Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Live.exe

Started by Zero.Gravity , Jul 01 2011 07:25 PM

  • Please log in to reply

#1
Zero.Gravity
Posted 01 July 2011 - 07:25 PM

Zero.Gravity

    Member

  • Member
  • PipPip
  • 25 posts
My system seems to have been running just fine lately. However just because of past experiences I occasionally opening up my task manager out of habit, and I noticed a process Live.exe that I didn't remember being there. I goggled the process name and most places have it labeled as a possible threat. So I'm just trying to be safe at the moment.

OTL logfile created on: 7/1/2011 6:19:12 PM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = H:\My Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.24 Gb Available Physical Memory | 74.68% Memory free
4.84 Gb Paging File | 4.21 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 443.21 Gb Total Space | 336.23 Gb Free Space | 75.86% Space Free | Partition Type: NTFS
Drive F: | 97.67 Gb Total Space | 97.37 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Drive H: | 390.63 Gb Total Space | 344.16 Gb Free Space | 88.10% Space Free | Partition Type: NTFS

Computer Name: GRAV | User Name: Ryan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/01 18:18:44 | 000,580,096 | ---- | M] (OldTimer Tools) -- H:\My Downloads\OTL.exe
PRC - [2011/06/30 13:21:10 | 002,588,784 | ---- | M] (GamersFirst) -- C:\Program Files\GamersFirst\LIVE!\Live.exe
PRC - [2011/06/21 23:23:04 | 003,071,384 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2011/06/15 21:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/06/05 18:55:00 | 000,818,784 | ---- | M] ( ) -- C:\Program Files\Miranda IM\miranda32.exe
PRC - [2011/03/21 11:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/25 10:18:30 | 002,870,784 | ---- | M] (Flagship Industries, Inc.) -- C:\Program Files\Ventrilo\Ventrilo.exe
PRC - [2011/02/04 06:24:32 | 002,346,496 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2009/09/22 23:15:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/11/12 16:01:20 | 002,037,096 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProTray.exe
PRC - [2008/11/12 16:01:14 | 003,425,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe
PRC - [2008/10/14 21:38:56 | 000,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2006/08/02 14:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2004/06/10 20:15:18 | 000,083,968 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvraidservice.exe
PRC - [2002/07/02 17:56:00 | 000,024,576 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE
PRC - [2002/03/21 21:41:56 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Hardware\Keyboard\type32.exe


========== Modules (SafeList) ==========

MOD - [2011/07/01 18:18:44 | 000,580,096 | ---- | M] (OldTimer Tools) -- H:\My Downloads\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 17:11:52 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2002/11/05 11:05:30 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2010/10/06 01:23:28 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- c:\Program Files\Steam\steamapps\common\dragon age origins\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2010/08/02 13:33:49 | 003,780,040 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009/09/22 23:15:22 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/11/12 16:01:14 | 003,425,632 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)


========== Driver Services (SafeList) ==========

DRV - [2010/11/25 21:17:40 | 005,555,712 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/11/14 02:11:30 | 000,017,184 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys -- (UltraMonUtility)
DRV - [2008/11/12 15:49:22 | 000,138,080 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symsnap.sys -- (symsnap)
DRV - [2008/04/13 11:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/07/31 17:22:16 | 000,014,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV - [2007/03/28 20:49:42 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/03/28 20:29:10 | 000,037,864 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v2imount.sys -- (v2imount)
DRV - [2006/08/17 22:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/06/27 14:24:16 | 000,031,744 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdTools.sys -- (AmdTools)
DRV - [2004/10/27 07:24:00 | 000,223,104 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/08/11 16:30:00 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/03 22:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/06/02 19:40:46 | 000,079,360 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2004/04/02 00:40:00 | 000,021,760 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2002/07/24 13:52:26 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 10:48:32 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/19 10:48:22 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 10:48:08 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 10:48:04 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 10:47:52 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2002/07/19 10:46:28 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2002/06/14 13:49:56 | 000,010,194 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)
DRV - [2002/01/15 06:57:42 | 000,304,128 | ---- | M] (ahead software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\bsudf.sys -- (BsUDF)
DRV - [2001/12/20 17:00:00 | 000,008,192 | ---- | M] (B.H.A Co.,Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\bsstor.sys -- (BsStor)
DRV - [2001/08/31 06:37:58 | 000,036,992 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfman.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 05:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2001/08/14 08:17:52 | 000,775,296 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1f.sys -- (emu10k) Creative SB Live! series(WDM)
DRV - [2001/07/11 04:34:52 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlface.sys -- (emu10k1) Creative Interface Manager Driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...006&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-US.start3....en-US:official"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}:1.0.3.118
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.google.co...com/search?&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/05/19 18:26:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/05/19 18:26:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/22 14:45:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 00:06:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/06/22 13:32:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/06/02 19:14:39 | 000,000,000 | ---D | M]

[2010/09/25 11:33:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ryan\Application Data\Mozilla\Extensions
[2010/09/25 11:33:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ryan\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/07/01 18:14:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\69dndlbj.default\extensions
[2010/07/27 04:45:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\69dndlbj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/28 03:06:06 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\69dndlbj.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}
[2011/06/28 17:27:21 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Ryan\Application Data\Mozilla\Firefox\Profiles\69dndlbj.default\searchplugins\anime-news-network.xml
[2011/06/22 14:45:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/02 19:08:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/14 11:42:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/18 11:56:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/13 11:26:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/15 21:28:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\RYAN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\69DNDLBJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2009/09/23 00:06:45 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/06/15 21:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/03/30 12:57:04 | 000,098,304 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2010/12/09 03:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2001/08/23 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IntelliType] C:\Program Files\Microsoft Hardware\Keyboard\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [Norton Ghost 12.0] C:\Program Files\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKCU..\Run: [AdobeUpdater] File not found
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/22 15:00:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/21 23:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Local Settings\Application Data\PMB Files
[2011/06/21 23:23:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2011/06/18 17:33:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ryan\Start Menu\Programs\Administrative Tools
[2011/06/16 08:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Local Settings\Application Data\Pando_Temp
[2011/06/15 11:03:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\GamersFirst
[2011/06/15 10:47:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Desktop\PWO project
[2011/06/15 10:18:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ryan\Local Settings\Application Data\GamersFirst LIVE!
[2011/06/15 10:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\GamersFirst
[2011/06/15 03:04:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/11 18:11:08 | 000,000,000 | ---D | C] -- H:\Chatlogs
[2011/06/11 18:10:35 | 000,000,000 | ---D | C] -- H:\New Folder
[2011/06/09 11:15:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Realtek Sound Manager
[2011/06/09 11:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek AC97
[2011/06/09 01:17:53 | 000,000,000 | ---D | C] -- H:\The Lord of the Rings Online
[2011/06/08 14:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\Turbine
[2011/04/02 14:53:20 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/30 21:51:07 | 000,141,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011/06/30 21:50:58 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011/06/30 16:50:21 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GamersFirst LIVE!.lnk
[2011/06/30 14:00:48 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2011/06/29 02:51:26 | 000,427,579 | ---- | M] () -- C:\Documents and Settings\Ryan\Desktop\APB-priestsgradiant-test.jpg
[2011/06/28 14:49:05 | 003,374,782 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000007-00001102-00000002-80641102}.CDF
[2011/06/28 14:49:05 | 003,374,782 | ---- | M] () -- C:\WINDOWS\{00000002-00000000-00000007-00001102-00000002-80641102}.BAK
[2011/06/28 14:48:59 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/28 14:48:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/28 13:35:09 | 000,024,888 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-00000007-00001102-00000002-80641102}.rfx
[2011/06/28 13:35:09 | 000,024,888 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-00000007-00001102-00000002-80641102}.rfx
[2011/06/28 13:35:09 | 000,016,420 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000007-00001102-00000002-80641102}.rfx
[2011/06/28 13:35:09 | 000,016,420 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000007-00001102-00000002-80641102}.rfx
[2011/06/28 13:35:09 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2011/06/28 13:35:09 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2011/06/28 13:35:09 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000007-00001102-00000002-80641102}.dat
[2011/06/28 13:35:09 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000007-00001102-00000002-80641102}.dat
[2011/06/27 11:40:29 | 000,864,469 | ---- | M] () -- C:\Documents and Settings\Ryan\Desktop\APBScreenShot00004.jpg
[2011/06/27 11:40:10 | 003,072,056 | ---- | M] () -- C:\Documents and Settings\Ryan\Desktop\ScreenShot00004.bmp
[2011/06/25 15:21:05 | 000,000,204 | ---- | M] () -- H:\PWOOptions.ini
[2011/06/22 15:10:01 | 000,511,636 | ---- | M] () -- C:\Documents and Settings\Ryan\Desktop\comcastaccountpage.jpg
[2011/06/22 14:45:45 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Ryan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/22 14:45:45 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/15 11:27:34 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\Ryan\Application Data\PnkBstrK.sys
[2011/06/15 03:18:27 | 000,502,602 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/15 03:18:27 | 000,088,382 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/15 03:13:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/14 20:07:57 | 000,171,332 | ---- | M] () -- C:\Documents and Settings\Ryan\Desktop\img_1694.jpg
[2011/06/14 12:56:08 | 000,087,823 | ---- | M] () -- C:\Documents and Settings\Ryan\Desktop\tribalsword2.jpg
[2011/06/14 12:28:19 | 000,168,890 | ---- | M] () -- C:\Documents and Settings\Ryan\Desktop\tribal_steampunk_tattoo_design_by_Spiked_Fox.jpg
[2011/06/08 14:25:50 | 000,001,866 | ---- | M] () -- C:\Documents and Settings\Ryan\Desktop\The Lord of the Rings Online.lnk
[2011/06/04 07:48:14 | 000,226,765 | ---- | M] () -- C:\Documents and Settings\Ryan\Desktop\rental_agreement-monthly.pdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/29 02:51:24 | 000,427,579 | ---- | C] () -- C:\Documents and Settings\Ryan\Desktop\APB-priestsgradiant-test.jpg
[2011/06/27 11:40:27 | 000,864,469 | ---- | C] () -- C:\Documents and Settings\Ryan\Desktop\APBScreenShot00004.jpg
[2011/06/27 11:40:06 | 003,072,056 | ---- | C] () -- C:\Documents and Settings\Ryan\Desktop\ScreenShot00004.bmp
[2011/06/22 15:09:58 | 000,511,636 | ---- | C] () -- C:\Documents and Settings\Ryan\Desktop\comcastaccountpage.jpg
[2011/06/22 14:45:45 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/06/15 10:18:06 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GamersFirst LIVE!.lnk
[2011/06/14 20:07:57 | 000,171,332 | ---- | C] () -- C:\Documents and Settings\Ryan\Desktop\img_1694.jpg
[2011/06/14 12:56:08 | 000,087,823 | ---- | C] () -- C:\Documents and Settings\Ryan\Desktop\tribalsword2.jpg
[2011/06/14 12:28:19 | 000,168,890 | ---- | C] () -- C:\Documents and Settings\Ryan\Desktop\tribal_steampunk_tattoo_design_by_Spiked_Fox.jpg
[2011/06/09 11:15:56 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011/06/09 11:11:16 | 000,225,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/06/08 14:25:50 | 000,001,866 | ---- | C] () -- C:\Documents and Settings\Ryan\Desktop\The Lord of the Rings Online.lnk
[2011/06/04 07:48:14 | 000,226,765 | ---- | C] () -- C:\Documents and Settings\Ryan\Desktop\rental_agreement-monthly.pdf
[2011/04/17 19:07:14 | 000,026,040 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/02 14:53:35 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-00000007-00001102-00000002-80641102}.dat
[2011/04/02 14:53:35 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000007-00001102-00000002-80641102}.dat
[2011/04/02 14:53:21 | 000,184,320 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2011/04/02 14:53:21 | 000,179,669 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2011/04/02 14:53:21 | 000,164,044 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2011/04/02 14:53:21 | 000,113,373 | ---- | C] () -- C:\WINDOWS\System32\ctbasicw.dat
[2011/04/02 14:53:21 | 000,113,273 | ---- | C] () -- C:\WINDOWS\System32\CTBAS2W.DAT
[2011/04/02 14:53:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\KILLAPPS.EXE
[2011/04/02 14:53:21 | 000,044,055 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2011/04/02 14:53:21 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
[2011/04/02 14:53:21 | 000,000,180 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2011/03/06 15:38:19 | 000,037,727 | ---- | C] () -- C:\WINDOWS\System32\Emu10kx.ini
[2011/03/06 15:38:19 | 000,000,029 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2011/02/26 02:25:23 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011/02/26 02:25:23 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011/02/26 01:08:02 | 000,224,001 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011/01/12 07:13:31 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/11/24 08:36:10 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2010/11/08 20:28:36 | 000,000,096 | -H-- | C] () -- C:\WINDOWS\System32\HsInfo.dat
[2010/09/15 10:06:20 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Ryan\Local Settings\Application Data\fusioncache.dat
[2010/07/26 01:52:50 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\uc_karos_launching.dll
[2010/07/26 00:51:53 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010/07/21 22:45:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SMMVSplitter.INI
[2010/07/09 12:00:32 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010/06/22 22:54:20 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Ryan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/22 22:46:47 | 000,742,220 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/06/22 22:46:47 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/06/12 06:02:55 | 002,444,656 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_apb.exe
[2009/09/24 12:57:32 | 000,215,144 | R--- | C] () -- C:\WINDOWS\patchw32.dll
[2009/09/24 12:57:09 | 000,215,144 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2009/09/23 02:11:06 | 000,000,040 | ---- | C] () -- C:\WINDOWS\plugSpk.INI
[2009/09/23 01:33:01 | 000,000,014 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\AdobeUpdater.rbt
[2009/09/23 00:02:40 | 000,141,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/09/23 00:02:39 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Ryan\Application Data\PnkBstrK.sys
[2009/09/23 00:02:22 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/09/23 00:02:22 | 000,281,656 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/09/23 00:02:22 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/09/22 23:20:57 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/09/22 16:34:50 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/09/22 15:57:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/09/22 15:48:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/09/22 15:45:29 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\SFMAN.DAT
[2009/09/22 15:45:29 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2009/09/22 15:44:51 | 000,000,129 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2009/09/22 15:36:10 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/09/22 15:19:04 | 000,244,224 | R--- | C] () -- C:\WINDOWS\System32\NvRaidMan.exe
[2009/09/22 15:18:16 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/09/22 15:18:11 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/09/22 15:01:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/09/22 14:58:19 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/09/22 07:51:43 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/09/22 07:51:03 | 001,456,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/07/08 18:03:02 | 000,058,880 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2001/08/23 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 05:00:00 | 000,502,602 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 05:00:00 | 000,088,382 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 05:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/23 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2010/10/06 15:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2011/04/01 15:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/07/21 12:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
[2010/09/25 14:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010/09/25 14:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2011/06/30 16:50:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010/07/21 20:40:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/04/16 23:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\DarksporeData
[2011/05/19 18:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\DDMSettings
[2011/06/29 02:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\FileZilla
[2010/08/04 15:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\GetRightToGo
[2010/07/21 20:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\HandBrake
[2010/10/31 02:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Hi-Rez Studios
[2010/08/07 20:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\LolClient
[2010/08/24 17:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Miranda
[2010/12/16 17:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Mumble
[2010/12/02 09:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\OpenOffice.org
[2011/05/12 04:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\RenPy
[2011/03/25 02:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Rift
[2010/11/27 05:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\runic games
[2010/08/20 19:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\SecondLife
[2011/01/24 21:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Sony Online Entertainment
[2010/09/25 11:33:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\Thunderbird
[2011/04/18 05:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ryan\Application Data\uTorrent

========== Purity Check ==========



< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP