Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google redirect


  • This topic is locked This topic is locked

#1
Chunk5

Chunk5

    Member

  • Member
  • PipPip
  • 13 posts
Hi,

Having issues with a google redirect. Clicking on any results from a google search leads to a page with a "continue" button, refreshing this page will bring me to the desired page. Also having intermittent freezes on any open app, not sure if this is related. Other symptoms are a full screen pop up which occurs every now and again.

Problem has also spread to my iPhone4 and another PC on the same router.

I've tried all the usual virus detectors, spyware programs etc, including the quickguide on these forums, but none seem to find the problem. Any help would be appreciated.


Here is my OTL log:


OTL logfile created on: 09/08/2011 20:45:16 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Chunks\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 32.24% Memory free
6.19 Gb Paging File | 3.90 Gb Available in Paging File | 63.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 217.78 Gb Total Space | 37.74 Gb Free Space | 17.33% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 72.36 Gb Free Space | 31.08% Space Free | Partition Type: NTFS
Drive E: | 15.00 Gb Total Space | 10.75 Gb Free Space | 71.66% Space Free | Partition Type: NTFS
Drive K: | 2.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: COLIN | User Name: Chunks | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Chunks\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Immunet Protect\2.0.17\iptray.exe (Immunet)
PRC - C:\Program Files\Immunet Protect\2.0.17\agent.exe (Immunet Corporation)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\iRacing\iRacingService.exe (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
PRC - C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
PRC - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\WTouch\WTouchUser.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\WTouch\WTouchService.exe (Wacom Technology, Corp.)
PRC - C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
PRC - C:\Program Files\WinRAR\WinRAR.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
PRC - C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
PRC - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
PRC - C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Chunks\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Program Files\DisplayFusion\Hooks\DisplayFusionHookx86_68abfe57-d015-4b39-b24e-4a7b5d8fe5e0.dll (Binary Fortress Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\PC Tools Security\smum32.dll (PC Tools)


========== Win32 Services (SafeList) ==========

SRV - (SSDPDIS) -- File not found
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- File not found
SRV - (rpcc) -- File not found
SRV - (Cryptags) -- File not found
SRV - (scan) -- C:\Program Files\Immunet Protect\tetra\scan.dll (Immunet)
SRV - (ImmunetProtect) -- C:\Program Files\Immunet Protect\2.0.17\agent.exe (Immunet Corporation)
SRV - (iRacingService) -- C:\Program Files\iRacing\iRacingService.exe (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (tvnserver) -- C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Program Files\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (TabletServicePen) -- C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (UpdateCenterService) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (KService) -- C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AlertService) Intel® -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
SRV - (QualityManager) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe (Intel® Corporation)
SRV - (Remote UI Service) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
SRV - (MCLServiceATL) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
SRV - (DHTRACE) Intel® -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe (Intel® Corporation)
SRV - (ISSM) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel® Corporation)
SRV - (NMSCore) Intel® -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel® Corporation)
SRV - (M1 Server) Intel® Viiv™ -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()


========== Driver Services (SafeList) ==========

DRV - (ImmunetSelfProtectDriver) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys (Windows ® Codename Longhorn DDK provider)
DRV - (ImmunetProtectDriver) -- C:\Windows\System32\drivers\ImmunetProtect.sys (Windows ® Codename Longhorn DDK provider)
DRV - (MpKsl365b07f4) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{41210A51-5753-4E8F-87A6-09F351094F41}\MpKsl365b07f4.sys (Microsoft Corporation)
DRV - (RapportCerberus_29574) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys ()
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\Windows\System32\Drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WsAudio_DeviceS(5)) WsAudio_DeviceS(5) -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys (Wondershare)
DRV - (WsAudio_DeviceS(4)) WsAudio_DeviceS(4) -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys (Wondershare)
DRV - (WsAudio_DeviceS(3)) WsAudio_DeviceS(3) -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys (Wondershare)
DRV - (WsAudio_DeviceS(2)) WsAudio_DeviceS(2) -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys (Wondershare)
DRV - (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys (Wondershare)
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (LVUVC) Logitech QuickCam Pro 9000(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (SBRE) -- C:\Windows\System32\drivers\SBREDrv.sys (Sunbelt Software)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (MungoDriver) -- C:\Windows\System32\drivers\MungoDriver.sys (Windows ® Win 7 DDK provider)
DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (hcw10bda) WinTV-HVR-900H (111xxx) -- C:\Windows\System32\drivers\hcw10bda.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw10cir) -- C:\Windows\System32\drivers\hcw10cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmHidLo) -- C:\Windows\System32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (nvoclock) -- C:\Windows\System32\drivers\nvoclock.sys (NVIDIA Corp.)
DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)
DRV - (RivaTuner32) -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys ()
DRV - (WacomVTHid) -- C:\Windows\System32\drivers\WacomVTHid.sys (Wacom Technology)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (gameenum) -- C:\Windows\System32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ZY202_VS) -- C:\Windows\System32\drivers\WlanUZG.sys (Atheros Communications, Inc.)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (ctgame) -- C:\Windows\System32\drivers\ctgame.sys (Creative Technology Ltd.)
DRV - (PAC7302) -- C:\Windows\System32\drivers\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (ARCSOFTVIRTUALCAPTURE) -- C:\Windows\System32\drivers\ArcSoftVirtualCapture.sys (ArcSoft, Inc.)
DRV - (ZYXEL750) -- C:\Windows\System32\drivers\WLANUTG.SYS (Texas Instruments)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (PPortJoystick) -- C:\Windows\System32\drivers\PPortJoy.sys (Deon van der Westhuysen)
DRV - (PPJoyBus) -- C:\Windows\System32\drivers\PPJoyBus.sys (Deon van der Westhuysen)
DRV - (msgame) -- C:\Windows\System32\drivers\msgame.sys (Microsoft Corporation)
DRV - (hidgame) -- C:\Windows\System32\drivers\hidgame.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.ask.com?o=14086&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.babylo...earch&AF=17435"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bbc.co.uk/news/"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: {c1970c0d-dbe6-4d91-804f-c9c0de643a57}:1.3.2.13
FF - prefs.js..keyword.URL: "http://www.ask.com/w...13796&l=dis&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Chunks\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.7.1: C:\Users\Chunks\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/04/13 21:06:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/09 03:11:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/23 17:32:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 09:25:24 | 000,000,000 | ---D | M]

[2008/12/19 19:35:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Extensions
[2011/08/09 05:36:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions
[2010/08/07 21:07:27 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/04/23 14:43:42 | 000,000,000 | ---D | M] (NoRedirect) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}
[2011/02/22 23:34:48 | 000,000,000 | ---D | M] (Add to Search Bar) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions\[email protected]
[2011/02/22 23:36:13 | 000,001,268 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\amazoncouk.xml
[2011/04/02 11:06:26 | 000,001,019 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\bing.xml
[2011/02/24 16:28:53 | 000,000,981 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\ebaycouk.xml
[2011/06/03 00:59:39 | 000,001,131 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\gamefaqs.xml
[2011/01/12 14:06:31 | 000,012,703 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\imdb.xml
[2011/08/07 12:33:16 | 000,004,873 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\isohunt--bt-search.xml
[2011/03/26 04:35:21 | 000,002,336 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\toms-hardware.xml
[2011/01/12 14:05:14 | 000,002,057 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\youtube-video-search.xml
[2011/06/27 23:01:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/10 18:59:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/13 14:02:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/16 16:29:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/27 23:01:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/09 03:11:53 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\CHUNKS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JQGTDMM6.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2009/09/02 03:01:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/06/23 17:32:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/01/25 11:09:10 | 000,106,496 | ---- | M] (British Broadcasting Corporation) -- C:\Program Files\mozilla firefox\plugins\npBBCPlugin.dll
[2010/03/27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npContribute.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/03/31 10:09:22 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\PDFNetC.dll
[2010/04/08 12:36:02 | 000,107,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll
[2011/02/16 16:03:22 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/19 03:47:59 | 000,000,087 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Immunet Protect] C:\Program Files\Immunet Protect\2.0.17\iptray.exe (Immunet)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chunks\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Chunks\AppData\Roaming\DisplayFusion\Wallpaper_1.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chunks\AppData\Roaming\DisplayFusion\Wallpaper_1.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/01/25 13:20:54 | 000,000,048 | R--- | M] () - K:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Users\Chunks\Desktop\[Torrentsworld.net] - John Safrans Race Relations S1 E3 Sk37cH.torrent
[2011/08/09 15:59:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Chunks\Desktop\OTL.exe
[2011/08/09 12:04:56 | 000,000,000 | ---D | C] -- C:\Windows\Temp842CF182-8F7E-DB20-513A-DD3297DC93BB-Signatures
[2011/08/09 03:21:16 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2011/08/09 03:21:15 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2011/08/09 03:21:13 | 000,249,616 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2011/08/09 03:21:13 | 000,102,184 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2011/08/09 03:21:06 | 000,239,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2011/08/09 03:21:05 | 000,160,448 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2011/08/09 03:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/08/09 03:20:38 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2011/08/09 03:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/08/09 03:19:19 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\PC Tools
[2011/08/09 03:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/08/09 03:13:07 | 000,309,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/08/09 03:13:07 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/08/09 03:13:01 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/08/09 03:12:59 | 000,043,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/08/09 03:12:55 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/08/09 03:12:54 | 000,054,104 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/08/09 03:11:33 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/08/09 03:11:26 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/08/09 03:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immunet Protect
[2011/08/09 03:06:54 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\Immunet
[2011/08/09 03:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Immunet
[2011/08/09 03:06:44 | 000,031,184 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys
[2011/08/09 03:06:41 | 000,041,424 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetProtect.sys
[2011/08/09 03:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\Immunet Protect
[2011/08/09 03:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater
[2011/08/09 03:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2011/08/06 00:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\BlackBeanGames
[2011/08/06 00:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Bean Games
[2011/08/04 14:09:30 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\{DF74BC72-BDD1-4F52-AD7E-5F3B3649C4ED}
[2011/07/31 23:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/07/26 16:48:41 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\dvdcss
[2011/07/25 17:24:42 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driving Theory Test Professional
[2011/07/25 17:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Driving Theory Test Professional
[2011/07/25 16:34:38 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driving Theory Test
[2011/07/25 16:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Driving Theory Test
[2011/07/25 16:27:09 | 000,344,862 | ---- | C] (Oasis Business Services Int. Ltd. ) -- C:\Users\Chunks\Desktop\Driving_theory_test.exe
[2011/07/21 00:27:55 | 000,000,000 | ---D | C] -- C:\Users\Chunks\Documents\Eidos
[2011/07/21 00:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos
[2011/07/20 21:00:55 | 000,000,000 | ---D | C] -- C:\Users\Chunks\Documents\New Unity Project
[2011/07/16 14:32:08 | 000,000,000 | ---D | C] -- C:\UNITY
[2011/07/16 14:24:03 | 000,000,000 | ---D | C] -- C:\Users\Chunks\Documents\bowlingtest
[2011/07/16 14:16:04 | 000,000,000 | ---D | C] -- C:\Users\Chunks\Documents\Bowling test
[2011/07/15 09:47:53 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\PACE Anti-Piracy
[2011/07/15 09:47:53 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\PACE Anti-Piracy
[2011/07/15 09:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2011/07/15 09:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy
[2011/07/15 09:43:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Unity Projects
[2011/07/15 09:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
[2011/07/15 09:39:46 | 000,000,000 | ---D | C] -- C:\Program Files\Unity
[2011/07/15 00:02:59 | 452,177,824 | ---- | C] (Unity Technologies ApS) -- C:\Users\Chunks\Desktop\UnitySetup-3.3.0.exe
[2011/07/14 16:02:19 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\Adobe Mini Bridge CS5
[2011/07/14 16:02:18 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[22 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\Chunks\Desktop\[Torrentsworld.net] - John Safrans Race Relations S1 E3 Sk37cH.torrent
[2011/08/09 20:34:30 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/08/09 20:29:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/09 20:29:15 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/09 20:28:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/09 16:00:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Chunks\Desktop\OTL.exe
[2011/08/09 12:06:14 | 002,479,084 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/08/09 12:05:49 | 000,642,670 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/09 12:05:49 | 000,122,598 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/09 03:20:44 | 000,004,167 | ---- | M] () -- C:\Users\Chunks\Desktop\emot-tviv.gif
[2011/08/09 03:12:54 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/08/09 03:06:37 | 000,031,184 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys
[2011/08/09 03:06:36 | 000,041,424 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetProtect.sys
[2011/08/09 03:05:21 | 001,253,000 | ---- | M] () -- C:\Users\Chunks\Desktop\Google Updater.exe
[2011/08/09 02:40:04 | 000,102,462 | ---- | M] () -- C:\Users\Chunks\Desktop\95RKZ.jpg
[2011/08/09 01:59:41 | 000,247,798 | ---- | M] () -- C:\Users\Chunks\Desktop\3cbUD.jpg
[2011/08/09 01:09:12 | 000,001,456 | ---- | M] () -- C:\Users\Chunks\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/08/06 17:19:01 | 000,300,707 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] Mastermix Classic Cuts.torrent
[2011/08/06 00:05:11 | 000,001,771 | ---- | M] () -- C:\Users\Public\Desktop\Play SBK2011 FIM Superbike World Championship.lnk
[2011/08/04 15:07:17 | 000,235,008 | ---- | M] () -- C:\Users\Chunks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/04 11:24:46 | 000,014,822 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] 1611785.torrent
[2011/08/04 06:17:41 | 000,012,898 | ---- | M] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011-RELOADEDSBK.Superbike.Worl.6345688.TPB.torrent
[2011/08/04 06:16:59 | 000,000,977 | ---- | M] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011.NoDVD-RELOADED.6345910.TPB.torrent
[2011/08/04 06:12:28 | 000,018,613 | ---- | M] () -- C:\Users\Chunks\Desktop\MotoGP.08-RELOADED.4471919.TPB.torrent
[2011/07/31 21:06:54 | 000,092,976 | ---- | M] () -- C:\Users\Chunks\Desktop\monkey-taking-photographs.jpg
[2011/07/31 20:35:11 | 000,037,211 | ---- | M] () -- C:\Users\Chunks\Desktop\HMT051_1.jpg
[2011/07/31 20:32:41 | 000,037,202 | ---- | M] () -- C:\Users\Chunks\Desktop\HMT050_1.jpg
[2011/07/28 23:48:10 | 000,011,608 | ---- | M] () -- C:\Users\Chunks\Desktop\2006-moHonda-CBF600-.jpg
[2011/07/28 23:36:16 | 000,056,137 | ---- | M] () -- C:\Users\Chunks\Desktop\SUZU0271.jpg
[2011/07/28 23:34:41 | 000,114,217 | ---- | M] () -- C:\Users\Chunks\Desktop\lrgscaleKawasaki-ER6N-06+-Scorpion-Steel-Exhaust-Silencer-2.jpg
[2011/07/28 23:21:20 | 000,056,134 | ---- | M] () -- C:\Users\Chunks\Desktop\2008YZFR6_silver_1_b4787bcf.jpg
[2011/07/28 23:19:01 | 000,093,719 | ---- | M] () -- C:\Users\Chunks\Desktop\yamaha_fz6_2009_silver_right_side_view_wallpaper_-_1024x768.jpg
[2011/07/28 23:15:16 | 000,245,471 | ---- | M] () -- C:\Users\Chunks\Desktop\triumph_daytona_675_SE_2008_06.jpg
[2011/07/28 23:09:15 | 000,035,231 | ---- | M] () -- C:\Users\Chunks\Desktop\2007-Kawasaki-ZX-6R-in-Atomic-Silver-right-side.jpg
[2011/07/28 21:44:17 | 000,042,978 | ---- | M] () -- C:\Users\Chunks\Desktop\90 .jpg
[2011/07/28 21:39:26 | 000,056,239 | ---- | M] () -- C:\Users\Chunks\Desktop\90 204782_pu.jpg
[2011/07/28 21:38:14 | 000,041,614 | ---- | M] () -- C:\Users\Chunks\Desktop\65 24926.jpg
[2011/07/28 21:36:15 | 000,023,898 | ---- | M] () -- C:\Users\Chunks\Desktop\100 k7-jean-hood-jeans-black.jpg
[2011/07/28 16:50:40 | 000,006,808 | ---- | M] () -- C:\Users\Chunks\Desktop\280.jpg
[2011/07/28 16:37:45 | 000,014,039 | ---- | M] () -- C:\Users\Chunks\Desktop\30 41OrVP3EdkL._SL500_AA300_.jpg
[2011/07/28 16:31:02 | 000,040,639 | ---- | M] () -- C:\Users\Chunks\Desktop\140 C6-jeans-men-black.jpg
[2011/07/28 16:30:21 | 000,058,473 | ---- | M] () -- C:\Users\Chunks\Desktop\315 furygan grip brown.jpg
[2011/07/27 00:31:11 | 000,089,081 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] Mercenaries.2.World.In.Flames.Multi-2.Full-Rip.Skullptura.torrent
[2011/07/27 00:28:41 | 000,557,474 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] Saints_Row_2-Razor1911.torrent
[2011/07/27 00:27:57 | 000,029,274 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] download-games-2641615-Mafia IISKIDROW (Mafia 2).torrent
[2011/07/27 00:26:44 | 000,186,211 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] mafia PC game yahaa.org.torrent
[2011/07/25 19:33:13 | 000,040,457 | ---- | M] () -- C:\Users\Chunks\Desktop\The_Official_DSA_DVD_Guide_To_Hazard_Perception_Test_Full_ISO.5060399.TPB.torrent
[2011/07/25 17:24:42 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\Driving Theory Test Professional.lnk
[2011/07/25 16:43:02 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\Driving Theory Test.lnk
[2011/07/25 16:27:14 | 000,344,862 | ---- | M] (Oasis Business Services Int. Ltd. ) -- C:\Users\Chunks\Desktop\Driving_theory_test.exe
[2011/07/25 07:38:25 | 000,000,872 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk
[2011/07/23 21:47:33 | 001,588,433 | ---- | M] () -- C:\Users\Chunks\Desktop\IMG_0173.JPG
[2011/07/20 21:12:57 | 000,249,195 | ---- | M] () -- C:\Users\Chunks\Desktop\2 - Scripting Tutorial.pdf
[2011/07/20 20:50:05 | 002,223,083 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_3.pdf
[2011/07/20 20:49:08 | 002,485,384 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_2.pdf
[2011/07/20 20:44:18 | 002,668,998 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_1.pdf
[2011/07/20 20:33:47 | 081,689,326 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_Completed.zip
[2011/07/20 20:32:40 | 074,259,813 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial.zip
[2011/07/19 12:56:45 | 131,622,933 | ---- | M] () -- C:\Users\Chunks\Desktop\3rdPersonShooter.zip
[2011/07/15 12:49:33 | 222,269,969 | ---- | M] () -- C:\Users\Chunks\Desktop\CarTutorial.zip
[2011/07/15 12:19:19 | 001,062,404 | ---- | M] () -- C:\Users\Chunks\Desktop\Roll-a-Ball.zip
[2011/07/15 09:43:46 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\Unity.lnk
[2011/07/15 09:25:20 | 452,177,824 | ---- | M] (Unity Technologies ApS) -- C:\Users\Chunks\Desktop\UnitySetup-3.3.0.exe
[2011/07/13 17:06:15 | 000,038,637 | ---- | M] () -- C:\Users\Chunks\Desktop\midsize.jpg
[2011/07/13 12:33:51 | 004,014,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/12 15:00:14 | 000,246,780 | ---- | M] () -- C:\Users\Chunks\Desktop\2009-Honda-CBR600RRa.jpg
[2011/07/12 14:59:17 | 000,152,296 | ---- | M] () -- C:\Users\Chunks\Desktop\2008-Suzuki-GSX-R600f.jpg
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[22 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/09 03:19:43 | 000,004,167 | ---- | C] () -- C:\Users\Chunks\Desktop\emot-tviv.gif
[2011/08/09 03:05:41 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2011/08/09 03:05:15 | 001,253,000 | ---- | C] () -- C:\Users\Chunks\Desktop\Google Updater.exe
[2011/08/09 02:40:03 | 000,102,462 | ---- | C] () -- C:\Users\Chunks\Desktop\95RKZ.jpg
[2011/08/09 01:59:31 | 000,247,798 | ---- | C] () -- C:\Users\Chunks\Desktop\3cbUD.jpg
[2011/08/06 17:18:41 | 000,300,707 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] Mastermix Classic Cuts.torrent
[2011/08/06 00:05:11 | 000,001,771 | ---- | C] () -- C:\Users\Public\Desktop\Play SBK2011 FIM Superbike World Championship.lnk
[2011/08/04 11:24:45 | 000,014,822 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] 1611785.torrent
[2011/08/04 06:17:39 | 000,012,898 | ---- | C] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011-RELOADEDSBK.Superbike.Worl.6345688.TPB.torrent
[2011/08/04 06:16:59 | 000,000,977 | ---- | C] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011.NoDVD-RELOADED.6345910.TPB.torrent
[2011/08/04 06:12:28 | 000,018,613 | ---- | C] () -- C:\Users\Chunks\Desktop\MotoGP.08-RELOADED.4471919.TPB.torrent
[2011/07/31 21:06:53 | 000,092,976 | ---- | C] () -- C:\Users\Chunks\Desktop\monkey-taking-photographs.jpg
[2011/07/31 20:35:11 | 000,037,211 | ---- | C] () -- C:\Users\Chunks\Desktop\HMT051_1.jpg
[2011/07/31 20:32:38 | 000,037,202 | ---- | C] () -- C:\Users\Chunks\Desktop\HMT050_1.jpg
[2011/07/28 23:48:09 | 000,011,608 | ---- | C] () -- C:\Users\Chunks\Desktop\2006-moHonda-CBF600-.jpg
[2011/07/28 23:36:15 | 000,056,137 | ---- | C] () -- C:\Users\Chunks\Desktop\SUZU0271.jpg
[2011/07/28 23:34:27 | 000,114,217 | ---- | C] () -- C:\Users\Chunks\Desktop\lrgscaleKawasaki-ER6N-06+-Scorpion-Steel-Exhaust-Silencer-2.jpg
[2011/07/28 23:21:19 | 000,056,134 | ---- | C] () -- C:\Users\Chunks\Desktop\2008YZFR6_silver_1_b4787bcf.jpg
[2011/07/28 23:19:01 | 000,093,719 | ---- | C] () -- C:\Users\Chunks\Desktop\yamaha_fz6_2009_silver_right_side_view_wallpaper_-_1024x768.jpg
[2011/07/28 23:15:16 | 000,245,471 | ---- | C] () -- C:\Users\Chunks\Desktop\triumph_daytona_675_SE_2008_06.jpg
[2011/07/28 23:09:15 | 000,035,231 | ---- | C] () -- C:\Users\Chunks\Desktop\2007-Kawasaki-ZX-6R-in-Atomic-Silver-right-side.jpg
[2011/07/28 21:39:26 | 000,056,239 | ---- | C] () -- C:\Users\Chunks\Desktop\90 204782_pu.jpg
[2011/07/28 21:38:14 | 000,041,614 | ---- | C] () -- C:\Users\Chunks\Desktop\65 24926.jpg
[2011/07/28 21:36:15 | 000,023,898 | ---- | C] () -- C:\Users\Chunks\Desktop\100 k7-jean-hood-jeans-black.jpg
[2011/07/28 21:35:38 | 000,042,978 | ---- | C] () -- C:\Users\Chunks\Desktop\90 .jpg
[2011/07/28 16:50:40 | 000,006,808 | ---- | C] () -- C:\Users\Chunks\Desktop\280.jpg
[2011/07/28 16:37:45 | 000,014,039 | ---- | C] () -- C:\Users\Chunks\Desktop\30 41OrVP3EdkL._SL500_AA300_.jpg
[2011/07/28 16:31:02 | 000,040,639 | ---- | C] () -- C:\Users\Chunks\Desktop\140 C6-jeans-men-black.jpg
[2011/07/28 16:30:21 | 000,058,473 | ---- | C] () -- C:\Users\Chunks\Desktop\315 furygan grip brown.jpg
[2011/07/27 00:31:10 | 000,089,081 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] Mercenaries.2.World.In.Flames.Multi-2.Full-Rip.Skullptura.torrent
[2011/07/27 00:28:36 | 000,557,474 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] Saints_Row_2-Razor1911.torrent
[2011/07/27 00:27:56 | 000,029,274 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] download-games-2641615-Mafia IISKIDROW (Mafia 2).torrent
[2011/07/27 00:26:38 | 000,186,211 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] mafia PC game yahaa.org.torrent
[2011/07/25 19:33:11 | 000,040,457 | ---- | C] () -- C:\Users\Chunks\Desktop\The_Official_DSA_DVD_Guide_To_Hazard_Perception_Test_Full_ISO.5060399.TPB.torrent
[2011/07/25 17:24:42 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\Driving Theory Test Professional.lnk
[2011/07/25 16:34:38 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\Driving Theory Test.lnk
[2011/07/25 07:38:25 | 000,000,872 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk
[2011/07/23 21:51:11 | 001,588,433 | ---- | C] () -- C:\Users\Chunks\Desktop\IMG_0173.JPG
[2011/07/20 21:12:57 | 000,249,195 | ---- | C] () -- C:\Users\Chunks\Desktop\2 - Scripting Tutorial.pdf
[2011/07/20 20:50:05 | 002,223,083 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_3.pdf
[2011/07/20 20:49:08 | 002,485,384 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_2.pdf
[2011/07/20 20:44:18 | 002,668,998 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_1.pdf
[2011/07/20 20:23:33 | 074,259,813 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial.zip
[2011/07/20 20:23:15 | 081,689,326 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_Completed.zip
[2011/07/19 12:51:11 | 131,622,933 | ---- | C] () -- C:\Users\Chunks\Desktop\3rdPersonShooter.zip
[2011/07/15 12:41:09 | 222,269,969 | ---- | C] () -- C:\Users\Chunks\Desktop\CarTutorial.zip
[2011/07/15 12:19:16 | 001,062,404 | ---- | C] () -- C:\Users\Chunks\Desktop\Roll-a-Ball.zip
[2011/07/15 09:43:46 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\Unity.lnk
[2011/07/13 17:06:09 | 000,038,637 | ---- | C] () -- C:\Users\Chunks\Desktop\midsize.jpg
[2011/07/12 15:00:14 | 000,246,780 | ---- | C] () -- C:\Users\Chunks\Desktop\2009-Honda-CBR600RRa.jpg
[2011/07/12 14:59:17 | 000,152,296 | ---- | C] () -- C:\Users\Chunks\Desktop\2008-Suzuki-GSX-R600f.jpg
[2011/06/02 14:38:22 | 000,036,892 | ---- | C] () -- C:\Windows\System32\bassmod.dll
[2011/05/25 23:51:36 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2011/04/18 00:50:13 | 000,000,132 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/04/14 00:19:51 | 000,001,456 | ---- | C] () -- C:\Users\Chunks\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/04/03 21:03:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/02 11:49:08 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2011/03/27 22:49:20 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/27 22:49:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/27 22:49:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/27 22:49:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/27 22:49:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/14 12:44:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SBRC.dat
[2011/03/09 00:23:52 | 000,000,173 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/02/24 17:32:15 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2011/02/16 15:24:03 | 000,227,840 | ---- | C] () -- C:\Windows\System32\K8E.exe
[2011/02/16 15:24:03 | 000,040,960 | ---- | C] () -- C:\Windows\System32\K8D.dll
[2011/02/16 15:24:03 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FASTTime32.dll
[2011/01/22 00:28:07 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2011/01/21 07:27:35 | 000,031,007 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\UserTile.png
[2010/11/30 22:13:36 | 000,013,310 | ---- | C] () -- C:\Windows\System32\Pen_Tablet.dat
[2010/11/10 03:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2010/11/10 03:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/11/10 03:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/11/10 03:31:42 | 000,026,286 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/09/05 14:03:21 | 000,001,722 | ---- | C] () -- C:\Windows\tefview.ini
[2010/08/08 02:41:12 | 000,000,695 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010/07/26 18:19:28 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/07/20 17:29:07 | 000,219,580 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/06/15 17:12:56 | 000,035,344 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/06/15 17:12:17 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/06/15 17:11:41 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe
[2010/06/15 17:09:45 | 000,005,144 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2010/05/29 12:05:35 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2010/05/12 15:44:31 | 000,097,388 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/03/19 00:27:19 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/02/17 18:22:08 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/01/23 23:40:59 | 000,000,680 | ---- | C] () -- C:\Users\Chunks\AppData\Local\d3d9caps.dat
[2009/09/11 10:06:39 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/11 10:06:39 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/12/11 14:48:52 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP7302.INI
[2008/11/26 01:34:18 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/11/09 15:14:08 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/10/16 06:54:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/18 05:42:17 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2008/06/12 16:12:24 | 000,000,287 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/05/29 14:26:15 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2008/05/22 23:22:18 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/05/07 19:15:01 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/05/07 19:14:55 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2008/05/07 19:14:49 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2008/05/04 06:48:26 | 000,022,328 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\PnkBstrK.sys
[2008/05/01 05:36:15 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2008/04/24 10:33:04 | 000,000,483 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/03/19 09:52:29 | 000,000,004 | ---- | C] () -- C:\Windows\info147.sys
[2008/02/18 21:30:24 | 000,037,888 | ---- | C] () -- C:\Windows\System32\GsiDi32.dll
[2008/02/18 21:27:21 | 000,000,290 | ---- | C] () -- C:\Windows\wininit.ini
[2008/02/18 21:20:00 | 000,016,384 | ---- | C] () -- C:\Windows\System32\dslagent.exe
[2008/02/09 14:07:39 | 000,040,960 | ---- | C] () -- C:\Windows\CleanDev.exe
[2008/02/09 14:07:39 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe
[2008/02/08 09:51:22 | 000,000,090 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\wklnhst.dat
[2008/02/07 13:16:54 | 000,235,008 | ---- | C] () -- C:\Users\Chunks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/05 08:24:38 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 004,014,864 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,642,670 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,122,598 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/23 11:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll

========== LOP Check ==========

[2008/10/04 15:25:07 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\.ABC
[2011/06/01 01:32:18 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\.minecraft
[2011/02/18 20:41:05 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\.purple
[2009/12/20 02:25:58 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Ambient Design
[2010/05/02 15:06:49 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\AnvSoft
[2009/12/20 02:09:46 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Bamboo Explore
[2010/07/24 23:16:03 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2008/06/17 06:38:42 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Bioshock
[2009/10/30 16:53:49 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\BitTyrant
[2008/08/30 11:38:50 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\BlackBean
[2011/04/28 03:30:32 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/02/17 23:12:42 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DAEMON Tools
[2011/01/15 15:25:54 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DAEMON Tools Lite
[2011/08/09 20:32:22 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DisplayFusion
[2010/08/07 21:07:27 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DVDVideoSoftIEHelpers
[2008/04/04 10:32:46 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\eMule
[2009/03/06 04:40:16 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\EveHQ
[2011/02/14 07:59:15 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\EVEMon
[2011/08/02 20:04:23 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\FileZilla
[2011/04/13 22:24:25 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\GetRightToGo
[2010/10/19 11:54:50 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\GTS
[2011/02/28 07:45:45 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Guitar Pro 6
[2009/02/16 08:26:02 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Helios
[2010/02/27 09:15:34 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Leadertech
[2011/02/24 18:47:13 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\MAGIX
[2008/05/01 05:12:59 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Megaupload
[2009/05/02 21:58:14 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Mumble
[2008/09/06 00:46:59 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\NoteTab Light
[2011/07/15 10:19:58 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PACE Anti-Piracy
[2010/12/15 09:17:23 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PCDr
[2011/01/21 07:27:33 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PeerNetworking
[2011/06/05 13:54:56 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PunkBuster
[2011/01/08 16:14:26 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Seeing Machines
[2010/02/09 07:51:32 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Sony
[2008/05/21 15:54:43 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\SpinTop
[2011/07/14 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/12/25 09:19:25 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\SystemRequirementsLab
[2008/02/08 09:51:23 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Template
[2009/08/15 15:29:00 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\The Creative Assembly
[2010/07/29 10:42:36 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\TightVNC
[2009/09/30 00:48:12 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Trillian
[2009/11/22 16:25:13 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Trusteer
[2010/05/18 09:31:26 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Ubisoft
[2011/04/13 22:51:00 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Uniblue
[2011/07/16 14:16:08 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Unity
[2011/08/07 14:27:38 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\uTorrent
[2011/02/21 15:06:27 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\WebcamZoneTrigger
[2009/12/18 18:20:06 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\WTouch
[2011/08/09 16:03:05 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 1200 bytes -> C:\ProgramData\Microsoft:D2DqTgdcQcdZtkV0RNm5
@Alternate Data Stream - 1145 bytes -> C:\Users\Chunks\AppData\Local\cwA0Wlv7YbCy:9nuAedzIuzH04UdRV
@Alternate Data Stream - 1117 bytes -> C:\ProgramData\Microsoft:cdOycBlbGHZ10t4fsb3edIdFtCn4Q
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:52B72A7C
@Alternate Data Stream - 1055 bytes -> C:\Users\Chunks\AppData\Local\TyZ4ZR7LuRFh:ftVS9pUsHaOJj0CgDrx93qDY

< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there and sorry for the delay

Could you run a fresh OTL scan for me please using these parameters. Also does your router have a secure password as that may be infected, in which case it will need to be reset.

There will only be one log this time

  • Run OTL.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

THEN

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#3
Chunk5

Chunk5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Hi, thank for the reply.

When you say reset the password on the router, do you mean factory settings, or to change it to something different?

OTL log quoted and aswMBR log attached.




OTL logfile created on: 16/08/2011 15:05:20 - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Chunks\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 34.99% Memory free
6.19 Gb Paging File | 3.68 Gb Available in Paging File | 59.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 217.78 Gb Total Space | 39.58 Gb Free Space | 18.18% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 88.01 Gb Free Space | 37.80% Space Free | Partition Type: NTFS
Drive E: | 15.00 Gb Total Space | 10.75 Gb Free Space | 71.66% Space Free | Partition Type: NTFS

Computer Name: COLIN | User Name: Chunks | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Chunks\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Immunet Protect\2.0.17\iptray.exe (Immunet)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
PRC - C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
PRC - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files\WTouch\WTouchUser.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
PRC - C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Chunks\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\aswAux.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\aswCmnBS.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\aswProperty.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\aswCmnIS.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\aswEngLdr.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\aswCmnOS.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\ashBase.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\ashTask.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\AhAScr.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\Aavm4h.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\AavmRpch.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll (Microsoft Corporation)
MOD - C:\Windows\System32\vbscript.dll (Microsoft Corporation)
MOD - C:\Program Files\DisplayFusion\Hooks\DisplayFusionHookx86_68abfe57-d015-4b39-b24e-4a7b5d8fe5e0.dll (Binary Fortress Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\PC Tools Security\smum32.dll (PC Tools)
MOD - C:\Windows\System32\wbem\wmiutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbem\wbemsvc.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbem\wbemprox.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbem\fastprox.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wsock32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbem\wbemdisp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\wbemcomn.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sxs.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (SSDPDIS) -- File not found
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- File not found
SRV - (rpcc) -- File not found
SRV - (Cryptags) -- File not found
SRV - (scan) -- C:\Program Files\Immunet Protect\tetra\scan.dll (Immunet)
SRV - (ImmunetProtect) -- C:\Program Files\Immunet Protect\2.0.17\agent.exe (Immunet Corporation)
SRV - (iRacingService) -- C:\Program Files\iRacing\iRacingService.exe (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (tvnserver) -- C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Program Files\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (TabletServicePen) -- C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (UpdateCenterService) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (KService) -- C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AlertService) Intel® -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
SRV - (QualityManager) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe (Intel® Corporation)
SRV - (Remote UI Service) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
SRV - (MCLServiceATL) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
SRV - (DHTRACE) Intel® -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe (Intel® Corporation)
SRV - (ISSM) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel® Corporation)
SRV - (NMSCore) Intel® -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel® Corporation)
SRV - (M1 Server) Intel® Viiv™ -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()


========== Driver Services (SafeList) ==========

DRV - (ImmunetSelfProtectDriver) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys (Windows ® Codename Longhorn DDK provider)
DRV - (ImmunetProtectDriver) -- C:\Windows\System32\drivers\ImmunetProtect.sys (Windows ® Codename Longhorn DDK provider)
DRV - (RapportCerberus_29574) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys ()
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\Windows\System32\Drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WsAudio_DeviceS(5)) WsAudio_DeviceS(5) -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys (Wondershare)
DRV - (WsAudio_DeviceS(4)) WsAudio_DeviceS(4) -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys (Wondershare)
DRV - (WsAudio_DeviceS(3)) WsAudio_DeviceS(3) -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys (Wondershare)
DRV - (WsAudio_DeviceS(2)) WsAudio_DeviceS(2) -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys (Wondershare)
DRV - (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys (Wondershare)
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (LVUVC) Logitech QuickCam Pro 9000(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (SBRE) -- C:\Windows\System32\drivers\SBREDrv.sys (Sunbelt Software)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (MungoDriver) -- C:\Windows\System32\drivers\MungoDriver.sys (Windows ® Win 7 DDK provider)
DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (hcw10bda) WinTV-HVR-900H (111xxx) -- C:\Windows\System32\drivers\hcw10bda.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw10cir) -- C:\Windows\System32\drivers\hcw10cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmHidLo) -- C:\Windows\System32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (nvoclock) -- C:\Windows\System32\drivers\nvoclock.sys (NVIDIA Corp.)
DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)
DRV - (RivaTuner32) -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys ()
DRV - (WacomVTHid) -- C:\Windows\System32\drivers\WacomVTHid.sys (Wacom Technology)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (gameenum) -- C:\Windows\System32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ZY202_VS) -- C:\Windows\System32\drivers\WlanUZG.sys (Atheros Communications, Inc.)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (ctgame) -- C:\Windows\System32\drivers\ctgame.sys (Creative Technology Ltd.)
DRV - (PAC7302) -- C:\Windows\System32\drivers\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (ARCSOFTVIRTUALCAPTURE) -- C:\Windows\System32\drivers\ArcSoftVirtualCapture.sys (ArcSoft, Inc.)
DRV - (ZYXEL750) -- C:\Windows\System32\drivers\WLANUTG.SYS (Texas Instruments)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (PPortJoystick) -- C:\Windows\System32\drivers\PPortJoy.sys (Deon van der Westhuysen)
DRV - (PPJoyBus) -- C:\Windows\System32\drivers\PPJoyBus.sys (Deon van der Westhuysen)
DRV - (msgame) -- C:\Windows\System32\drivers\msgame.sys (Microsoft Corporation)
DRV - (hidgame) -- C:\Windows\System32\drivers\hidgame.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\PROGRA~1\SPEEDB~1\proxy.pac

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\PROGRA~1\SPEEDB~1\proxy.pac


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://kronge.netfirms.com/mob/lan
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.ask.com?o=14086&l=dis
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.babylo...earch&AF=17435"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bbc.co.uk/news/"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: {c1970c0d-dbe6-4d91-804f-c9c0de643a57}:1.3.2.13
FF - prefs.js..keyword.URL: "http://www.ask.com/w...13796&l=dis&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Chunks\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.7.1: C:\Users\Chunks\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/04/13 21:06:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/09 03:11:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/12 09:57:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/12 09:57:05 | 000,000,000 | ---D | M]

[2008/12/19 19:35:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Extensions
[2011/08/12 22:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions
[2010/08/07 21:07:27 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/04/23 14:43:42 | 000,000,000 | ---D | M] (NoRedirect) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}
[2011/02/22 23:34:48 | 000,000,000 | ---D | M] (Add to Search Bar) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions\[email protected]
[2011/02/22 23:36:13 | 000,001,268 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\amazoncouk.xml
[2011/04/02 11:06:26 | 000,001,019 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\bing.xml
[2011/02/24 16:28:53 | 000,000,981 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\ebaycouk.xml
[2011/06/03 00:59:39 | 000,001,131 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\gamefaqs.xml
[2011/01/12 14:06:31 | 000,012,703 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\imdb.xml
[2011/08/14 17:30:01 | 000,004,873 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\isohunt--bt-search.xml
[2011/03/26 04:35:21 | 000,002,336 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\toms-hardware.xml
[2011/01/12 14:05:14 | 000,002,057 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\youtube-video-search.xml
[2011/06/27 23:01:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/10 18:59:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/13 14:02:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/16 16:29:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/27 23:01:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011/08/09 03:11:53 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\CHUNKS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JQGTDMM6.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2009/09/02 03:01:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/06/23 17:32:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/01/25 11:09:10 | 000,106,496 | ---- | M] (British Broadcasting Corporation) -- C:\Program Files\mozilla firefox\plugins\npBBCPlugin.dll
[2010/03/27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npContribute.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/03/31 10:09:22 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\PDFNetC.dll
[2010/04/08 12:36:02 | 000,107,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll
[2011/02/16 16:03:22 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/19 03:47:59 | 000,000,087 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Immunet Protect] C:\Program Files\Immunet Protect\2.0.17\iptray.exe (Immunet)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [DAEMON Tools Lite] File not found
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [DellSupportCenter] File not found
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [Zyxmon] File not found
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001..\Run: [DisplayFusion] C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chunks\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Chunks\AppData\Roaming\DisplayFusion\Wallpaper_2.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chunks\AppData\Roaming\DisplayFusion\Wallpaper_2.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Users\Chunks\Desktop\[Torrentsworld.net] - John Safrans Race Relations S1 E3 Sk37cH.torrent
[2011/08/16 14:34:13 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Users\Chunks\Desktop\aswMBR.exe
[2011/08/12 09:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/12 09:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/11 00:54:27 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\2K Games
[2011/08/11 00:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mafia II
[2011/08/11 00:10:08 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\THQ
[2011/08/10 23:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saints Row 2
[2011/08/09 15:59:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Chunks\Desktop\OTL.exe
[2011/08/09 12:04:56 | 000,000,000 | ---D | C] -- C:\Windows\Temp842CF182-8F7E-DB20-513A-DD3297DC93BB-Signatures
[2011/08/09 03:21:16 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2011/08/09 03:21:15 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2011/08/09 03:21:13 | 000,249,616 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2011/08/09 03:21:13 | 000,102,184 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2011/08/09 03:21:06 | 000,239,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2011/08/09 03:21:05 | 000,160,448 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2011/08/09 03:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/08/09 03:20:38 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2011/08/09 03:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/08/09 03:19:19 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\PC Tools
[2011/08/09 03:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/08/09 03:13:07 | 000,309,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/08/09 03:13:07 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/08/09 03:13:01 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/08/09 03:12:59 | 000,043,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/08/09 03:12:55 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/08/09 03:12:54 | 000,054,104 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/08/09 03:11:33 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/08/09 03:11:26 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/08/09 03:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immunet Protect
[2011/08/09 03:06:54 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\Immunet
[2011/08/09 03:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Immunet
[2011/08/09 03:06:44 | 000,031,184 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys
[2011/08/09 03:06:41 | 000,041,424 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetProtect.sys
[2011/08/09 03:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\Immunet Protect
[2011/08/09 03:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater
[2011/08/09 03:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2011/08/06 00:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\BlackBeanGames
[2011/08/06 00:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Bean Games
[2011/08/04 14:09:30 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\{DF74BC72-BDD1-4F52-AD7E-5F3B3649C4ED}
[2011/07/31 23:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/07/26 16:48:41 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\dvdcss
[2011/07/25 17:24:42 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driving Theory Test Professional
[2011/07/25 17:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Driving Theory Test Professional
[2011/07/25 16:34:38 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driving Theory Test
[2011/07/25 16:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Driving Theory Test
[2011/07/25 16:27:09 | 000,344,862 | ---- | C] (Oasis Business Services Int. Ltd. ) -- C:\Users\Chunks\Desktop\Driving_theory_test.exe
[2011/07/21 00:27:55 | 000,000,000 | ---D | C] -- C:\Users\Chunks\Documents\Eidos
[2011/07/21 00:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos
[2011/07/20 21:00:55 | 000,000,000 | ---D | C] -- C:\Users\Chunks\Documents\New Unity Project
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[22 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\Chunks\Desktop\[Torrentsworld.net] - John Safrans Race Relations S1 E3 Sk37cH.torrent
[2011/08/16 14:34:16 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Users\Chunks\Desktop\aswMBR.exe
[2011/08/16 14:33:10 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/08/16 14:25:49 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/16 14:25:48 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/16 14:25:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/15 18:00:15 | 000,013,310 | ---- | M] () -- C:\Windows\System32\Pen_Tablet.dat
[2011/08/15 01:07:52 | 000,001,456 | ---- | M] () -- C:\Users\Chunks\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/08/14 00:07:10 | 000,001,011 | ---- | M] () -- C:\Users\Chunks\Desktop\Mercenaries 2.lnk
[2011/08/13 15:07:29 | 000,030,745 | ---- | M] () -- C:\Users\Chunks\Desktop\nude-slave.jpg
[2011/08/12 20:54:27 | 000,089,203 | ---- | M] () -- C:\Users\Chunks\Desktop\disappointment.jpg
[2011/08/11 03:41:46 | 002,497,006 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/08/11 03:41:09 | 000,642,670 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/11 03:41:09 | 000,122,598 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/09 22:37:43 | 000,691,458 | ---- | M] () -- C:\Users\Chunks\Desktop\london_tube_map.png
[2011/08/09 16:00:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Chunks\Desktop\OTL.exe
[2011/08/09 03:20:44 | 000,004,167 | ---- | M] () -- C:\Users\Chunks\Desktop\emot-tviv.gif
[2011/08/09 03:12:54 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/08/09 03:06:37 | 000,031,184 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys
[2011/08/09 03:06:36 | 000,041,424 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetProtect.sys
[2011/08/09 02:40:04 | 000,102,462 | ---- | M] () -- C:\Users\Chunks\Desktop\95RKZ.jpg
[2011/08/09 01:59:41 | 000,247,798 | ---- | M] () -- C:\Users\Chunks\Desktop\3cbUD.jpg
[2011/08/06 17:19:01 | 000,300,707 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] Mastermix Classic Cuts.torrent
[2011/08/06 00:05:11 | 000,001,771 | ---- | M] () -- C:\Users\Public\Desktop\Play SBK2011 FIM Superbike World Championship.lnk
[2011/08/04 15:07:17 | 000,235,008 | ---- | M] () -- C:\Users\Chunks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/04 11:24:46 | 000,014,822 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] 1611785.torrent
[2011/08/04 06:17:41 | 000,012,898 | ---- | M] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011-RELOADEDSBK.Superbike.Worl.6345688.TPB.torrent
[2011/08/04 06:16:59 | 000,000,977 | ---- | M] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011.NoDVD-RELOADED.6345910.TPB.torrent
[2011/08/04 06:12:28 | 000,018,613 | ---- | M] () -- C:\Users\Chunks\Desktop\MotoGP.08-RELOADED.4471919.TPB.torrent
[2011/07/31 21:06:54 | 000,092,976 | ---- | M] () -- C:\Users\Chunks\Desktop\monkey-taking-photographs.jpg
[2011/07/31 20:35:11 | 000,037,211 | ---- | M] () -- C:\Users\Chunks\Desktop\HMT051_1.jpg
[2011/07/31 20:32:41 | 000,037,202 | ---- | M] () -- C:\Users\Chunks\Desktop\HMT050_1.jpg
[2011/07/28 23:48:10 | 000,011,608 | ---- | M] () -- C:\Users\Chunks\Desktop\2006-moHonda-CBF600-.jpg
[2011/07/28 23:36:16 | 000,056,137 | ---- | M] () -- C:\Users\Chunks\Desktop\SUZU0271.jpg
[2011/07/28 23:34:41 | 000,114,217 | ---- | M] () -- C:\Users\Chunks\Desktop\lrgscaleKawasaki-ER6N-06+-Scorpion-Steel-Exhaust-Silencer-2.jpg
[2011/07/28 23:21:20 | 000,056,134 | ---- | M] () -- C:\Users\Chunks\Desktop\2008YZFR6_silver_1_b4787bcf.jpg
[2011/07/28 23:19:01 | 000,093,719 | ---- | M] () -- C:\Users\Chunks\Desktop\yamaha_fz6_2009_silver_right_side_view_wallpaper_-_1024x768.jpg
[2011/07/28 23:15:16 | 000,245,471 | ---- | M] () -- C:\Users\Chunks\Desktop\triumph_daytona_675_SE_2008_06.jpg
[2011/07/28 23:09:15 | 000,035,231 | ---- | M] () -- C:\Users\Chunks\Desktop\2007-Kawasaki-ZX-6R-in-Atomic-Silver-right-side.jpg
[2011/07/28 21:44:17 | 000,042,978 | ---- | M] () -- C:\Users\Chunks\Desktop\90 .jpg
[2011/07/28 21:39:26 | 000,056,239 | ---- | M] () -- C:\Users\Chunks\Desktop\90 204782_pu.jpg
[2011/07/28 21:38:14 | 000,041,614 | ---- | M] () -- C:\Users\Chunks\Desktop\65 24926.jpg
[2011/07/28 21:36:15 | 000,023,898 | ---- | M] () -- C:\Users\Chunks\Desktop\100 k7-jean-hood-jeans-black.jpg
[2011/07/28 16:50:40 | 000,006,808 | ---- | M] () -- C:\Users\Chunks\Desktop\280.jpg
[2011/07/28 16:37:45 | 000,014,039 | ---- | M] () -- C:\Users\Chunks\Desktop\30 41OrVP3EdkL._SL500_AA300_.jpg
[2011/07/28 16:31:02 | 000,040,639 | ---- | M] () -- C:\Users\Chunks\Desktop\140 C6-jeans-men-black.jpg
[2011/07/28 16:30:21 | 000,058,473 | ---- | M] () -- C:\Users\Chunks\Desktop\315 furygan grip brown.jpg
[2011/07/27 00:31:11 | 000,089,081 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] Mercenaries.2.World.In.Flames.Multi-2.Full-Rip.Skullptura.torrent
[2011/07/27 00:28:41 | 000,557,474 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] Saints_Row_2-Razor1911.torrent
[2011/07/27 00:27:57 | 000,029,274 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] download-games-2641615-Mafia IISKIDROW (Mafia 2).torrent
[2011/07/27 00:26:44 | 000,186,211 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] mafia PC game yahaa.org.torrent
[2011/07/25 19:33:13 | 000,040,457 | ---- | M] () -- C:\Users\Chunks\Desktop\The_Official_DSA_DVD_Guide_To_Hazard_Perception_Test_Full_ISO.5060399.TPB.torrent
[2011/07/25 17:24:42 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\Driving Theory Test Professional.lnk
[2011/07/25 16:43:02 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\Driving Theory Test.lnk
[2011/07/25 16:27:14 | 000,344,862 | ---- | M] (Oasis Business Services Int. Ltd. ) -- C:\Users\Chunks\Desktop\Driving_theory_test.exe
[2011/07/25 07:38:25 | 000,000,872 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk
[2011/07/23 21:47:33 | 001,588,433 | ---- | M] () -- C:\Users\Chunks\Desktop\IMG_0173.JPG
[2011/07/20 21:12:57 | 000,249,195 | ---- | M] () -- C:\Users\Chunks\Desktop\2 - Scripting Tutorial.pdf
[2011/07/20 20:50:05 | 002,223,083 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_3.pdf
[2011/07/20 20:49:08 | 002,485,384 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_2.pdf
[2011/07/20 20:44:18 | 002,668,998 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_1.pdf
[2011/07/20 20:33:47 | 081,689,326 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_Completed.zip
[2011/07/20 20:32:40 | 074,259,813 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial.zip
[2011/07/19 12:56:45 | 131,622,933 | ---- | M] () -- C:\Users\Chunks\Desktop\3rdPersonShooter.zip
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[22 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/14 00:07:10 | 000,001,011 | ---- | C] () -- C:\Users\Chunks\Desktop\Mercenaries 2.lnk
[2011/08/13 15:07:28 | 000,030,745 | ---- | C] () -- C:\Users\Chunks\Desktop\nude-slave.jpg
[2011/08/12 20:54:03 | 000,089,203 | ---- | C] () -- C:\Users\Chunks\Desktop\disappointment.jpg
[2011/08/09 22:37:42 | 000,691,458 | ---- | C] () -- C:\Users\Chunks\Desktop\london_tube_map.png
[2011/08/09 03:19:43 | 000,004,167 | ---- | C] () -- C:\Users\Chunks\Desktop\emot-tviv.gif
[2011/08/09 03:05:41 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2011/08/09 02:40:03 | 000,102,462 | ---- | C] () -- C:\Users\Chunks\Desktop\95RKZ.jpg
[2011/08/09 01:59:31 | 000,247,798 | ---- | C] () -- C:\Users\Chunks\Desktop\3cbUD.jpg
[2011/08/06 17:18:41 | 000,300,707 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] Mastermix Classic Cuts.torrent
[2011/08/06 00:05:11 | 000,001,771 | ---- | C] () -- C:\Users\Public\Desktop\Play SBK2011 FIM Superbike World Championship.lnk
[2011/08/04 11:24:45 | 000,014,822 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] 1611785.torrent
[2011/08/04 06:17:39 | 000,012,898 | ---- | C] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011-RELOADEDSBK.Superbike.Worl.6345688.TPB.torrent
[2011/08/04 06:16:59 | 000,000,977 | ---- | C] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011.NoDVD-RELOADED.6345910.TPB.torrent
[2011/08/04 06:12:28 | 000,018,613 | ---- | C] () -- C:\Users\Chunks\Desktop\MotoGP.08-RELOADED.4471919.TPB.torrent
[2011/07/31 21:06:53 | 000,092,976 | ---- | C] () -- C:\Users\Chunks\Desktop\monkey-taking-photographs.jpg
[2011/07/31 20:35:11 | 000,037,211 | ---- | C] () -- C:\Users\Chunks\Desktop\HMT051_1.jpg
[2011/07/31 20:32:38 | 000,037,202 | ---- | C] () -- C:\Users\Chunks\Desktop\HMT050_1.jpg
[2011/07/28 23:48:09 | 000,011,608 | ---- | C] () -- C:\Users\Chunks\Desktop\2006-moHonda-CBF600-.jpg
[2011/07/28 23:36:15 | 000,056,137 | ---- | C] () -- C:\Users\Chunks\Desktop\SUZU0271.jpg
[2011/07/28 23:34:27 | 000,114,217 | ---- | C] () -- C:\Users\Chunks\Desktop\lrgscaleKawasaki-ER6N-06+-Scorpion-Steel-Exhaust-Silencer-2.jpg
[2011/07/28 23:21:19 | 000,056,134 | ---- | C] () -- C:\Users\Chunks\Desktop\2008YZFR6_silver_1_b4787bcf.jpg
[2011/07/28 23:19:01 | 000,093,719 | ---- | C] () -- C:\Users\Chunks\Desktop\yamaha_fz6_2009_silver_right_side_view_wallpaper_-_1024x768.jpg
[2011/07/28 23:15:16 | 000,245,471 | ---- | C] () -- C:\Users\Chunks\Desktop\triumph_daytona_675_SE_2008_06.jpg
[2011/07/28 23:09:15 | 000,035,231 | ---- | C] () -- C:\Users\Chunks\Desktop\2007-Kawasaki-ZX-6R-in-Atomic-Silver-right-side.jpg
[2011/07/28 21:39:26 | 000,056,239 | ---- | C] () -- C:\Users\Chunks\Desktop\90 204782_pu.jpg
[2011/07/28 21:38:14 | 000,041,614 | ---- | C] () -- C:\Users\Chunks\Desktop\65 24926.jpg
[2011/07/28 21:36:15 | 000,023,898 | ---- | C] () -- C:\Users\Chunks\Desktop\100 k7-jean-hood-jeans-black.jpg
[2011/07/28 21:35:38 | 000,042,978 | ---- | C] () -- C:\Users\Chunks\Desktop\90 .jpg
[2011/07/28 16:50:40 | 000,006,808 | ---- | C] () -- C:\Users\Chunks\Desktop\280.jpg
[2011/07/28 16:37:45 | 000,014,039 | ---- | C] () -- C:\Users\Chunks\Desktop\30 41OrVP3EdkL._SL500_AA300_.jpg
[2011/07/28 16:31:02 | 000,040,639 | ---- | C] () -- C:\Users\Chunks\Desktop\140 C6-jeans-men-black.jpg
[2011/07/28 16:30:21 | 000,058,473 | ---- | C] () -- C:\Users\Chunks\Desktop\315 furygan grip brown.jpg
[2011/07/27 00:31:10 | 000,089,081 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] Mercenaries.2.World.In.Flames.Multi-2.Full-Rip.Skullptura.torrent
[2011/07/27 00:28:36 | 000,557,474 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] Saints_Row_2-Razor1911.torrent
[2011/07/27 00:27:56 | 000,029,274 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] download-games-2641615-Mafia IISKIDROW (Mafia 2).torrent
[2011/07/27 00:26:38 | 000,186,211 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] mafia PC game yahaa.org.torrent
[2011/07/25 19:33:11 | 000,040,457 | ---- | C] () -- C:\Users\Chunks\Desktop\The_Official_DSA_DVD_Guide_To_Hazard_Perception_Test_Full_ISO.5060399.TPB.torrent
[2011/07/25 17:24:42 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\Driving Theory Test Professional.lnk
[2011/07/25 16:34:38 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\Driving Theory Test.lnk
[2011/07/25 07:38:25 | 000,000,872 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk
[2011/07/23 21:51:11 | 001,588,433 | ---- | C] () -- C:\Users\Chunks\Desktop\IMG_0173.JPG
[2011/07/20 21:12:57 | 000,249,195 | ---- | C] () -- C:\Users\Chunks\Desktop\2 - Scripting Tutorial.pdf
[2011/07/20 20:50:05 | 002,223,083 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_3.pdf
[2011/07/20 20:49:08 | 002,485,384 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_2.pdf
[2011/07/20 20:44:18 | 002,668,998 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_1.pdf
[2011/07/20 20:23:33 | 074,259,813 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial.zip
[2011/07/20 20:23:15 | 081,689,326 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_Completed.zip
[2011/07/19 12:51:11 | 131,622,933 | ---- | C] () -- C:\Users\Chunks\Desktop\3rdPersonShooter.zip
[2011/06/02 14:38:22 | 000,036,892 | ---- | C] () -- C:\Windows\System32\bassmod.dll
[2011/05/25 23:51:36 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2011/04/18 00:50:13 | 000,000,132 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/04/14 00:19:51 | 000,001,456 | ---- | C] () -- C:\Users\Chunks\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/04/03 21:03:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/02 11:49:08 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2011/03/27 22:49:20 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/27 22:49:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/27 22:49:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/27 22:49:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/27 22:49:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/14 12:44:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SBRC.dat
[2011/03/09 00:23:52 | 000,000,173 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/02/24 17:32:15 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2011/02/16 15:24:03 | 000,227,840 | ---- | C] () -- C:\Windows\System32\K8E.exe
[2011/02/16 15:24:03 | 000,040,960 | ---- | C] () -- C:\Windows\System32\K8D.dll
[2011/02/16 15:24:03 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FASTTime32.dll
[2011/01/22 00:28:07 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2011/01/21 07:27:35 | 000,031,007 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\UserTile.png
[2010/11/30 22:13:36 | 000,013,310 | ---- | C] () -- C:\Windows\System32\Pen_Tablet.dat
[2010/11/10 03:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2010/11/10 03:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/11/10 03:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/11/10 03:31:42 | 000,026,286 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/09/05 14:03:21 | 000,001,722 | ---- | C] () -- C:\Windows\tefview.ini
[2010/08/08 02:41:12 | 000,000,695 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010/07/26 18:19:28 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/07/20 17:29:07 | 000,219,580 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/06/15 17:12:56 | 000,035,344 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/06/15 17:12:17 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/06/15 17:11:41 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe
[2010/06/15 17:09:45 | 000,005,144 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2010/05/29 12:05:35 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2010/05/12 15:44:31 | 000,097,388 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/03/19 00:27:19 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/02/17 18:22:08 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/01/23 23:40:59 | 000,000,680 | ---- | C] () -- C:\Users\Chunks\AppData\Local\d3d9caps.dat
[2009/09/11 10:06:39 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/11 10:06:39 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/12/11 14:48:52 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP7302.INI
[2008/11/26 01:34:18 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/11/09 15:14:08 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/10/16 06:54:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/18 05:42:17 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2008/06/12 16:12:24 | 000,000,287 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/05/29 14:26:15 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2008/05/22 23:22:18 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/05/07 19:15:01 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/05/07 19:14:55 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2008/05/07 19:14:49 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2008/05/04 06:48:26 | 000,022,328 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\PnkBstrK.sys
[2008/05/01 05:36:15 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2008/04/24 10:33:04 | 000,000,483 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/03/19 09:52:29 | 000,000,004 | ---- | C] () -- C:\Windows\info147.sys
[2008/02/18 21:30:24 | 000,037,888 | ---- | C] () -- C:\Windows\System32\GsiDi32.dll
[2008/02/18 21:27:21 | 000,000,290 | ---- | C] () -- C:\Windows\wininit.ini
[2008/02/18 21:20:00 | 000,016,384 | ---- | C] () -- C:\Windows\System32\dslagent.exe
[2008/02/09 14:07:39 | 000,040,960 | ---- | C] () -- C:\Windows\CleanDev.exe
[2008/02/09 14:07:39 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe
[2008/02/08 09:51:22 | 000,000,090 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\wklnhst.dat
[2008/02/07 13:16:54 | 000,235,008 | ---- | C] () -- C:\Users\Chunks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/05 08:24:38 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 004,014,864 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,642,670 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,122,598 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/23 11:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll

========== LOP Check ==========

[2008/10/04 15:25:07 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\.ABC
[2011/06/01 01:32:18 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\.minecraft
[2011/02/18 20:41:05 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\.purple
[2009/12/20 02:25:58 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Ambient Design
[2010/05/02 15:06:49 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\AnvSoft
[2009/12/20 02:09:46 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Bamboo Explore
[2010/07/24 23:16:03 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2008/06/17 06:38:42 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Bioshock
[2009/10/30 16:53:49 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\BitTyrant
[2008/08/30 11:38:50 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\BlackBean
[2011/04/28 03:30:32 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/02/17 23:12:42 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DAEMON Tools
[2011/01/15 15:25:54 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DAEMON Tools Lite
[2011/08/16 14:30:24 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DisplayFusion
[2010/08/07 21:07:27 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DVDVideoSoftIEHelpers
[2008/04/04 10:32:46 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\eMule
[2009/03/06 04:40:16 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\EveHQ
[2011/02/14 07:59:15 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\EVEMon
[2011/08/15 15:55:11 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\FileZilla
[2011/04/13 22:24:25 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\GetRightToGo
[2010/10/19 11:54:50 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\GTS
[2011/02/28 07:45:45 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Guitar Pro 6
[2009/02/16 08:26:02 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Helios
[2010/02/27 09:15:34 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Leadertech
[2011/02/24 18:47:13 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\MAGIX
[2008/05/01 05:12:59 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Megaupload
[2009/05/02 21:58:14 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Mumble
[2008/09/06 00:46:59 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\NoteTab Light
[2011/07/15 10:19:58 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PACE Anti-Piracy
[2010/12/15 09:17:23 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PCDr
[2011/01/21 07:27:33 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PeerNetworking
[2011/06/05 13:54:56 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PunkBuster
[2011/01/08 16:14:26 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Seeing Machines
[2010/02/09 07:51:32 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Sony
[2008/05/21 15:54:43 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\SpinTop
[2011/07/14 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/12/25 09:19:25 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\SystemRequirementsLab
[2008/02/08 09:51:23 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Template
[2009/08/15 15:29:00 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\The Creative Assembly
[2010/07/29 10:42:36 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\TightVNC
[2009/09/30 00:48:12 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Trillian
[2009/11/22 16:25:13 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Trusteer
[2010/05/18 09:31:26 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Ubisoft
[2011/04/13 22:51:00 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Uniblue
[2011/07/16 14:16:08 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Unity
[2011/08/11 23:21:05 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\uTorrent
[2011/02/21 15:06:27 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\WebcamZoneTrigger
[2009/12/18 18:20:06 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\WTouch
[2010/02/24 13:25:17 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Trusteer
[2010/02/24 13:25:17 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Trusteer
[2011/08/16 05:00:08 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/02/05 08:16:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/02/05 08:16:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2006/11/02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 167 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 1200 bytes -> C:\ProgramData\Microsoft:D2DqTgdcQcdZtkV0RNm5
@Alternate Data Stream - 1145 bytes -> C:\Users\Chunks\AppData\Local\cwA0Wlv7YbCy:9nuAedzIuzH04UdRV
@Alternate Data Stream - 1117 bytes -> C:\ProgramData\Microsoft:cdOycBlbGHZ10t4fsb3edIdFtCn4Q
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:52B72A7C
@Alternate Data Stream - 1055 bytes -> C:\Users\Chunks\AppData\Local\TyZ4ZR7LuRFh:ftVS9pUsHaOJj0CgDrx93qDY

< End of report >
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That is correct, as there are multiple systems showing the apparent infection and Avast is not alerting you to something on the system, that would be my best analysis. So a reset of the router to defaults will remove any infection there

Have you run aswMBR as it is not attached :)

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found
    IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
    IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
    IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O3 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
    O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [Zyxmon] File not found
    [2011/08/09 12:04:56 | 000,000,000 | ---D | C] -- C:\Windows\Temp842CF182-8F7E-DB20-513A-DD3297DC93BB-Signatures
    @Alternate Data Stream - 1200 bytes -> C:\ProgramData\Microsoft:D2DqTgdcQcdZtkV0RNm5
    @Alternate Data Stream - 1145 bytes -> C:\Users\Chunks\AppData\Local\cwA0Wlv7YbCy:9nuAedzIuzH04UdRV
    @Alternate Data Stream - 1117 bytes -> C:\ProgramData\Microsoft:cdOycBlbGHZ10t4fsb3edIdFtCn4Q
    @Alternate Data Stream - 1055 bytes -> C:\Users\Chunks\AppData\Local\TyZ4ZR7LuRFh:ftVS9pUsHaOJj0CgDrx93qDY


    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#5
Chunk5

Chunk5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Sorry, could have sworn I put it in the attachments with my reply, but here's the text:aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-16 15:49:20
-----------------------------
15:49:20.784 OS Version: Windows 6.0.6002 Service Pack 2
15:49:20.784 Number of processors: 4 586 0xF0B
15:49:20.788 ComputerName: COLIN UserName:
15:49:26.531 Initialize success
15:49:27.923 AVAST engine defs: 11070401
15:50:05.046 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:50:05.051 Disk 0 Vendor: ST325031 3.AD Size: 238418MB BusType: 3
15:50:05.057 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
15:50:05.062 Disk 1 Vendor: ST325031 3.AD Size: 238418MB BusType: 3
15:50:05.150 Disk 0 MBR read successfully
15:50:05.155 Disk 0 MBR scan
15:50:05.161 Disk 0 Windows VISTA default MBR code
15:50:05.195 Disk 0 scanning sectors +488278016
15:50:05.264 Disk 0 scanning C:\Windows\system32\drivers
15:50:16.770 Service scanning
15:50:19.588 Modules scanning
15:50:46.231 Disk 0 trace - called modules:
15:50:46.248 ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys iastor.sys hal.dll
15:50:46.249 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8918fac8]
15:50:46.250 3 CLASSPNP.SYS[8cfb48b3] -> nt!IofCallDriver -> [0x88f89760]
15:50:46.250 5 PCTCore.sys[850ef099] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x88352028]
15:50:47.618 AVAST engine scan C:\Windows
15:50:51.655 AVAST engine scan C:\Windows\system32
15:52:37.255 AVAST engine scan C:\Windows\system32\drivers
15:52:50.511 AVAST engine scan C:\Users\Chunks
17:36:44.673 AVAST engine scan C:\ProgramData
17:49:44.936 Scan finished successfully
18:18:37.188 Disk 0 MBR has been saved successfully to "C:\Program Files\Mozilla Firefox\MBR.dat"
18:18:37.224 The log file has been saved successfully to "C:\Program Files\Mozilla Firefox\aswMBR.txt"
18:19:05.002 Disk 0 MBR has been saved successfully to "C:\Users\Chunks\Desktop\MBR.dat"
18:19:05.032 The log file has been saved successfully to "C:\Users\Chunks\Desktop\aswMBR.txt"



I haven't done the next stage in your reply just yet, will update when I have.
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK
  • 0

#7
Chunk5

Chunk5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I reset my router and it 'seems' to have fixed the redirecting. Not sure if there's anything lurking on the PC to re-enable it or not.

Also, following the last set of instructions. When I run OTL, it crashes. "OTL has stopped working, Windows is trying to find a solution......". Tried it twice, still the same issue.
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
At what stage does OTL crash ? Is it when it sets a restore point or clearing the Host file ?

Could you run a fresh OTL scan so that I can see what is has and has not removed
  • 0

#9
Chunk5

Chunk5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
I'm not entirely sure what stage it crashes, it says 'Emptying temp folders' at the bottom of the program window.

I did another OTL scan, using the parameters you requested in your original reply. Log as follows:


OTL logfile created on: 19/08/2011 13:27:55 - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Chunks\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 34.17% Memory free
6.19 Gb Paging File | 3.71 Gb Available in Paging File | 59.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 217.78 Gb Total Space | 38.63 Gb Free Space | 17.74% Space Free | Partition Type: NTFS
Drive D: | 232.83 Gb Total Space | 83.32 Gb Free Space | 35.78% Space Free | Partition Type: NTFS
Drive E: | 15.00 Gb Total Space | 10.75 Gb Free Space | 71.66% Space Free | Partition Type: NTFS

Computer Name: COLIN | User Name: Chunks | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Chunks\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Immunet Protect\2.0.17\iptray.exe (Immunet)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\Trillian\trillian.exe (Cerulean Studios)
PRC - C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (Trusteer Ltd.)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
PRC - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files\WTouch\WTouchUser.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe (Intel® Corporation)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
PRC - C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Chunks\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Program Files\DisplayFusion\Hooks\DisplayFusionHookx86_68abfe57-d015-4b39-b24e-4a7b5d8fe5e0.dll (Binary Fortress Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\PC Tools Security\smum32.dll (PC Tools)


========== Win32 Services (SafeList) ==========

SRV - (SSDPDIS) -- File not found
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- File not found
SRV - (rpcc) -- File not found
SRV - (Cryptags) -- File not found
SRV - (scan) -- C:\Program Files\Immunet Protect\tetra\scan.dll (Immunet)
SRV - (ImmunetProtect) -- C:\Program Files\Immunet Protect\2.0.17\agent.exe (Immunet Corporation)
SRV - (iRacingService) -- C:\Program Files\iRacing\iRacingService.exe (iRacing.com Motorsport Simulations, LLC
Bedford, MA 01730)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (sdCoreService) -- C:\Program Files\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (tvnserver) -- C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (sdAuxService) -- C:\Program Files\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WTouchService) -- C:\Program Files\WTouch\WTouchService.exe (Wacom Technology, Corp.)
SRV - (TabletServicePen) -- C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (UpdateCenterService) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (KService) -- C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AlertService) Intel® -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
SRV - (QualityManager) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe (Intel® Corporation)
SRV - (Remote UI Service) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
SRV - (MCLServiceATL) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
SRV - (DHTRACE) Intel® -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe (Intel® Corporation)
SRV - (ISSM) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel® Corporation)
SRV - (NMSCore) Intel® -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe (Intel® Corporation)
SRV - (M1 Server) Intel® Viiv™ -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()


========== Driver Services (SafeList) ==========

DRV - (ImmunetSelfProtectDriver) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys (Windows ® Codename Longhorn DDK provider)
DRV - (ImmunetProtectDriver) -- C:\Windows\System32\drivers\ImmunetProtect.sys (Windows ® Codename Longhorn DDK provider)
DRV - (RapportCerberus_29574) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys ()
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)
DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)
DRV - (RapportKELL) -- C:\Windows\System32\Drivers\RapportKELL.sys (Trusteer Ltd.)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WsAudio_DeviceS(5)) WsAudio_DeviceS(5) -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys (Wondershare)
DRV - (WsAudio_DeviceS(4)) WsAudio_DeviceS(4) -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys (Wondershare)
DRV - (WsAudio_DeviceS(3)) WsAudio_DeviceS(3) -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys (Wondershare)
DRV - (WsAudio_DeviceS(2)) WsAudio_DeviceS(2) -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys (Wondershare)
DRV - (WsAudio_DeviceS(1)) WsAudio_DeviceS(1) -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys (Wondershare)
DRV - (PCTCore) -- C:\Windows\system32\drivers\PCTCore.sys (PC Tools)
DRV - (LVUVC) Logitech QuickCam Pro 9000(UVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (SBRE) -- C:\Windows\System32\drivers\SBREDrv.sys (Sunbelt Software)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (MungoDriver) -- C:\Windows\System32\drivers\MungoDriver.sys (Windows ® Win 7 DDK provider)
DRV - (pctEFA) -- C:\Windows\system32\drivers\pctEFA.sys (PC Tools)
DRV - (pctDS) -- C:\Windows\system32\drivers\pctDS.sys (PC Tools)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (hcw10bda) WinTV-HVR-900H (111xxx) -- C:\Windows\System32\drivers\hcw10bda.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw10cir) -- C:\Windows\System32\drivers\hcw10cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmHidLo) -- C:\Windows\System32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (nvoclock) -- C:\Windows\System32\drivers\nvoclock.sys (NVIDIA Corp.)
DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)
DRV - (RivaTuner32) -- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys ()
DRV - (WacomVTHid) -- C:\Windows\System32\drivers\WacomVTHid.sys (Wacom Technology)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (gameenum) -- C:\Windows\System32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ZY202_VS) -- C:\Windows\System32\drivers\WlanUZG.sys (Atheros Communications, Inc.)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (ctgame) -- C:\Windows\System32\drivers\ctgame.sys (Creative Technology Ltd.)
DRV - (PAC7302) -- C:\Windows\System32\drivers\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (ARCSOFTVIRTUALCAPTURE) -- C:\Windows\System32\drivers\ArcSoftVirtualCapture.sys (ArcSoft, Inc.)
DRV - (ZYXEL750) -- C:\Windows\System32\drivers\WLANUTG.SYS (Texas Instruments)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (PPortJoystick) -- C:\Windows\System32\drivers\PPortJoy.sys (Deon van der Westhuysen)
DRV - (PPJoyBus) -- C:\Windows\System32\drivers\PPJoyBus.sys (Deon van der Westhuysen)
DRV - (msgame) -- C:\Windows\System32\drivers\msgame.sys (Microsoft Corporation)
DRV - (hidgame) -- C:\Windows\System32\drivers\hidgame.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Key error. File not found



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\PROGRA~1\SPEEDB~1\proxy.pac

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\PROGRA~1\SPEEDB~1\proxy.pac


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://kronge.netfirms.com/mob/lan
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://uk.ask.com?o=14086&l=dis
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://search.babylo...earch&AF=17435"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.bbc.co.uk/news/"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: {c1970c0d-dbe6-4d91-804f-c9c0de643a57}:1.3.2.13
FF - prefs.js..keyword.URL: "http://www.ask.com/w...13796&l=dis&q="
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Chunks\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.7.1: C:\Users\Chunks\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/04/13 21:06:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/08/09 03:11:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/17 22:54:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/12 09:57:05 | 000,000,000 | ---D | M]

[2008/12/19 19:35:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Extensions
[2011/08/17 22:55:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions
[2010/08/07 21:07:27 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/04/23 14:43:42 | 000,000,000 | ---D | M] (NoRedirect) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions\{c1970c0d-dbe6-4d91-804f-c9c0de643a57}
[2011/02/22 23:34:48 | 000,000,000 | ---D | M] (Add to Search Bar) -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\extensions\[email protected]
[2011/02/22 23:36:13 | 000,001,268 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\amazoncouk.xml
[2011/04/02 11:06:26 | 000,001,019 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\bing.xml
[2011/02/24 16:28:53 | 000,000,981 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\ebaycouk.xml
[2011/06/03 00:59:39 | 000,001,131 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\gamefaqs.xml
[2011/01/12 14:06:31 | 000,012,703 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\imdb.xml
[2011/08/14 17:30:01 | 000,004,873 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\isohunt--bt-search.xml
[2011/03/26 04:35:21 | 000,002,336 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\toms-hardware.xml
[2011/01/12 14:05:14 | 000,002,057 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\searchplugins\youtube-video-search.xml
[2011/06/27 23:01:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/10 18:59:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/13 14:02:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/16 16:29:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/27 23:01:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\CHUNKS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JQGTDMM6.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2009/09/02 03:01:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/08/17 22:54:19 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/01/25 11:09:10 | 000,106,496 | ---- | M] (British Broadcasting Corporation) -- C:\Program Files\mozilla firefox\plugins\npBBCPlugin.dll
[2010/03/27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npContribute.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/03/31 10:09:22 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\PDFNetC.dll
[2010/04/08 12:36:02 | 000,107,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll
[2011/02/16 16:03:22 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/19 03:47:59 | 000,000,087 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Immunet Protect] C:\Program Files\Immunet Protect\2.0.17\iptray.exe (Immunet)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RivaTunerStartupDaemon] C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [DAEMON Tools Lite] File not found
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [DellSupportCenter] File not found
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000..\Run: [Zyxmon] File not found
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001..\Run: [DisplayFusion] C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O4 - Startup: C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3732907531-2061309169-3991771752-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Chunks\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Chunks\AppData\Roaming\DisplayFusion\Wallpaper_2.jpg
O24 - Desktop BackupWallPaper: C:\Users\Chunks\AppData\Roaming\DisplayFusion\Wallpaper_2.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: SSDPDIS - File not found
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: download02 - File not found
NetSvcs: wowsystemcode - File not found
NetSvcs: Cryptags - File not found
NetSvcs: rpcc - File not found
NetSvcs: v - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Users\Chunks\Desktop\[Torrentsworld.net] - John Safrans Race Relations S1 E3 Sk37cH.torrent
[2011/08/16 14:34:13 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Users\Chunks\Desktop\aswMBR.exe
[2011/08/12 09:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/12 09:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/08/11 00:54:27 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\2K Games
[2011/08/11 00:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mafia II
[2011/08/11 00:10:08 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\THQ
[2011/08/10 23:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saints Row 2
[2011/08/09 15:59:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Chunks\Desktop\OTL.exe
[2011/08/09 12:04:56 | 000,000,000 | ---D | C] -- C:\Windows\Temp842CF182-8F7E-DB20-513A-DD3297DC93BB-Signatures
[2011/08/09 03:21:16 | 000,656,320 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctEFA.sys
[2011/08/09 03:21:15 | 000,338,880 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctDS.sys
[2011/08/09 03:21:13 | 000,249,616 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2011/08/09 03:21:13 | 000,102,184 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2011/08/09 03:21:06 | 000,239,168 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2011/08/09 03:21:05 | 000,160,448 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2011/08/09 03:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/08/09 03:20:38 | 000,070,536 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2011/08/09 03:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/08/09 03:19:19 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\PC Tools
[2011/08/09 03:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/08/09 03:13:07 | 000,309,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/08/09 03:13:07 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/08/09 03:13:01 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/08/09 03:12:59 | 000,043,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/08/09 03:12:55 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/08/09 03:12:54 | 000,054,104 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/08/09 03:11:33 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/08/09 03:11:26 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/08/09 03:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immunet Protect
[2011/08/09 03:06:54 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\Immunet
[2011/08/09 03:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Immunet
[2011/08/09 03:06:44 | 000,031,184 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys
[2011/08/09 03:06:41 | 000,041,424 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetProtect.sys
[2011/08/09 03:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\Immunet Protect
[2011/08/09 03:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater
[2011/08/09 03:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2011/08/06 00:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\BlackBeanGames
[2011/08/06 00:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Bean Games
[2011/08/04 14:09:30 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Local\{DF74BC72-BDD1-4F52-AD7E-5F3B3649C4ED}
[2011/07/31 23:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/07/26 16:48:41 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\dvdcss
[2011/07/25 17:24:42 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driving Theory Test Professional
[2011/07/25 17:24:23 | 000,000,000 | ---D | C] -- C:\Program Files\Driving Theory Test Professional
[2011/07/25 16:34:38 | 000,000,000 | ---D | C] -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driving Theory Test
[2011/07/25 16:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Driving Theory Test
[2011/07/25 16:27:09 | 000,344,862 | ---- | C] (Oasis Business Services Int. Ltd. ) -- C:\Users\Chunks\Desktop\Driving_theory_test.exe
[2011/07/21 00:27:55 | 000,000,000 | ---D | C] -- C:\Users\Chunks\Documents\Eidos
[2011/07/21 00:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos
[2011/07/20 21:00:55 | 000,000,000 | ---D | C] -- C:\Users\Chunks\Documents\New Unity Project
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[22 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\Chunks\Desktop\[Torrentsworld.net] - John Safrans Race Relations S1 E3 Sk37cH.torrent
[2011/08/19 13:14:08 | 000,015,241 | ---- | M] () -- C:\Users\Chunks\Desktop\Release_Title_Rise_of_the_Planet_of_the_Apes_2011_TS_x264_AAC-Di.6589337.TPB.torrent
[2011/08/19 13:06:10 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/08/19 12:48:19 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/19 12:48:19 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/19 10:30:06 | 000,235,520 | ---- | M] () -- C:\Users\Chunks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/19 09:16:49 | 000,115,583 | ---- | M] () -- C:\Users\Chunks\Desktop\Super_8_2011_CAM_XViD-EP1C.6467327.TPB.torrent
[2011/08/19 08:48:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/18 06:53:30 | 375,976,342 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/08/18 06:49:16 | 000,642,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/18 06:49:16 | 000,122,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/16 18:19:05 | 000,000,512 | ---- | M] () -- C:\Users\Chunks\Desktop\MBR.dat
[2011/08/16 14:34:16 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Users\Chunks\Desktop\aswMBR.exe
[2011/08/15 18:00:15 | 000,013,310 | ---- | M] () -- C:\Windows\System32\Pen_Tablet.dat
[2011/08/15 01:07:52 | 000,001,456 | ---- | M] () -- C:\Users\Chunks\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/08/14 00:07:10 | 000,001,011 | ---- | M] () -- C:\Users\Chunks\Desktop\Mercenaries 2.lnk
[2011/08/13 15:07:29 | 000,030,745 | ---- | M] () -- C:\Users\Chunks\Desktop\nude-slave.jpg
[2011/08/12 20:54:27 | 000,089,203 | ---- | M] () -- C:\Users\Chunks\Desktop\disappointment.jpg
[2011/08/11 03:41:46 | 002,497,006 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2011/08/09 22:37:43 | 000,691,458 | ---- | M] () -- C:\Users\Chunks\Desktop\london_tube_map.png
[2011/08/09 16:00:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Chunks\Desktop\OTL.exe
[2011/08/09 03:20:44 | 000,004,167 | ---- | M] () -- C:\Users\Chunks\Desktop\emot-tviv.gif
[2011/08/09 03:12:54 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/08/09 03:06:37 | 000,031,184 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetSelfProtect.sys
[2011/08/09 03:06:36 | 000,041,424 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\ImmunetProtect.sys
[2011/08/09 02:40:04 | 000,102,462 | ---- | M] () -- C:\Users\Chunks\Desktop\95RKZ.jpg
[2011/08/09 01:59:41 | 000,247,798 | ---- | M] () -- C:\Users\Chunks\Desktop\3cbUD.jpg
[2011/08/06 17:19:01 | 000,300,707 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] Mastermix Classic Cuts.torrent
[2011/08/06 00:05:11 | 000,001,771 | ---- | M] () -- C:\Users\Public\Desktop\Play SBK2011 FIM Superbike World Championship.lnk
[2011/08/04 11:24:46 | 000,014,822 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] 1611785.torrent
[2011/08/04 06:17:41 | 000,012,898 | ---- | M] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011-RELOADEDSBK.Superbike.Worl.6345688.TPB.torrent
[2011/08/04 06:16:59 | 000,000,977 | ---- | M] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011.NoDVD-RELOADED.6345910.TPB.torrent
[2011/08/04 06:12:28 | 000,018,613 | ---- | M] () -- C:\Users\Chunks\Desktop\MotoGP.08-RELOADED.4471919.TPB.torrent
[2011/07/31 21:06:54 | 000,092,976 | ---- | M] () -- C:\Users\Chunks\Desktop\monkey-taking-photographs.jpg
[2011/07/31 20:35:11 | 000,037,211 | ---- | M] () -- C:\Users\Chunks\Desktop\HMT051_1.jpg
[2011/07/31 20:32:41 | 000,037,202 | ---- | M] () -- C:\Users\Chunks\Desktop\HMT050_1.jpg
[2011/07/28 23:48:10 | 000,011,608 | ---- | M] () -- C:\Users\Chunks\Desktop\Honda CBF600 2006.jpg
[2011/07/28 23:36:16 | 000,056,137 | ---- | M] () -- C:\Users\Chunks\Desktop\Suzuki GSX r600.jpg
[2011/07/28 23:34:41 | 000,114,217 | ---- | M] () -- C:\Users\Chunks\Desktop\Kawasaki ER6N-06.jpg
[2011/07/28 23:21:20 | 000,056,134 | ---- | M] () -- C:\Users\Chunks\Desktop\2008YZFR6_silver_1_b4787bcf.jpg
[2011/07/28 23:19:01 | 000,093,719 | ---- | M] () -- C:\Users\Chunks\Desktop\yamaha FZ6 2009.jpg
[2011/07/28 23:15:16 | 000,245,471 | ---- | M] () -- C:\Users\Chunks\Desktop\triumph_daytona_675_SE_2008_06.jpg
[2011/07/28 23:09:15 | 000,035,231 | ---- | M] () -- C:\Users\Chunks\Desktop\2007-Kawasaki-ZX-6R-in-Atomic-Silver-right-side.jpg
[2011/07/28 21:44:17 | 000,042,978 | ---- | M] () -- C:\Users\Chunks\Desktop\90 .jpg
[2011/07/28 21:39:26 | 000,056,239 | ---- | M] () -- C:\Users\Chunks\Desktop\90 204782_pu.jpg
[2011/07/28 21:38:14 | 000,041,614 | ---- | M] () -- C:\Users\Chunks\Desktop\65 24926.jpg
[2011/07/28 21:36:15 | 000,023,898 | ---- | M] () -- C:\Users\Chunks\Desktop\100 k7-jean-hood-jeans-black.jpg
[2011/07/28 16:50:40 | 000,006,808 | ---- | M] () -- C:\Users\Chunks\Desktop\280.jpg
[2011/07/28 16:37:45 | 000,014,039 | ---- | M] () -- C:\Users\Chunks\Desktop\30 41OrVP3EdkL._SL500_AA300_.jpg
[2011/07/28 16:31:02 | 000,040,639 | ---- | M] () -- C:\Users\Chunks\Desktop\140 C6-jeans-men-black.jpg
[2011/07/28 16:30:21 | 000,058,473 | ---- | M] () -- C:\Users\Chunks\Desktop\315 furygan grip brown.jpg
[2011/07/27 00:31:11 | 000,089,081 | ---- | M] () -- C:\Users\Chunks\Desktop\[isoHunt] Mercenaries.2.World.In.Flames.Multi-2.Full-Rip.Skullptura.torrent
[2011/07/25 19:33:13 | 000,040,457 | ---- | M] () -- C:\Users\Chunks\Desktop\The_Official_DSA_DVD_Guide_To_Hazard_Perception_Test_Full_ISO.5060399.TPB.torrent
[2011/07/25 17:24:42 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\Driving Theory Test Professional.lnk
[2011/07/25 16:43:02 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\Driving Theory Test.lnk
[2011/07/25 16:27:14 | 000,344,862 | ---- | M] (Oasis Business Services Int. Ltd. ) -- C:\Users\Chunks\Desktop\Driving_theory_test.exe
[2011/07/25 07:38:25 | 000,000,872 | ---- | M] () -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk
[2011/07/23 21:47:33 | 001,588,433 | ---- | M] () -- C:\Users\Chunks\Desktop\IMG_0173.JPG
[2011/07/20 21:12:57 | 000,249,195 | ---- | M] () -- C:\Users\Chunks\Desktop\2 - Scripting Tutorial.pdf
[2011/07/20 20:50:05 | 002,223,083 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_3.pdf
[2011/07/20 20:49:08 | 002,485,384 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_2.pdf
[2011/07/20 20:44:18 | 002,668,998 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_1.pdf
[2011/07/20 20:33:47 | 081,689,326 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_Completed.zip
[2011/07/20 20:32:40 | 074,259,813 | ---- | M] () -- C:\Users\Chunks\Desktop\FPS_Tutorial.zip
[7 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[22 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/19 13:14:08 | 000,015,241 | ---- | C] () -- C:\Users\Chunks\Desktop\Release_Title_Rise_of_the_Planet_of_the_Apes_2011_TS_x264_AAC-Di.6589337.TPB.torrent
[2011/08/19 09:16:47 | 000,115,583 | ---- | C] () -- C:\Users\Chunks\Desktop\Super_8_2011_CAM_XViD-EP1C.6467327.TPB.torrent
[2011/08/18 06:53:30 | 375,976,342 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/08/16 18:19:05 | 000,000,512 | ---- | C] () -- C:\Users\Chunks\Desktop\MBR.dat
[2011/08/14 00:07:10 | 000,001,011 | ---- | C] () -- C:\Users\Chunks\Desktop\Mercenaries 2.lnk
[2011/08/13 15:07:28 | 000,030,745 | ---- | C] () -- C:\Users\Chunks\Desktop\nude-slave.jpg
[2011/08/12 20:54:03 | 000,089,203 | ---- | C] () -- C:\Users\Chunks\Desktop\disappointment.jpg
[2011/08/09 22:37:42 | 000,691,458 | ---- | C] () -- C:\Users\Chunks\Desktop\london_tube_map.png
[2011/08/09 03:19:43 | 000,004,167 | ---- | C] () -- C:\Users\Chunks\Desktop\emot-tviv.gif
[2011/08/09 03:05:41 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2011/08/09 02:40:03 | 000,102,462 | ---- | C] () -- C:\Users\Chunks\Desktop\95RKZ.jpg
[2011/08/09 01:59:31 | 000,247,798 | ---- | C] () -- C:\Users\Chunks\Desktop\3cbUD.jpg
[2011/08/06 17:18:41 | 000,300,707 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] Mastermix Classic Cuts.torrent
[2011/08/06 00:05:11 | 000,001,771 | ---- | C] () -- C:\Users\Public\Desktop\Play SBK2011 FIM Superbike World Championship.lnk
[2011/08/04 11:24:45 | 000,014,822 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] 1611785.torrent
[2011/08/04 06:17:39 | 000,012,898 | ---- | C] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011-RELOADEDSBK.Superbike.Worl.6345688.TPB.torrent
[2011/08/04 06:16:59 | 000,000,977 | ---- | C] () -- C:\Users\Chunks\Desktop\SBK.Superbike.World.Championship.2011.NoDVD-RELOADED.6345910.TPB.torrent
[2011/08/04 06:12:28 | 000,018,613 | ---- | C] () -- C:\Users\Chunks\Desktop\MotoGP.08-RELOADED.4471919.TPB.torrent
[2011/07/31 21:06:53 | 000,092,976 | ---- | C] () -- C:\Users\Chunks\Desktop\monkey-taking-photographs.jpg
[2011/07/31 20:35:11 | 000,037,211 | ---- | C] () -- C:\Users\Chunks\Desktop\HMT051_1.jpg
[2011/07/31 20:32:38 | 000,037,202 | ---- | C] () -- C:\Users\Chunks\Desktop\HMT050_1.jpg
[2011/07/28 23:48:09 | 000,011,608 | ---- | C] () -- C:\Users\Chunks\Desktop\Honda CBF600 2006.jpg
[2011/07/28 23:36:15 | 000,056,137 | ---- | C] () -- C:\Users\Chunks\Desktop\Suzuki GSX r600.jpg
[2011/07/28 23:34:27 | 000,114,217 | ---- | C] () -- C:\Users\Chunks\Desktop\Kawasaki ER6N-06.jpg
[2011/07/28 23:21:19 | 000,056,134 | ---- | C] () -- C:\Users\Chunks\Desktop\2008YZFR6_silver_1_b4787bcf.jpg
[2011/07/28 23:19:01 | 000,093,719 | ---- | C] () -- C:\Users\Chunks\Desktop\yamaha FZ6 2009.jpg
[2011/07/28 23:15:16 | 000,245,471 | ---- | C] () -- C:\Users\Chunks\Desktop\triumph_daytona_675_SE_2008_06.jpg
[2011/07/28 23:09:15 | 000,035,231 | ---- | C] () -- C:\Users\Chunks\Desktop\2007-Kawasaki-ZX-6R-in-Atomic-Silver-right-side.jpg
[2011/07/28 21:39:26 | 000,056,239 | ---- | C] () -- C:\Users\Chunks\Desktop\90 204782_pu.jpg
[2011/07/28 21:38:14 | 000,041,614 | ---- | C] () -- C:\Users\Chunks\Desktop\65 24926.jpg
[2011/07/28 21:36:15 | 000,023,898 | ---- | C] () -- C:\Users\Chunks\Desktop\100 k7-jean-hood-jeans-black.jpg
[2011/07/28 21:35:38 | 000,042,978 | ---- | C] () -- C:\Users\Chunks\Desktop\90 .jpg
[2011/07/28 16:50:40 | 000,006,808 | ---- | C] () -- C:\Users\Chunks\Desktop\280.jpg
[2011/07/28 16:37:45 | 000,014,039 | ---- | C] () -- C:\Users\Chunks\Desktop\30 41OrVP3EdkL._SL500_AA300_.jpg
[2011/07/28 16:31:02 | 000,040,639 | ---- | C] () -- C:\Users\Chunks\Desktop\140 C6-jeans-men-black.jpg
[2011/07/28 16:30:21 | 000,058,473 | ---- | C] () -- C:\Users\Chunks\Desktop\315 furygan grip brown.jpg
[2011/07/27 00:31:10 | 000,089,081 | ---- | C] () -- C:\Users\Chunks\Desktop\[isoHunt] Mercenaries.2.World.In.Flames.Multi-2.Full-Rip.Skullptura.torrent
[2011/07/25 19:33:11 | 000,040,457 | ---- | C] () -- C:\Users\Chunks\Desktop\The_Official_DSA_DVD_Guide_To_Hazard_Perception_Test_Full_ISO.5060399.TPB.torrent
[2011/07/25 17:24:42 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\Driving Theory Test Professional.lnk
[2011/07/25 16:34:38 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\Driving Theory Test.lnk
[2011/07/25 07:38:25 | 000,000,872 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk
[2011/07/23 21:51:11 | 001,588,433 | ---- | C] () -- C:\Users\Chunks\Desktop\IMG_0173.JPG
[2011/07/20 21:12:57 | 000,249,195 | ---- | C] () -- C:\Users\Chunks\Desktop\2 - Scripting Tutorial.pdf
[2011/07/20 20:50:05 | 002,223,083 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_3.pdf
[2011/07/20 20:49:08 | 002,485,384 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_2.pdf
[2011/07/20 20:44:18 | 002,668,998 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_1.pdf
[2011/07/20 20:23:33 | 074,259,813 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial.zip
[2011/07/20 20:23:15 | 081,689,326 | ---- | C] () -- C:\Users\Chunks\Desktop\FPS_Tutorial_Completed.zip
[2011/06/02 14:38:22 | 000,036,892 | ---- | C] () -- C:\Windows\System32\bassmod.dll
[2011/05/25 23:51:36 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2011/04/18 00:50:13 | 000,000,132 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/04/14 00:19:51 | 000,001,456 | ---- | C] () -- C:\Users\Chunks\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/04/03 21:03:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/02 11:49:08 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2011/03/27 22:49:20 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/27 22:49:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/27 22:49:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/27 22:49:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/27 22:49:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/03/14 12:44:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SBRC.dat
[2011/03/09 00:23:52 | 000,000,173 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/02/24 17:32:15 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2011/02/16 15:24:03 | 000,227,840 | ---- | C] () -- C:\Windows\System32\K8E.exe
[2011/02/16 15:24:03 | 000,040,960 | ---- | C] () -- C:\Windows\System32\K8D.dll
[2011/02/16 15:24:03 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FASTTime32.dll
[2011/01/22 00:28:07 | 000,151,552 | ---- | C] () -- C:\Windows\System32\nvRegDev.dll
[2011/01/21 07:27:35 | 000,031,007 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\UserTile.png
[2010/11/30 22:13:36 | 000,013,310 | ---- | C] () -- C:\Windows\System32\Pen_Tablet.dat
[2010/11/10 03:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2010/11/10 03:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/11/10 03:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/11/10 03:31:42 | 000,026,286 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/09/05 14:03:21 | 000,001,722 | ---- | C] () -- C:\Windows\tefview.ini
[2010/08/08 02:41:12 | 000,000,695 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010/07/26 18:19:28 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/07/20 17:29:07 | 000,219,580 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/06/15 17:12:56 | 000,035,344 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/06/15 17:12:17 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010/06/15 17:11:41 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe
[2010/06/15 17:09:45 | 000,005,144 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2010/05/29 12:05:35 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2010/05/12 15:44:31 | 000,097,388 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2010/05/07 19:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 19:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/03/19 00:27:19 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/02/17 18:22:08 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/01/23 23:40:59 | 000,000,680 | ---- | C] () -- C:\Users\Chunks\AppData\Local\d3d9caps.dat
[2009/09/11 10:06:39 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/11 10:06:39 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/12/11 14:48:52 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP7302.INI
[2008/11/26 01:34:18 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2008/11/09 15:14:08 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/10/16 06:54:25 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/18 05:42:17 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2008/06/12 16:12:24 | 000,000,287 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/05/29 14:26:15 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2008/05/22 23:22:18 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/05/07 19:15:01 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008/05/07 19:14:55 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2008/05/07 19:14:49 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2008/05/04 06:48:26 | 000,022,328 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\PnkBstrK.sys
[2008/05/01 05:36:15 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2008/04/24 10:33:04 | 000,000,483 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/03/19 09:52:29 | 000,000,004 | ---- | C] () -- C:\Windows\info147.sys
[2008/02/18 21:30:24 | 000,037,888 | ---- | C] () -- C:\Windows\System32\GsiDi32.dll
[2008/02/18 21:27:21 | 000,000,290 | ---- | C] () -- C:\Windows\wininit.ini
[2008/02/18 21:20:00 | 000,016,384 | ---- | C] () -- C:\Windows\System32\dslagent.exe
[2008/02/09 14:07:39 | 000,040,960 | ---- | C] () -- C:\Windows\CleanDev.exe
[2008/02/09 14:07:39 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe
[2008/02/08 09:51:22 | 000,000,090 | ---- | C] () -- C:\Users\Chunks\AppData\Roaming\wklnhst.dat
[2008/02/07 13:16:54 | 000,235,520 | ---- | C] () -- C:\Users\Chunks\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/05 08:24:38 | 000,876,544 | ---- | C] () -- C:\Windows\System32\TEACico2.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 004,014,864 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,642,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,122,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/23 11:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll

========== LOP Check ==========

[2008/10/04 15:25:07 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\.ABC
[2011/06/01 01:32:18 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\.minecraft
[2011/02/18 20:41:05 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\.purple
[2009/12/20 02:25:58 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Ambient Design
[2010/05/02 15:06:49 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\AnvSoft
[2009/12/20 02:09:46 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Bamboo Explore
[2010/07/24 23:16:03 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2008/06/17 06:38:42 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Bioshock
[2009/10/30 16:53:49 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\BitTyrant
[2008/08/30 11:38:50 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\BlackBean
[2011/04/28 03:30:32 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/02/17 23:12:42 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DAEMON Tools
[2011/01/15 15:25:54 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DAEMON Tools Lite
[2011/08/19 12:51:34 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DisplayFusion
[2010/08/07 21:07:27 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\DVDVideoSoftIEHelpers
[2008/04/04 10:32:46 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\eMule
[2009/03/06 04:40:16 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\EveHQ
[2011/02/14 07:59:15 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\EVEMon
[2011/08/15 15:55:11 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\FileZilla
[2011/04/13 22:24:25 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\GetRightToGo
[2010/10/19 11:54:50 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\GTS
[2011/02/28 07:45:45 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Guitar Pro 6
[2009/02/16 08:26:02 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Helios
[2010/02/27 09:15:34 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Leadertech
[2011/02/24 18:47:13 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\MAGIX
[2008/05/01 05:12:59 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Megaupload
[2009/05/02 21:58:14 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Mumble
[2008/09/06 00:46:59 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\NoteTab Light
[2011/07/15 10:19:58 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PACE Anti-Piracy
[2010/12/15 09:17:23 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PCDr
[2011/01/21 07:27:33 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PeerNetworking
[2011/06/05 13:54:56 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\PunkBuster
[2011/01/08 16:14:26 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Seeing Machines
[2010/02/09 07:51:32 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Sony
[2008/05/21 15:54:43 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\SpinTop
[2011/07/14 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/12/25 09:19:25 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\SystemRequirementsLab
[2008/02/08 09:51:23 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Template
[2009/08/15 15:29:00 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\The Creative Assembly
[2010/07/29 10:42:36 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\TightVNC
[2009/09/30 00:48:12 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Trillian
[2009/11/22 16:25:13 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Trusteer
[2010/05/18 09:31:26 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Ubisoft
[2011/04/13 22:51:00 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Uniblue
[2011/07/16 14:16:08 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\Unity
[2011/08/19 13:39:35 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\uTorrent
[2011/02/21 15:06:27 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\WebcamZoneTrigger
[2009/12/18 18:20:06 | 000,000,000 | ---D | M] -- C:\Users\Chunks\AppData\Roaming\WTouch
[2010/02/24 13:25:17 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Trusteer
[2010/02/24 13:25:17 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Trusteer
[2011/08/19 05:20:18 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/02/05 08:16:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/02/05 08:16:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2006/11/02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 1200 bytes -> C:\ProgramData\Microsoft:D2DqTgdcQcdZtkV0RNm5
@Alternate Data Stream - 1145 bytes -> C:\Users\Chunks\AppData\Local\cwA0Wlv7YbCy:9nuAedzIuzH04UdRV
@Alternate Data Stream - 1117 bytes -> C:\ProgramData\Microsoft:cdOycBlbGHZ10t4fsb3edIdFtCn4Q
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:52B72A7C
@Alternate Data Stream - 1055 bytes -> C:\Users\Chunks\AppData\Local\TyZ4ZR7LuRFh:ftVS9pUsHaOJj0CgDrx93qDY

< End of report >
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It looks as though the ads files do not want to go

Download and Install CombofixDownload ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

Advertisements


#11
Chunk5

Chunk5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Combofix returns the error "Windows cannot find 'NIRCMD'. Make sure you typed the name correctly, and try again"
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets try OTL again - when combofix ran Avast did not sandbox it - did it ?

When OTL runs this time if it appears to hang on the empty temp command could you check the progress bar at the bottom, as if there are a lot of temp files to remove it could take a while

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    @Alternate Data Stream - 1200 bytes -> C:\ProgramData\Microsoft:D2DqTgdcQcdZtkV0RNm5
    @Alternate Data Stream - 1145 bytes -> C:\Users\Chunks\AppData\Local\cwA0Wlv7YbCy:9nuAedzIuzH04UdRV
    @Alternate Data Stream - 1117 bytes -> C:\ProgramData\Microsoft:cdOycBlbGHZ10t4fsb3edIdFtCn4Q
    @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:52B72A7C
    @Alternate Data Stream - 1055 bytes -> C:\Users\Chunks\AppData\Local\TyZ4ZR7LuRFh:ftVS9pUsHaOJj0CgDrx93qDY


    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#13
Chunk5

Chunk5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Following on from that, Combofix carried on in spite of the errors. The error box flashed up with each stage but seemed to carry on when I closed it. Not sure if it makes it an invalid scan/fix, but it did finish.

Should I rerun OTL again or carry on from here?


Combofix log:

ComboFix 11-08-19.02 - Chunks 19/08/2011 21:34:01.5.4 - x86
Microsoft Windows Vista Home Premium 6.0.6002.2.1252.44.1033.18.3069.1567 [GMT 1:00]
Running from: c:\users\Chunks\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Immunet Protect *Enabled/Updated* {E26D838D-778A-C93D-0B41-46E786995C11}
AV: Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spyware Doctor *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\JMHL Loader
c:\program files\steam\Steam.exe
c:\users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JMHL Loader
c:\users\Chunks\Documents\002.jpg
c:\users\Chunks\Documents\01.jpg
c:\users\Chunks\Documents\16.jpg
.
.
((((((((((((((((((((((((( Files Created from 2011-07-19 to 2011-08-19 )))))))))))))))))))))))))))))))
.
.
2011-08-19 21:13 . 2011-08-19 21:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-08-19 21:13 . 2011-08-19 21:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-19 21:13 . 2011-08-19 21:13 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2011-08-19 21:13 . 2011-08-19 21:13 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-08-10 23:54 . 2011-08-10 23:54 -------- d-----w- c:\users\Chunks\AppData\Local\2K Games
2011-08-10 23:48 . 2011-08-13 22:55 -------- d-----w- c:\program files\Mafia II
2011-08-10 23:10 . 2011-08-10 23:10 -------- d-----w- c:\users\Chunks\AppData\Local\THQ
2011-08-10 22:20 . 2011-06-17 20:13 913296 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-10 22:20 . 2011-06-17 13:31 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-08-10 22:20 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-10 22:19 . 2011-07-22 13:54 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-08-10 22:19 . 2011-06-21 14:13 389632 ----a-w- c:\windows\system32\html.iec
2011-08-10 22:19 . 2011-06-06 10:59 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-10 22:18 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 22:18 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-09 11:04 . 2011-08-09 11:05 -------- d-----w- c:\windows\Temp842CF182-8F7E-DB20-513A-DD3297DC93BB-Signatures
2011-08-09 02:21 . 2010-07-16 13:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys
2011-08-09 02:21 . 2010-07-16 13:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys
2011-08-09 02:21 . 2010-11-17 09:19 249616 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-08-09 02:21 . 2010-11-17 09:19 102184 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2011-08-09 02:21 . 2010-11-25 09:43 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2011-08-09 02:21 . 2010-11-25 09:53 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-08-09 02:20 . 2010-11-25 09:42 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2011-08-09 02:19 . 2011-08-19 21:15 -------- d-----w- c:\program files\PC Tools Security
2011-08-09 02:19 . 2011-08-09 02:19 -------- d-----w- c:\users\Chunks\AppData\Roaming\PC Tools
2011-08-09 02:13 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-08-09 02:13 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-09 02:13 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-08-09 02:12 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-08-09 02:12 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-09 02:12 . 2011-07-04 11:32 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-09 02:11 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-08-09 02:11 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-08-09 02:06 . 2011-08-09 02:06 -------- d-----w- c:\programdata\Immunet
2011-08-09 02:06 . 2011-08-09 02:06 -------- d-----w- c:\users\Chunks\AppData\Local\Immunet
2011-08-09 02:06 . 2011-08-09 02:06 31184 ----a-w- c:\windows\system32\drivers\ImmunetSelfProtect.sys
2011-08-09 02:06 . 2011-08-09 02:06 41424 ----a-w- c:\windows\system32\drivers\ImmunetProtect.sys
2011-08-09 02:06 . 2011-08-19 21:18 -------- d-----w- c:\program files\Immunet Protect
2011-08-09 02:05 . 2011-08-09 02:28 -------- d-----w- c:\programdata\Google Updater
2011-08-08 14:29 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41210A51-5753-4E8F-87A6-09F351094F41}\mpengine.dll
2011-08-05 23:01 . 2011-08-05 23:01 -------- d-----w- c:\program files\BlackBeanGames
2011-07-31 22:22 . 2011-07-31 22:22 -------- d-----w- c:\program files\Bonjour
2011-07-26 15:57 . 2011-07-26 15:57 784136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-07-26 15:48 . 2011-07-26 16:39 -------- d-----w- c:\users\Chunks\AppData\Roaming\dvdcss
2011-07-25 16:24 . 1998-06-17 23:00 32768 ----a-w- c:\windows\system32\REGTOOL5.DLL
2011-07-25 16:24 . 2011-07-25 16:24 -------- d-----w- c:\program files\Driving Theory Test Professional
2011-07-25 15:34 . 2011-07-25 17:57 -------- d-----w- c:\program files\Driving Theory Test
2011-07-20 23:26 . 2011-07-20 23:26 -------- d-----w- c:\windows\6833245EDD86479A882A8360D62C8194.TMP
2011-07-20 23:16 . 2011-07-20 23:16 -------- d-----w- c:\program files\Eidos
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-14 10:27 . 2011-05-15 07:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-13 03:39 . 2011-03-17 04:01 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-12 10:20 . 2011-07-12 10:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 10:20 . 2011-07-12 10:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 10:20 . 2011-07-12 10:20 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 10:20 . 2011-07-12 10:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-05 17:37 . 2011-07-05 17:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 17:37 . 2011-07-05 17:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-06-22 17:01 . 2011-06-22 17:01 53816 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2011-06-21 15:49 . 2011-08-10 22:19 834048 ----a-w- c:\windows\system32\wininet.dll
2011-06-17 16:03 . 2011-08-10 22:20 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-06-05 12:55 . 2008-05-07 18:14 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-06-05 12:55 . 2008-05-07 18:14 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-02 13:34 . 2011-07-13 06:06 2043392 ----a-w- c:\windows\system32\win32k.sys
2010-03-31 09:09 . 2010-03-31 09:09 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll
2010-04-08 11:36 . 2010-04-08 11:36 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2011-08-17 21:54 . 2011-04-30 08:25 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"DisplayFusion"="c:\program files\DisplayFusion\DisplayFusion.exe" [2010-09-14 1275624]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2010-07-08 815704]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-05-06 405504]
"RivaTunerStartupDaemon"="c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe" [2009-08-22 24576]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-06-27 439512]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2007-06-27 215256]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Immunet Protect"="c:\program files\Immunet Protect\2.0.17\iptray.exe" [2011-08-09 2615624]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-08-09 3493720]
"ISTray"="c:\program files\PC Tools Security\pctsGui.exe" [2010-12-01 1589208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
.
c:\users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Mozilla Firefox.lnk - c:\program files\Mozilla Firefox\firefox.exe [2008-2-8 924632]
Trillian.lnk - c:\program files\Trillian\trillian.exe [2011-6-28 2068832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-11-14 15:10 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klmdb.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R1 LapTimer;LapTimer;c:\program files\software by design\laptimer.sys [x]
R1 MpKsl04d56001;MpKsl04d56001;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BC3BAE-0CB1-4444-A0C6-85C464A8AB54}\MpKsl04d56001.sys [x]
R1 MpKsl0e4b27cc;MpKsl0e4b27cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{47E4F25C-025E-4623-AB07-18D1FA34D99A}\MpKsl0e4b27cc.sys [x]
R1 MpKsl11d4f94f;MpKsl11d4f94f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BC3BAE-0CB1-4444-A0C6-85C464A8AB54}\MpKsl11d4f94f.sys [x]
R1 MpKsl126e3a83;MpKsl126e3a83;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BC3BAE-0CB1-4444-A0C6-85C464A8AB54}\MpKsl126e3a83.sys [x]
R1 MpKsl17526965;MpKsl17526965;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A0142886-0425-473B-95A3-08DB95895D15}\MpKsl17526965.sys [x]
R1 MpKsl24f15f03;MpKsl24f15f03;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1201424D-8E79-4EC6-B887-60419C02552A}\MpKsl24f15f03.sys [x]
R1 MpKsl261fbbea;MpKsl261fbbea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABD99397-804E-4BF5-A286-1721BB518136}\MpKsl261fbbea.sys [x]
R1 MpKsl26733812;MpKsl26733812;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC640F59-6132-4F55-94CD-3606AF1F2034}\MpKsl26733812.sys [x]
R1 MpKsl6d746903;MpKsl6d746903;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC640F59-6132-4F55-94CD-3606AF1F2034}\MpKsl6d746903.sys [x]
R1 MpKsl7ec6da74;MpKsl7ec6da74;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABD99397-804E-4BF5-A286-1721BB518136}\MpKsl7ec6da74.sys [x]
R1 MpKsl83588df0;MpKsl83588df0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61473A9F-0BAF-42DF-B685-540168A8D237}\MpKsl83588df0.sys [x]
R1 MpKsla71482e0;MpKsla71482e0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B056FE27-5F27-4B9D-8077-259A0ABD6FC2}\MpKsla71482e0.sys [x]
R1 MpKslbb6ac0cb;MpKslbb6ac0cb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1D8C3856-B563-4954-BCBD-40344892CFA9}\MpKslbb6ac0cb.sys [x]
R1 MpKslc1c3f943;MpKslc1c3f943;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BC3BAE-0CB1-4444-A0C6-85C464A8AB54}\MpKslc1c3f943.sys [x]
R1 MpKslc5b23ffd;MpKslc5b23ffd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{489FE90A-0BFC-4EF3-AA32-C67FB4B30B19}\MpKslc5b23ffd.sys [x]
R1 MpKslc8be9b89;MpKslc8be9b89;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C1784894-50F1-4FB0-BA3E-655BF5C794A0}\MpKslc8be9b89.sys [x]
R1 MpKsld774fd51;MpKsld774fd51;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{03676045-F228-480A-BBE0-D07FFE2EC298}\MpKsld774fd51.sys [x]
R1 MpKslf5d86056;MpKslf5d86056;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B38F742F-7288-4540-B1EF-E1033571C0CD}\MpKslf5d86056.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Cryptags;CryptagrophicServices;c:\windows\System32\svchost.exe [2008-01-19 21504]
R2 hcw10cir;Hauppauge CIR Receiver;c:\windows\system32\drivers\hcw10cir.sys [2010-05-07 35328]
R2 rpcc;Remote;c:\windows\System32\svchost.exe [2008-01-19 21504]
R2 SSDPDIS;ϵ UPnP 豸ķ֡;c:\windows\System32\svchost.exe [2008-01-19 21504]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 CFcatchme;CFcatchme;c:\users\Chunks\AppData\Local\Temp\CFcatchme.sys [x]
R3 ctgame;Game Port;c:\windows\system32\DRIVERS\ctgame.sys [2007-06-25 18840]
R3 DHTRACE;Intel® DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [2007-06-27 39640]
R3 hcw10bda;WinTV-HVR-900H (111xxx);c:\windows\system32\drivers\hcw10bda.sys [2010-05-07 504960]
R3 MungoDriver;MungoGamer Remote;c:\windows\system32\DRIVERS\MungoDriver.sys [2010-08-05 12504]
R3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [2003-08-10 11330]
R3 PPortJoystick;Parallel Port Joystick device driver;c:\windows\system32\drivers\PPortJoy.sys [2003-08-10 21922]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2011-02-18 12872]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-27 16168]
R3 WacomVTHid;Virtual Touch Driver;c:\windows\system32\DRIVERS\WacomVTHid.sys [2009-07-09 13480]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-12-24 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2010-12-24 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2010-12-24 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2010-12-24 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2010-12-24 25704]
R3 ZY202_VS;ZyXEL 802.11g XG202 1211 Vista Driver;c:\windows\system32\DRIVERS\WlanUZG.sys [2008-02-07 871936]
R3 ZYXEL750;ZyAir G-260 Driver;c:\windows\system32\DRIVERS\WlanUTG.sys [2006-04-17 494848]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-11-25 239168]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-07-16 338880]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2010-07-16 656320]
S0 RapportKELL;RapportKELL;c:\windows\System32\Drivers\RapportKELL.sys [2011-06-22 53816]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-10 218688]
S1 ImmunetProtectDriver;ImmunetProtectDriver;c:\windows\system32\DRIVERS\ImmunetProtect.sys [2011-08-09 41424]
S1 ImmunetSelfProtectDriver;ImmunetSelfProtectDriver;c:\windows\system32\DRIVERS\ImmunetSelfProtect.sys [2011-08-09 31184]
S1 RapportCerberus_29574;RapportCerberus_29574;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys [2011-08-03 216912]
S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2011-06-22 66360]
S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2011-06-22 158904]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-02-18 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2011-02-18 67656]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2010-11-09 98392]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2007-02-12 208896]
S2 ImmunetProtect;Immunet Protect;c:\program files\Immunet Protect\2.0.17\agent.exe [2011-08-09 756680]
S2 iRacingService;iRacing.com Helper Service;c:\program files\iRacing\iRacingService.exe [2011-07-22 475296]
S2 NMSCore;Intel® NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [2007-06-27 317656]
S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [2007-02-18 5376]
S2 QualityManager;Intel® Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [2007-06-27 272600]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-06-22 870200]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [2010-03-15 366840]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-11-23 4497704]
S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe [2010-07-08 815704]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-11-23 113448]
S3 IntelDH;IntelDH Driver;c:\windows\system32\Drivers\IntelDH.sys [2008-02-04 5632]
S3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclock.sys [2009-09-15 38248]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - PCTSDInjDriver32
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bdx REG_MULTI_SZ scan sysagent
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SSDPDIS
download02
wowsystemcode
Cryptags
rpcc
v
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-08-09 02:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://uk.ask.com?o=14086&l=dis
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Chunks\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17435
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.bbc.co.uk/news/
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?o=13796&l=dis&q=
FF - prefs.js: network.proxy.type - 4
.
.
------- File Associations -------
.
.txt=
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Steam - c:\program files\steam\steam.exe
AddRemove-Steam App 10 - c:\program files\Steam\steam.exe
AddRemove-Steam App 10180 - c:\program files\Steam\steam.exe
AddRemove-Steam App 10190 - c:\program files\Steam\steam.exe
AddRemove-Steam App 42700 - c:\program files\Steam\steam.exe
AddRemove-Steam App 42710 - c:\program files\Steam\steam.exe
AddRemove-Steam App 8600 - c:\program files\Steam\steam.exe
AddRemove-Steam App 8660 - c:\program files\Steam\steam.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-19 22:18
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:61,15,08,36,36,27,6c,c9,1d,2a,00,1f,6e,7d,6f,85,f7,81,8a,13,dc,b0,f4,
da,49,b9,7e,1e,b2,f7,cc,c3,50,11,2e,b0,bb,bd,a3,ff,3c,d5,cd,0e,c7,05,8a,b6,\
"??"=hex:63,6e,6f,74,f9,9a,58,b0,a0,d6,4c,13,f4,9d,ef,85
.
[HKEY_USERS\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\SecuROM\License information*]
"datasecu"=hex:db,81,3d,cc,fe,19,bc,e7,44,24,18,61,11,cf,6a,73,d5,1a,0a,c3,17,
0b,f9,81,78,0c,ea,fe,9f,f8,4a,ff,01,0e,8a,e9,f9,6c,c1,50,77,0c,86,10,53,4a,\
"rkeysecu"=hex:df,d8,82,73,c9,78,c4,86,3b,5f,99,a9,2e,b0,69,2e
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(748)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'Explorer.exe'(4180)
c:\program files\DisplayFusion\Hooks\DisplayFusionHookx86_68abfe57-d015-4b39-b24e-4a7b5d8fe5e0.dll
c:\windows\system32\FunDisc.dll
c:\progra~1\ArcSoft\PHOTOI~1\share\pihook.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\WTouch\WTouchUser.exe
c:\program files\Intel\IntelDH\CCU\AlertService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Kontiki\KService.exe
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\PC Tools Security\pctsSvc.exe
c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe
c:\windows\system32\STacSV.exe
c:\program files\NVIDIA Corporation\System Update\UpdateCenterService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
c:\program files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\Intel\IntelDH\CCU\CCU_Engine.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2011-08-19 22:30:09 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-19 21:30
ComboFix2.txt 2011-06-19 01:36
ComboFix3.txt 2011-06-17 13:56
ComboFix4.txt 2011-03-28 04:09
ComboFix5.txt 2011-08-19 20:24
.
Pre-Run: 44,842,373,120 bytes free
Post-Run: 48,307,556,352 bytes free
.
Current=3 Default=3 Failed=2 LastKnownGood=18 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
- - End Of File - - 831A27D667B5072E6131AA7FA0B89FF4
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A lot going on there that shouldn't be

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:

NetSvc::
SSDPDIS
download02
wowsystemcode
Cryptags
rpcc
v

Driver::
SSDPDIS
download02
wowsystemcode
Cryptags
rpcc
v

Save this as CFScript.txt, in the same location as ComboFix.exe
Posted Image

Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
  • 0

#15
Chunk5

Chunk5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
My mistake, I thought I had disabled everything. No matter, I just uninstalled to make sure.

combofix log:

ComboFix 11-08-19.02 - Chunks 20/08/2011 17:00:29.6.4 - x86
Microsoft Windows Vista Home Premium 6.0.6002.2.1252.44.1033.18.3069.1726 [GMT 1:00]
Running from: c:\users\Chunks\Desktop\ComboFix.exe
Command switches used :: c:\users\Chunks\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CRYPTAGS
-------\Service_Cryptags
-------\Service_rpcc
-------\Service_SSDPDIS
.
.
((((((((((((((((((((((((( Files Created from 2011-07-20 to 2011-08-20 )))))))))))))))))))))))))))))))
.
.
2011-08-20 16:17 . 2011-08-20 16:17 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-08-20 16:17 . 2011-08-20 16:17 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2011-08-20 16:17 . 2011-08-20 16:17 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-08-20 16:17 . 2011-08-20 16:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-10 23:54 . 2011-08-10 23:54 -------- d-----w- c:\users\Chunks\AppData\Local\2K Games
2011-08-10 23:48 . 2011-08-13 22:55 -------- d-----w- c:\program files\Mafia II
2011-08-10 23:10 . 2011-08-10 23:10 -------- d-----w- c:\users\Chunks\AppData\Local\THQ
2011-08-10 22:20 . 2011-06-17 20:13 913296 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-10 22:20 . 2011-06-17 13:31 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2011-08-10 22:20 . 2011-07-06 15:31 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-10 22:20 . 2011-06-17 16:03 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-08-10 22:18 . 2011-06-20 08:54 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-10 22:18 . 2011-06-20 08:54 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-09 11:04 . 2011-08-09 11:05 -------- d-----w- c:\windows\Temp842CF182-8F7E-DB20-513A-DD3297DC93BB-Signatures
2011-08-09 02:19 . 2011-08-20 15:47 -------- d-----w- c:\program files\PC Tools Security
2011-08-09 02:06 . 2011-08-20 15:51 -------- d-----w- c:\programdata\Immunet
2011-08-09 02:06 . 2011-08-09 02:06 -------- d-----w- c:\users\Chunks\AppData\Local\Immunet
2011-08-09 02:06 . 2011-08-20 15:52 -------- d-----w- c:\program files\Immunet Protect
2011-08-09 02:05 . 2011-08-09 02:28 -------- d-----w- c:\programdata\Google Updater
2011-08-08 14:29 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{41210A51-5753-4E8F-87A6-09F351094F41}\mpengine.dll
2011-08-05 23:01 . 2011-08-05 23:01 -------- d-----w- c:\program files\BlackBeanGames
2011-07-31 22:22 . 2011-07-31 22:22 -------- d-----w- c:\program files\Bonjour
2011-07-26 15:57 . 2011-07-26 15:57 784136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-07-26 15:48 . 2011-07-26 16:39 -------- d-----w- c:\users\Chunks\AppData\Roaming\dvdcss
2011-07-25 16:24 . 1998-06-17 23:00 32768 ----a-w- c:\windows\system32\REGTOOL5.DLL
2011-07-25 16:24 . 2011-07-25 16:24 -------- d-----w- c:\program files\Driving Theory Test Professional
2011-07-25 15:34 . 2011-07-25 17:57 -------- d-----w- c:\program files\Driving Theory Test
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-14 10:27 . 2011-05-15 07:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-13 03:39 . 2011-03-17 04:01 6881616 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-12 10:20 . 2011-07-12 10:20 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 10:20 . 2011-07-12 10:20 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 10:20 . 2011-07-12 10:20 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 10:20 . 2011-07-12 10:20 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-05 17:37 . 2011-07-05 17:37 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 17:37 . 2011-07-05 17:37 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-06-22 17:01 . 2011-06-22 17:01 53816 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2011-06-05 12:55 . 2008-05-07 18:14 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-06-05 12:55 . 2008-05-07 18:14 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-02 13:34 . 2011-07-13 06:06 2043392 ----a-w- c:\windows\system32\win32k.sys
2010-03-31 09:09 . 2010-03-31 09:09 10437264 ----a-w- c:\program files\mozilla firefox\plugins\PDFNetC.dll
2010-04-08 11:36 . 2010-04-08 11:36 107760 ----a-w- c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2011-08-17 21:54 . 2011-04-30 08:25 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"DisplayFusion"="c:\program files\DisplayFusion\DisplayFusion.exe" [2010-09-14 1275624]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-02-28 427008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2010-07-08 815704]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-05-06 405504]
"RivaTunerStartupDaemon"="c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe" [2009-08-22 24576]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"NMSSupport"="c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-06-27 439512]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2007-06-27 215256]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
.
c:\users\Chunks\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Mozilla Firefox.lnk - c:\program files\Mozilla Firefox\firefox.exe [2008-2-8 924632]
Trillian.lnk - c:\program files\Trillian\trillian.exe [2011-6-28 2068832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R1 ImmunetProtectDriver;ImmunetProtectDriver;c:\windows\system32\DRIVERS\ImmunetProtect.sys [x]
R1 ImmunetSelfProtectDriver;ImmunetSelfProtectDriver;c:\windows\system32\DRIVERS\ImmunetSelfProtect.sys [x]
R1 LapTimer;LapTimer;c:\program files\software by design\laptimer.sys [x]
R1 MpKsl04d56001;MpKsl04d56001;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BC3BAE-0CB1-4444-A0C6-85C464A8AB54}\MpKsl04d56001.sys [x]
R1 MpKsl0e4b27cc;MpKsl0e4b27cc;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{47E4F25C-025E-4623-AB07-18D1FA34D99A}\MpKsl0e4b27cc.sys [x]
R1 MpKsl11d4f94f;MpKsl11d4f94f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BC3BAE-0CB1-4444-A0C6-85C464A8AB54}\MpKsl11d4f94f.sys [x]
R1 MpKsl126e3a83;MpKsl126e3a83;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BC3BAE-0CB1-4444-A0C6-85C464A8AB54}\MpKsl126e3a83.sys [x]
R1 MpKsl17526965;MpKsl17526965;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A0142886-0425-473B-95A3-08DB95895D15}\MpKsl17526965.sys [x]
R1 MpKsl24f15f03;MpKsl24f15f03;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1201424D-8E79-4EC6-B887-60419C02552A}\MpKsl24f15f03.sys [x]
R1 MpKsl261fbbea;MpKsl261fbbea;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABD99397-804E-4BF5-A286-1721BB518136}\MpKsl261fbbea.sys [x]
R1 MpKsl26733812;MpKsl26733812;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC640F59-6132-4F55-94CD-3606AF1F2034}\MpKsl26733812.sys [x]
R1 MpKsl6d746903;MpKsl6d746903;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BC640F59-6132-4F55-94CD-3606AF1F2034}\MpKsl6d746903.sys [x]
R1 MpKsl7ec6da74;MpKsl7ec6da74;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABD99397-804E-4BF5-A286-1721BB518136}\MpKsl7ec6da74.sys [x]
R1 MpKsl83588df0;MpKsl83588df0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{61473A9F-0BAF-42DF-B685-540168A8D237}\MpKsl83588df0.sys [x]
R1 MpKsla71482e0;MpKsla71482e0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B056FE27-5F27-4B9D-8077-259A0ABD6FC2}\MpKsla71482e0.sys [x]
R1 MpKslbb6ac0cb;MpKslbb6ac0cb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1D8C3856-B563-4954-BCBD-40344892CFA9}\MpKslbb6ac0cb.sys [x]
R1 MpKslc1c3f943;MpKslc1c3f943;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{78BC3BAE-0CB1-4444-A0C6-85C464A8AB54}\MpKslc1c3f943.sys [x]
R1 MpKslc5b23ffd;MpKslc5b23ffd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{489FE90A-0BFC-4EF3-AA32-C67FB4B30B19}\MpKslc5b23ffd.sys [x]
R1 MpKslc8be9b89;MpKslc8be9b89;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C1784894-50F1-4FB0-BA3E-655BF5C794A0}\MpKslc8be9b89.sys [x]
R1 MpKsld774fd51;MpKsld774fd51;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{03676045-F228-480A-BBE0-D07FFE2EC298}\MpKsld774fd51.sys [x]
R1 MpKslf5d86056;MpKslf5d86056;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B38F742F-7288-4540-B1EF-E1033571C0CD}\MpKslf5d86056.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 hcw10cir;Hauppauge CIR Receiver;c:\windows\system32\drivers\hcw10cir.sys [2010-05-07 35328]
R2 ImmunetProtect;Immunet Protect;c:\program files\Immunet Protect\2.0.17\agent.exe [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 CFcatchme;CFcatchme;c:\users\Chunks\AppData\Local\Temp\CFcatchme.sys [x]
R3 ctgame;Game Port;c:\windows\system32\DRIVERS\ctgame.sys [2007-06-25 18840]
R3 DHTRACE;Intel® DHTrace Controller;c:\program files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [2007-06-27 39640]
R3 hcw10bda;WinTV-HVR-900H (111xxx);c:\windows\system32\drivers\hcw10bda.sys [2010-05-07 504960]
R3 MungoDriver;MungoGamer Remote;c:\windows\system32\DRIVERS\MungoDriver.sys [2010-08-05 12504]
R3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [2003-08-10 11330]
R3 PPortJoystick;Parallel Port Joystick device driver;c:\windows\system32\drivers\PPortJoy.sys [2003-08-10 21922]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-27 16168]
R3 WacomVTHid;Virtual Touch Driver;c:\windows\system32\DRIVERS\WacomVTHid.sys [2009-07-09 13480]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2010-12-24 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2010-12-24 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2010-12-24 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2010-12-24 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2010-12-24 25704]
R3 ZY202_VS;ZyXEL 802.11g XG202 1211 Vista Driver;c:\windows\system32\DRIVERS\WlanUZG.sys [2008-02-07 871936]
R3 ZYXEL750;ZyAir G-260 Driver;c:\windows\system32\DRIVERS\WlanUTG.sys [2006-04-17 494848]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 RapportKELL;RapportKELL;c:\windows\System32\Drivers\RapportKELL.sys [2011-06-22 53816]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-10 218688]
S1 RapportCerberus_29574;RapportCerberus_29574;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys [2011-08-03 216912]
S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [2011-06-22 66360]
S1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [2011-06-22 158904]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2010-11-09 98392]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2007-02-12 208896]
S2 iRacingService;iRacing.com Helper Service;c:\program files\iRacing\iRacingService.exe [2011-07-22 475296]
S2 NMSCore;Intel® NMSCore;c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [2007-06-27 317656]
S2 nmsunidr;UniDriver for NMS;c:\windows\system32\DRIVERS\nmsunidr.sys [2007-02-18 5376]
S2 QualityManager;Intel® Quality Manager;c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [2007-06-27 272600]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-06-22 870200]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-11-23 4497704]
S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe [2010-07-08 815704]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-11-23 113448]
S3 IntelDH;IntelDH Driver;c:\windows\system32\Drivers\IntelDH.sys [2008-02-04 5632]
S3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclock.sys [2009-09-15 38248]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bdx REG_MULTI_SZ scan sysagent
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-08-09 02:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://uk.ask.com?o=14086&l=dis
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\users\Chunks\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Chunks\AppData\Roaming\Mozilla\Firefox\Profiles\jqgtdmm6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17435
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.bbc.co.uk/news/
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?o=13796&l=dis&q=
FF - prefs.js: network.proxy.type - 4
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-20 17:19
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:61,15,08,36,36,27,6c,c9,1d,2a,00,1f,6e,7d,6f,85,f7,81,8a,13,dc,b0,f4,
da,49,b9,7e,1e,b2,f7,cc,c3,50,11,2e,b0,bb,bd,a3,ff,3c,d5,cd,0e,c7,05,8a,b6,\
"??"=hex:63,6e,6f,74,f9,9a,58,b0,a0,d6,4c,13,f4,9d,ef,85
.
[HKEY_USERS\S-1-5-21-3732907531-2061309169-3991771752-1001\Software\SecuROM\License information*]
"datasecu"=hex:db,81,3d,cc,fe,19,bc,e7,44,24,18,61,11,cf,6a,73,d5,1a,0a,c3,17,
0b,f9,81,78,0c,ea,fe,9f,f8,4a,ff,01,0e,8a,e9,f9,6c,c1,50,77,0c,86,10,53,4a,\
"rkeysecu"=hex:df,d8,82,73,c9,78,c4,86,3b,5f,99,a9,2e,b0,69,2e
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(668)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'Explorer.exe'(8532)
c:\program files\DisplayFusion\Hooks\DisplayFusionHookx86_68abfe57-d015-4b39-b24e-4a7b5d8fe5e0.dll
c:\progra~1\ArcSoft\PHOTOI~1\share\pihook.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Intel\IntelDH\CCU\AlertService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Kontiki\KService.exe
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\STacSV.exe
c:\program files\NVIDIA Corporation\System Update\UpdateCenterService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
c:\program files\WTouch\WTouchUser.exe
c:\program files\Intel\IntelDH\CCU\CCU_Engine.exe
c:\windows\ehome\ehmsas.exe
c:\windows\ehome\ehsched.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\ehome\ehRecvr.exe
.
**************************************************************************
.
Completion time: 2011-08-20 17:26:32 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-20 16:26
ComboFix2.txt 2011-08-19 21:30
ComboFix3.txt 2011-06-19 01:36
ComboFix4.txt 2011-06-17 13:56
ComboFix5.txt 2011-08-20 15:57
.
Pre-Run: 48,503,705,600 bytes free
Post-Run: 48,117,788,672 bytes free
.
Current=3 Default=3 Failed=2 LastKnownGood=18 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18
- - End Of File - - 2D5EF18B3F6C0DC6529F71A39E4A1CEE
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP