,440 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2006/12/22 07:31:50 | 000,108,712 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe


========== Modules (SafeList) ==========

MOD - [2010/07/18 13:24:25 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\wizzy\Desktop\OTL.exe
MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/07/02 01:57:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/01 23:51:09 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/06/08 18:45:14 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/06/08 18:43:52 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/06/07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/05/26 12:59:26 | 001,730,944 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/04/27 22:01:00 | 003,530,992 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2006/12/22 07:31:50 | 000,108,712 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)


========== Driver Services (SafeList) ==========

DRV - [2010/06/29 19:14:30 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/06/08 00:57:00 | 010,888,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/06/07 17:09:12 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010/05/14 12:09:54 | 000,063,296 | ---- | M] (Ray Hinchliffe) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SIVX32.sys -- (SIVDRIVER)
DRV - [2010/05/10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/01/28 15:25:03 | 000,068,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/12/11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/14 00:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/06/04 02:48:12 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2009/06/04 02:48:00 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2009/06/04 02:47:50 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2009/06/04 02:47:42 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2009/06/04 02:47:34 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2009/06/04 02:47:24 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2009/06/04 02:47:14 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2009/06/04 02:47:06 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2009/06/04 02:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV - [2009/06/04 02:46:56 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2009/06/04 02:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV - [2009/06/04 02:46:42 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2009/06/04 02:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV - [2009/06/04 02:46:34 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2009/03/01 23:05:32 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DA EE F9 57 1B 26 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/07/08 22:50:26 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\RunServices: [Core Control] c:\program files\core control\cc.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1276547502142 (MUCatalogWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/07/18 13:24:21 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\wizzy\Desktop\OTL.exe
[2010/07/18 03:16:24 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Roaming\Spotify
[2010/07/18 03:16:24 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Local\Spotify
[2010/07/18 03:12:28 | 000,000,000 | ---D | C] -- C:\Users\wizzy\Documents\FFOutput
[2010/07/18 03:02:23 | 000,000,000 | ---D | C] -- C:\Users\wizzy\Documents\My Received Files
[2010/07/18 02:56:31 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Roaming\Opera
[2010/07/18 02:56:31 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Local\Opera
[2010/07/18 02:56:24 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010/07/18 02:53:01 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Local\Windows Live
[2010/07/18 02:52:35 | 000,000,000 | ---D | C] -- C:\Users\wizzy\Tracing
[2010/07/18 02:31:20 | 000,000,000 | ---D | C] -- C:\Users\wizzy\Desktop\stuff
[2010/07/18 02:29:50 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Roaming\Adobe
[2010/07/18 02:28:33 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Searches
[2010/07/18 02:28:33 | 000,000,000 | -H-D | C] -- C:\Users\wizzy\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/07/18 02:28:24 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Roaming\Identities
[2010/07/18 02:28:20 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Contacts
[2010/07/18 02:28:17 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Local\VirtualStore
[2010/07/18 02:28:14 | 000,000,000 | --SD | C] -- C:\Users\wizzy\AppData\Roaming\Microsoft
[2010/07/18 02:28:14 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Videos
[2010/07/18 02:28:14 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Saved Games
[2010/07/18 02:28:14 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Pictures
[2010/07/18 02:28:14 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Music
[2010/07/18 02:28:14 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Links
[2010/07/18 02:28:14 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Favorites
[2010/07/18 02:28:14 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Downloads
[2010/07/18 02:28:14 | 000,000,000 | R--D | C] -- C:\Users\wizzy\My Documents
[2010/07/18 02:28:14 | 000,000,000 | R--D | C] -- C:\Users\wizzy\Desktop
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\AppData\Local\Temporary Internet Files
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\Templates
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\Start Menu
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\SendTo
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\Recent
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\PrintHood
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\NetHood
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\Documents\My Videos
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\Documents\My Pictures
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\Documents\My Music
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\My Documents
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\Local Settings
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\AppData\Local\History
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\Cookies
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\Application Data
[2010/07/18 02:28:14 | 000,000,000 | -HSD | C] -- C:\Users\wizzy\AppData\Local\Application Data
[2010/07/18 02:28:14 | 000,000,000 | -H-D | C] -- C:\Users\wizzy\AppData
[2010/07/18 02:28:14 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Local\Temp
[2010/07/18 02:28:14 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Local\Microsoft
[2010/07/18 02:28:14 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Roaming\Media Center Programs
[2010/07/18 02:28:14 | 000,000,000 | ---D | C] -- C:\Users\wizzy\AppData\Roaming\Macromedia
[2010/07/18 01:39:18 | 000,621,944 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\pskill.exe
[2010/07/18 01:39:18 | 000,220,024 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\sigcheck.exe
[2010/07/18 01:39:18 | 000,207,664 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\psshutdown.exe
[2010/07/18 01:39:18 | 000,105,264 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\pspasswd.exe
[2010/07/16 19:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2010/07/16 19:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/07/16 03:40:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\%DataRoot%
[2010/07/16 02:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/07/16 02:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/07/16 02:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2010/07/13 22:01:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/07/13 22:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010/07/13 22:00:25 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010/07/13 22:00:19 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2010/07/12 15:05:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/07/12 14:15:39 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2010/07/09 17:56:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/07/09 14:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/07/09 14:44:16 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/07/09 12:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2010/07/09 02:38:23 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/07/04 15:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/07/04 01:21:59 | 003,530,992 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2010/07/04 01:21:27 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2010/07/04 01:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010/07/03 20:24:12 | 000,000,000 | ---D | C] -- C:\Ntreev USA
[2010/07/03 20:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010/07/03 20:00:11 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010/07/02 01:58:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/07/02 01:57:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010/07/01 23:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\XP TCPIP Repair
[2010/07/01 21:17:01 | 000,000,000 | ---D | C] -- C:\ProgramData\WNR
[2010/07/01 21:16:54 | 000,000,000 | ---D | C] -- C:\Program Files\Proxy Switcher Standard
[2010/06/29 23:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010/06/29 21:33:20 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/06/29 21:33:06 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2010/06/29 21:32:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010/06/29 21:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/06/29 21:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/06/29 21:32:25 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/06/29 19:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010/06/28 20:08:37 | 000,000,000 | ---D | C] -- C:\Program Files\Atari
[2010/06/28 14:28:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tencent
[2010/06/28 14:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Tencent
[2010/06/28 14:28:07 | 000,000,000 | ---D | C] -- C:\Program Files\Tencent
[2010/06/27 23:29:10 | 000,000,000 | ---D | C] -- C:\Backups
[2010/06/27 22:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Softland
[2010/06/27 22:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2010/06/27 20:34:36 | 000,000,000 | ---D | C] -- C:\Program Files\GCFScape
[2010/06/26 19:53:13 | 000,000,000 | ---D | C] -- C:\Program Files\Declan's Korean Dictionary
[2010/06/26 19:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\Korean HakGyo
[2010/06/26 19:52:16 | 000,000,000 | ---D | C] -- C:\Program Files\ReadWrite Korean
[2010/06/25 23:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/06/25 23:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\NATEON
[2010/06/25 17:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\oZone3D
[2010/06/25 01:44:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/06/25 01:44:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/06/25 01:44:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/06/25 01:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/25 01:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/06/25 01:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/06/25 01:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/06/25 01:42:42 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/25 01:42:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/06/25 01:42:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/06/23 21:37:28 | 000,000,000 | ---D | C] -- C:\!KillBox
[2010/06/23 14:41:15 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\System32\ssubtmr6.dll
[2010/06/23 14:41:15 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\Windows\System32\trayicon_handler.ocx
[2010/06/23 14:41:15 | 000,028,672 | ---- | C] (-) -- C:\Windows\System32\mousewheel.ocx
[2010/06/23 14:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\DVD Flick
[2010/06/23 14:35:14 | 000,000,000 | ---D | C] -- C:\Fraps
[2010/06/22 23:37:36 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/06/22 10:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
[2010/06/21 22:35:42 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/06/21 16:35:40 | 000,158,520 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\whois.exe
[2010/06/20 23:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/06/20 23:32:06 | 000,000,000 | ---D | C] -- C:\Program Files\MultiTranse
[2010/06/18 23:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Runes of Magic
[2010/06/15 02:47:24 | 000,086,016 | ---- | C] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll
[2010/06/14 21:15:19 | 000,000,000 | ---D | C] -- C:\Program Files\Scream Machines
[2010/06/14 20:48:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Avery
[2010/06/14 20:48:22 | 000,000,000 | ---D | C] -- C:\Program Files\Avery Dennison
[2010/06/13 13:47:50 | 000,000,000 | ---D | C] -- C:\Program Files\NoLimits Track Packager
[2010/06/13 13:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/06/13 13:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\ClubDJ Pro
[2010/06/13 13:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Inno Setup 5
[2010/06/13 12:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\3D Live Snooker
[2010/06/13 11:08:43 | 000,063,296 | ---- | C] (Ray Hinchliffe) -- C:\Windows\System32\drivers\SIVX32.sys
[2010/06/11 08:08:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/06/09 20:57:43 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010/06/09 20:57:39 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/06/09 20:57:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/06/09 20:57:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/06/09 20:56:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/06/09 19:12:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/06/09 19:12:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/06/09 19:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/09 19:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/09 16:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2010/06/09 03:14:36 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/06/09 03:14:21 | 000,000,000 | -HSD | C] -- C:\Boot
[2010/06/08 20:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/06/08 20:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/06/08 20:22:30 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/06/08 19:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\Namo
[2010/06/08 19:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ISTempNamo
[2010/06/08 19:06:07 | 000,000,000 | ---D | C] -- C:\Program Files\Spotify
[2010/06/08 18:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\NoLimits Coasters v1.6
[2010/06/08 18:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/06/08 18:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2010/06/08 18:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Creative Labs Shared
[2010/06/08 18:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2010/06/08 18:42:44 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010/06/08 18:42:44 | 000,109,080 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010/06/08 18:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2010/06/08 18:41:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\Data
[2010/06/08 18:41:16 | 000,011,776 | ---- | C] (Creative Technology Limited) -- C:\Windows\INRES.DLL
[2010/06/08 18:41:07 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/06/08 18:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/06/08 18:40:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/06/08 18:40:24 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/06/08 18:39:18 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010/06/08 18:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/06/08 18:32:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010/06/08 18:31:38 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010/06/08 18:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/06/08 18:27:51 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010/06/08 18:18:53 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/06/08 18:16:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010/05/23 12:13:31 | 000,000,000 | ---D | C] -- C:\2ee53473a2d096270302d774192966
[2010/05/21 21:47:26 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/05/19 22:40:56 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/05/19 22:20:38 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2009/06/04 00:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/07/18 13:30:52 | 001,048,576 | -HS- | M] () -- C:\Users\wizzy\NTUSER.DAT
[2010/07/18 13:25:28 | 000,044,943 | ---- | M] () -- C:\Users\wizzy\Desktop\privlidge.jpg
[2010/07/18 13:24:25 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\wizzy\Desktop\OTL.exe
[2010/07/18 13:21:08 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/18 13:21:08 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/18 13:15:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1235910284-3051366954-2818508460-1001UA.job
[2010/07/18 13:10:40 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/18 13:10:33 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/18 13:10:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/18 13:10:25 | 2516,033,536 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/18 13:09:59 | 000,054,472 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000003-00000000-00000006-00001102-00000005-00211102}.rfx
[2010/07/18 13:09:59 | 000,054,472 | ---- | M] () -- C:\Windows\System32\BMXState-{00000003-00000000-00000006-00001102-00000005-00211102}.rfx
[2010/07/18 13:09:59 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000003-00000000-00000006-00001102-00000005-00211102}.rfx
[2010/07/18 13:08:27 | 001,227,884 | -H-- | M] () -- C:\Users\wizzy\AppData\Local\IconCache.db
[2010/07/18 12:42:03 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/18 04:17:29 | 000,524,288 | -HS- | M] () -- C:\Users\wizzy\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 04:17:29 | 000,524,288 | -HS- | M] () -- C:\Users\wizzy\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/07/18 04:17:29 | 000,065,536 | -HS- | M] () -- C:\Users\wizzy\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/07/18 03:15:42 | 000,065,872 | ---- | M] () -- C:\Users\wizzy\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/18 03:11:16 | 039,244,941 | ---- | M] () -- C:\Users\wizzy\Desktop\FFSetup245.zip
[2010/07/18 02:56:26 | 000,000,827 | ---- | M] () -- C:\Users\wizzy\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/07/18 02:48:37 | 000,001,411 | ---- | M] () -- C:\Users\wizzy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 02:28:14 | 000,000,020 | -HS- | M] () -- C:\Users\wizzy\ntuser.ini
[2010/07/16 20:03:20 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/07/16 02:35:26 | 000,001,965 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/12 17:15:00 | 000,000,854 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1235910284-3051366954-2818508460-1001Core.job
[2010/07/12 15:05:30 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/12 15:05:30 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/12 15:02:31 | 000,734,810 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/09 23:37:05 | 000,295,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/07/09 22:45:51 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 5.0.lnk
[2010/07/09 22:42:06 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2010/07/03 20:24:39 | 000,001,575 | ---- | M] () -- C:\Users\Public\Desktop\Pangya.lnk
[2010/06/29 22:13:45 | 000,000,464 | ---- | M] () -- C:\Windows\tasks\fba_backup.job
[2010/06/29 21:32:52 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010/06/29 19:14:30 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010/06/28 20:14:41 | 000,001,173 | ---- | M] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon 3.lnk
[2010/06/27 22:51:21 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\FBackup 4.lnk
[2010/06/23 22:03:59 | 000,000,064 | ---- | M] () -- C:\ProgramData\sandra.ldb
[2010/06/22 23:38:27 | 000,002,246 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/06/21 08:10:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/06/15 02:47:24 | 000,086,016 | ---- | M] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll
[2010/06/14 20:48:24 | 000,002,084 | ---- | M] () -- C:\Users\Public\Desktop\DesignPro 5.lnk
[2010/06/09 19:12:13 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/09 03:14:24 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/06/09 03:14:22 | 000,000,367 | RHS- | M] () -- C:\Boot.ini.saved
[2010/06/08 20:43:35 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settingsbkup.sfm
[2010/06/08 20:43:35 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settings.sfm
[2010/06/08 20:23:56 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/06/08 18:57:47 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/06/08 18:42:44 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010/06/08 18:42:44 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010/06/08 18:42:44 | 000,000,087 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2010/06/08 18:20:14 | 000,041,962 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/06/08 00:57:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/06/08 00:57:00 | 000,009,633 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010/05/22 23:23:03 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/05/19 21:48:52 | 000,000,223 | -H-- | M] () -- C:\Boot.BAK
[2010/05/19 21:35:04 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/05/19 21:35:04 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/05/14 12:09:54 | 000,063,296 | ---- | M] (Ray Hinchliffe) -- C:\Windows\System32\drivers\SIVX32.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/04/27 22:01:00 | 003,530,992 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/18 13:25:28 | 000,044,943 | ---- | C] () -- C:\Users\wizzy\Desktop\privlidge.jpg
[2010/07/18 03:10:45 | 039,244,941 | ---- | C] () -- C:\Users\wizzy\Desktop\FFSetup245.zip
[2010/07/18 02:56:26 | 000,000,827 | ---- | C] () -- C:\Users\wizzy\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/07/18 02:48:37 | 000,001,411 | ---- | C] () -- C:\Users\wizzy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 02:28:14 | 001,048,576 | -HS- | C] () -- C:\Users\wizzy\NTUSER.DAT
[2010/07/18 02:28:14 | 000,524,288 | -HS- | C] () -- C:\Users\wizzy\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 02:28:14 | 000,524,288 | -HS- | C] () -- C:\Users\wizzy\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/07/18 02:28:14 | 000,262,144 | -HS- | C] () -- C:\Users\wizzy\ntuser.dat.LOG1
[2010/07/18 02:28:14 | 000,065,536 | -HS- | C] () -- C:\Users\wizzy\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/07/18 02:28:14 | 000,000,290 | ---- | C] () -- C:\Users\wizzy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/07/18 02:28:14 | 000,000,272 | ---- | C] () -- C:\Users\wizzy\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/07/18 02:28:14 | 000,000,020 | -HS- | C] () -- C:\Users\wizzy\ntuser.ini
[2010/07/18 02:28:14 | 000,000,000 | -HS- | C] () -- C:\Users\wizzy\ntuser.dat.LOG2
[2010/07/16 20:03:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/16 02:35:26 | 000,001,965 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/07/09 22:45:51 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 5.0.lnk
[2010/07/04 01:21:27 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2010/07/03 20:24:39 | 000,001,575 | ---- | C] () -- C:\Users\Public\Desktop\Pangya.lnk
[2010/06/29 22:13:30 | 000,000,464 | ---- | C] () -- C:\Windows\tasks\fba_backup.job
[2010/06/29 21:32:52 | 000,002,337 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010/06/29 19:14:30 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010/06/28 20:14:41 | 000,001,173 | ---- | C] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon 3.lnk
[2010/06/27 22:51:21 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\FBackup 4.lnk
[2010/06/23 22:03:59 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010/06/22 23:38:27 | 000,002,246 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/06/22 23:37:41 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/22 23:37:40 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/21 08:10:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/06/14 20:48:24 | 000,002,084 | ---- | C] () -- C:\Users\Public\Desktop\DesignPro 5.lnk
[2010/06/11 08:04:48 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1235910284-3051366954-2818508460-1001UA.job
[2010/06/11 08:04:46 | 000,000,854 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1235910284-3051366954-2818508460-1001Core.job
[2010/06/09 19:12:13 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/09 03:14:24 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010/06/09 03:14:22 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010/06/09 03:14:22 | 000,000,223 | -H-- | C] () -- C:\Boot.BAK
[2010/06/08 20:43:35 | 000,001,080 | ---- | C] () -- C:\Windows\System32\settingsbkup.sfm
[2010/06/08 20:43:35 | 000,001,080 | ---- | C] () -- C:\Windows\System32\settings.sfm
[2010/06/08 20:22:31 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/06/08 18:57:47 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/06/08 18:46:02 | 000,054,472 | ---- | C] () -- C:\Windows\System32\BMXStateBkp-{00000003-00000000-00000006-00001102-00000005-00211102}.rfx
[2010/06/08 18:46:02 | 000,054,472 | ---- | C] () -- C:\Windows\System32\BMXState-{00000003-00000000-00000006-00001102-00000005-00211102}.rfx
[2010/06/08 18:46:02 | 000,000,788 | ---- | C] () -- C:\Windows\System32\DVCState-{00000003-00000000-00000006-00001102-00000005-00211102}.rfx
[2010/06/08 18:44:24 | 000,007,062 | ---- | C] () -- C:\Windows\System32\audiopid.vxd
[2010/06/08 18:42:44 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2010/06/08 18:42:44 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2010/06/08 18:42:44 | 000,000,087 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2010/06/08 18:15:32 | 2516,033,536 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/19 22:19:48 | 000,000,367 | RHS- | C] () -- C:\Boot.ini.saved
[2010/05/19 21:35:04 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/05/19 21:35:04 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/04 01:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2009/06/04 01:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2009/06/04 00:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll
[2009/06/04 00:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\CTXFIRES.DLL
[2009/05/27 09:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini

========== LOP Check ==========

[2010/07/18 02:56:31 | 000,000,000 | ---D | M] -- C:\Users\wizzy\AppData\Roaming\Opera
[2010/07/18 03:21:24 | 000,000,000 | ---D | M] -- C:\Users\wizzy\AppData\Roaming\Spotify
[2010/06/29 22:13:45 | 000,000,464 | ---- | M] () -- C:\Windows\Tasks\fba_backup.job
[2009/07/14 05:53:46 | 000,022,684 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(53).TXT
[2009/07/14 05:53:46 | 000,027,396 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:F2A99BAF
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:0CFF5F08
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:C176AF6C
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:C1532139
< End of report >

If this log is ok i'll post in the Windows 7 forum but with me having a virus the other day I thought i'd post here first.

Ta
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP