Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet explorer accessing sites

Started by Comkrin , Aug 14 2011 02:17 AM

  • This topic is locked This topic is locked

#1
Comkrin
Posted 14 August 2011 - 02:17 AM

Comkrin

    New Member

  • Member
  • Pip
  • 4 posts
Hi, my problem is that Internet explorer is accessing sites with viruses and avast (internet security) block's the odd one once in a while. When I go to the task manager I can see 2 iexplorer.exe's which weren't normally there. They can be terminated (well, 1 of them comes back but if I get rid of the other one then that will go too). I have already ran a full scan with avast and malwarebytes and they came up with nothing. When I open internet explorer then there is nothing unusual to my eye (but I don't use IE, I use chrome).

here is the OTL report:


Hi, my problem is that Internet explorer is accessing sites with viruses and avast (internet security) block's the odd one once in a while. When I go to the task manager I can see 2 iexplorer.exe's which weren't normally there. They can be terminated (well, 1 of them comes back but if I get rid of the other one then that will go too). I have already ran a full scan with avast and malwarebytes and they came up with nothing. When I open internet explorer then there is nothing unusual to my eye (but I don't use IE, I use chrome).

here is the OTL report:


OTL logfile created on: 2011-08-14 10:03:55 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Matthew\Downloads
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,91 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 40,68% Memory free
7,83 Gb Paging File | 4,96 Gb Available in Paging File | 63,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 115,88 Gb Free Space | 25,98% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 19,44 Gb Free Space | 99,54% Space Free | Partition Type: NTFS

Computer Name: MATTHEW-LAPTOP | User Name: Matthew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-08-14 10:03:19 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Downloads\OTL.exe
PRC - [2011-08-04 16:22:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-07-08 18:50:41 | 000,403,320 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files II\BitTorrent\BitTorrent.exe
PRC - [2011-07-06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files II\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files II\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\afwServ.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-07-01 20:40:28 | 000,129,352 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
PRC - [2011-07-01 20:38:58 | 000,298,824 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2011-06-15 13:11:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-05-25 02:54:54 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2011-05-25 01:40:12 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011-04-22 15:08:52 | 000,352,656 | ---- | M] (IObit) -- C:\Program Files II\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011-01-13 19:34:30 | 000,814,088 | R--- | M] (Pegatron Corporation) -- C:\Program Files (x86)\PHotkey\PHotkey.exe
PRC - [2011-01-13 19:34:20 | 004,243,976 | R--- | M] (Pegatron Corporation) -- C:\Program Files (x86)\PHotkey\MsOsd.exe
PRC - [2010-12-10 12:19:36 | 000,117,256 | R--- | M] () -- C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
PRC - [2010-12-10 12:19:36 | 000,104,968 | R--- | M] () -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
PRC - [2010-10-05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.EXE
PRC - [2010-10-05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.EXE
PRC - [2010-04-27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (SafeList) ==========

MOD - [2011-08-14 10:03:19 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Downloads\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\snxhk.dll
MOD - [2011-06-15 13:11:00 | 000,231,528 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll
MOD - [2011-06-15 13:11:00 | 000,224,360 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll
MOD - [2011-06-15 13:11:00 | 000,200,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll
MOD - [2011-06-15 13:11:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-12-17 10:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-08-04 16:22:50 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files II\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files II\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files II\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-07-01 20:40:36 | 000,063,976 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2011-07-01 20:38:58 | 000,298,824 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2011-06-15 13:11:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files II\Airytec\Switch Off\swoff.exe -- (SwOffWeb)
SRV - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files II\Airytec\Switch Off\swoff.exe -- (SwOffScheduler)
SRV - [2011-05-25 02:54:54 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011-05-25 01:40:12 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011-04-22 15:08:52 | 000,352,656 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files II\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010-12-10 12:19:36 | 000,159,752 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv)
SRV - [2010-12-10 12:19:36 | 000,104,968 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2010-10-20 11:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-10-05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010-10-05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.EXE -- (LMS) Intel®
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-11-18 13:40:26 | 000,012,288 | ---- | M] (Chris Pietschmann (http://pietschsoft.com)) [Auto | Running] -- C:\Program Files II\Virtual Router\VirtualRouterService.exe -- (Virtual Router)
SRV - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011-07-10 18:05:03 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011-07-09 12:36:48 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011-07-06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011-06-15 13:11:00 | 000,027,240 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011-05-25 01:40:10 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2011-02-23 14:34:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2011-01-28 03:44:24 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010-12-16 11:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010-12-02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010-12-02 10:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010-12-02 10:36:40 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-08 08:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2010-11-08 06:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010-10-14 18:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010-09-21 03:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010-07-30 10:49:46 | 002,485,760 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010-07-27 03:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010-07-27 03:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010-12-10 12:19:36 | 000,014,344 | R--- | M] (PEGATRON) [Kernel | Auto | Running] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN)
DRV - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {12a9db21-42a2-492d-a85c-cdde0c88b608} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)


[2011-08-10 10:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthew\AppData\Roaming\Mozilla\Extensions

O1 HOSTS File: ([2011-04-24 22:58:29 | 000,001,211 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - File not found
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [avast] C:\Program Files II\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files II\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [1] C:\Users\Matthew\AppData\Local\Temp\wmplog05.sqv ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files II\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1 193.0.71.133
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4b708a17-ab04-11e0-84a2-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{4b708a17-ab04-11e0-84a2-e0699541a433}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{63270feb-aa29-11e0-a799-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{63270feb-aa29-11e0-a799-e0699541a433}\Shell\AutoRun\command - "" = H:\m.exe
O33 - MountPoints2\{f57c141d-aa14-11e0-9754-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{f57c141d-aa14-11e0-9754-e0699541a433}\Shell\AutoRun\command - "" = F:\MLLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-08-13 19:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star wars Battlefront II
[2011-08-13 14:12:19 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\Photoshop Brushes
[2011-08-13 11:53:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\antiphishing-webblog1_1dn
[2011-08-13 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Identity Cloaker
[2011-08-13 11:45:50 | 000,000,000 | ---D | C] -- C:\Identity Cloaker
[2011-08-13 11:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2011-08-13 11:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
[2011-08-13 11:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
[2011-08-12 23:06:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Microsoft_Research
[2011-08-12 23:02:26 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\WWT Collections
[2011-08-12 22:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011-08-12 22:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011-08-10 22:50:54 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Malwarebytes
[2011-08-10 22:50:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-08-10 22:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-08-10 22:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-08-10 22:50:43 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011-08-10 21:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2011-08-10 20:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011-08-10 20:34:20 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011-08-10 20:34:19 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011-08-10 20:34:15 | 000,129,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2011-08-10 20:32:19 | 000,257,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2011-08-10 20:32:18 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011-08-10 20:32:16 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011-08-10 20:32:13 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011-08-10 20:32:10 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011-08-10 20:32:08 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011-08-10 20:31:48 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2011-08-10 17:49:12 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadwh.sys
[2011-08-10 17:49:11 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadcm.sys
[2011-08-10 17:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2011-08-10 16:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4
[2011-08-10 13:58:25 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\VS Revo Group
[2011-08-10 13:58:19 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2011-08-10 13:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2011-08-10 13:39:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\FreeCause
[2011-08-10 13:39:38 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Conduit
[2011-08-10 10:21:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\OpenCandy
[2011-08-10 10:20:55 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\OpenCandy
[2011-08-10 10:14:41 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\WhiteSmoke
[2011-08-10 10:00:13 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Mozilla
[2011-08-09 21:00:27 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2011-08-09 20:47:54 | 000,424,296 | ---- | C] (Hide My IP) -- C:\Windows\SysNative\HMIPCore64.dll
[2011-08-09 20:47:52 | 000,330,600 | ---- | C] (Hide My IP) -- C:\Windows\SysWow64\HMIPCore.dll
[2011-08-09 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\WNR
[2011-08-09 20:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011-08-09 18:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2011-08-09 14:12:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2011-08-09 13:48:48 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\GPUMonitor
[2011-08-09 13:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011-08-09 13:00:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX_Music_Maker_17_Premium_Download_Version
[2011-08-09 13:00:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX downloads
[2011-08-09 12:51:10 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX_MusicEditor
[2011-08-09 12:50:59 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\MAGIX
[2011-08-09 12:49:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX_Music_Maker_17_Premium_Download_Version
[2011-08-09 12:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2011-08-09 12:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2011-08-09 12:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011-08-09 12:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2011-08-08 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\My Palettes
[2011-08-08 21:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2011-08-08 21:56:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Corel
[2011-08-08 21:53:39 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Corel
[2011-08-08 21:53:25 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Visual Studio 2008
[2011-08-08 21:53:18 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Microsoft Help
[2011-08-08 21:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2011-08-08 21:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2011-08-08 21:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011-08-08 21:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gs
[2011-08-08 21:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011-08-08 21:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2011-08-08 21:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011-08-08 21:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
[2011-08-07 22:00:20 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\FSW7AGST
[2011-08-05 13:35:45 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011-08-04 16:22:48 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\PunkBuster
[2011-08-04 16:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011-08-04 12:37:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
[2011-08-04 12:36:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
[2011-08-04 12:36:07 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\PackageAware
[2011-08-03 23:28:46 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\CrashRpt
[2011-08-03 23:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2011-08-03 22:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2011-08-03 22:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011-08-03 22:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011-08-03 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011-08-03 13:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011-08-03 13:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2011-08-03 13:05:18 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\My Games
[2011-08-03 12:55:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011-08-03 12:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011-08-03 12:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011-08-03 12:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
[2011-08-03 12:51:15 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2011-08-03 12:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2011-08-03 12:51:13 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011-08-03 12:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011-08-03 12:51:12 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011-08-03 12:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2011-08-02 21:43:29 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Chris_Pietschmann_(http__
[2011-08-02 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
[2011-08-02 19:46:14 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-08-02 18:38:52 | 000,000,000 | RH-D | C] -- C:\Users\Matthew\AppData\Roaming\SecuROM
[2011-08-02 18:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
[2011-08-02 16:02:34 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\City of Lost Dreams Mod 1.1
[2011-08-02 16:02:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City of Lost Dreams Mod 1.1
[2011-08-01 20:11:53 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Activision
[2011-08-01 20:08:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011-08-01 20:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011-08-01 17:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011-08-01 17:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoenix
[2011-08-01 16:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011-08-01 16:57:39 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\PC Suite
[2011-08-01 16:39:26 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\Nokia x2
[2011-08-01 16:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2011-08-01 16:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011-08-01 16:34:44 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2011-08-01 16:34:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011-08-01 16:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011-08-01 16:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011-08-01 16:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2011-08-01 16:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2011-08-01 16:31:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2011-08-01 15:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-08-01 12:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2011-08-01 10:47:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011-08-01 10:44:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011-07-15 23:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011-07-15 23:01:07 | 000,000,000 | ---D | C] -- C:\ec4d08134c138221293c870033
[2011-07-15 21:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011-07-15 12:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2011-07-15 12:16:28 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\My Battle for Middle-earth™ II Files
[2011-07-15 11:18:24 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011-07-15 11:17:41 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011-07-15 10:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011-07-15 10:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-08-14 10:03:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-736223655-864630041-865155394-1000UA.job
[2011-08-14 10:03:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-14 08:32:21 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-08-14 08:32:21 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-08-14 08:29:07 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-08-14 08:29:07 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-08-14 08:29:07 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-08-14 08:25:11 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-14 08:24:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-08-13 22:03:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-736223655-864630041-865155394-1000Core.job
[2011-08-13 20:54:07 | 008,210,693 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.psd
[2011-08-13 20:50:30 | 000,086,844 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.jpg
[2011-08-13 20:49:55 | 000,000,132 | ---- | M] () -- C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-08-13 20:49:42 | 008,209,833 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.xcf
[2011-08-13 20:25:02 | 000,239,055 | ---- | M] () -- C:\Users\Matthew\Desktop\warrior_of_eclipse_by_newmand-d3kv3a8.jpg
[2011-08-13 20:05:56 | 000,000,412 | ---- | M] () -- C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
[2011-08-13 19:55:03 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\Star wars Battlefront II.lnk
[2011-08-13 18:23:35 | 000,105,943 | ---- | M] () -- C:\Users\Matthew\Desktop\firstPhotoshop.png
[2011-08-13 18:23:35 | 000,035,356 | ---- | M] () -- C:\Users\Matthew\.recently-used.xbel
[2011-08-13 17:56:10 | 008,615,105 | ---- | M] () -- C:\Users\Matthew\Desktop\first.psd
[2011-08-13 14:31:24 | 001,758,622 | ---- | M] () -- C:\Users\Matthew\Desktop\halflife2render.png
[2011-08-13 11:45:51 | 000,000,631 | ---- | M] () -- C:\Users\Matthew\Desktop\Identity Cloaker.lnk
[2011-08-13 11:16:34 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2011-08-13 11:05:55 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2011-08-13 10:28:03 | 001,663,882 | ---- | M] () -- C:\Users\Matthew\Desktop\bioshockr_1.png
[2011-08-12 22:56:43 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\Airytec Switch Off.lnk
[2011-08-12 22:50:02 | 000,002,280 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011-08-12 20:36:56 | 000,862,483 | ---- | M] () -- C:\Users\Matthew\Desktop\4781_render_Renders_devil_may_cry.png
[2011-08-12 13:20:58 | 000,731,536 | ---- | M] () -- C:\Users\Matthew\Desktop\hitman1.png
[2011-08-11 19:23:12 | 000,647,127 | ---- | M] () -- C:\Users\Matthew\Desktop\dame_en_noir.png
[2011-08-11 19:20:13 | 000,039,538 | ---- | M] () -- C:\Users\Matthew\Desktop\thumb-74381.jpg
[2011-08-11 19:19:25 | 000,047,656 | ---- | M] () -- C:\Users\Matthew\Desktop\dark_side_of_nyan_wallpaper_by_davidwoodfx-d3l3h5y.png
[2011-08-11 15:25:16 | 001,519,212 | ---- | M] () -- C:\Users\Matthew\Desktop\98546.jpg
[2011-08-10 22:50:48 | 000,000,895 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-08-10 21:50:33 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-08-10 21:50:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011-08-10 20:52:08 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2011-08-10 19:44:58 | 000,007,607 | ---- | M] () -- C:\Users\Matthew\AppData\Local\resmon.resmoncfg
[2011-08-10 16:59:40 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011-08-10 16:59:38 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011-08-10 13:58:20 | 000,001,082 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011-08-10 13:58:20 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011-08-10 13:41:24 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2011-08-10 10:05:24 | 000,002,365 | ---- | M] () -- C:\Users\Matthew\Desktop\Google Chrome.lnk
[2011-08-09 19:49:02 | 000,001,509 | ---- | M] () -- C:\Users\Matthew\Desktop\VideoConverter - Shortcut.lnk
[2011-08-09 18:44:24 | 000,001,022 | ---- | M] () -- C:\Users\Matthew\Desktop\Any Video Converter.lnk
[2011-08-09 16:14:26 | 000,052,991 | ---- | M] () -- C:\Users\Matthew\Desktop\1440-900-104848.jpg
[2011-08-09 16:06:35 | 000,000,574 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011-08-09 13:34:54 | 005,129,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-08-09 12:50:23 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download Version.lnk
[2011-08-08 21:50:42 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2011-08-08 21:49:21 | 000,002,823 | ---- | M] () -- C:\Users\Public\Desktop\Video Tutorials.lnk
[2011-08-08 21:49:17 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Corel CONNECT.lnk
[2011-08-08 21:49:10 | 000,002,627 | ---- | M] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2011-08-08 21:49:02 | 000,002,635 | ---- | M] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2011-08-08 21:48:44 | 000,002,619 | ---- | M] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2011-08-08 16:00:59 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2011-08-08 16:00:59 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2011-08-05 13:19:57 | 000,001,433 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011-08-04 18:30:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-08-04 18:30:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011-08-04 17:18:15 | 000,001,707 | ---- | M] () -- C:\Users\Matthew\Desktop\AssassinsCreedBrotherhood - Shortcut.lnk
[2011-08-04 16:23:06 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-08-04 16:22:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-08-03 23:19:37 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2011-08-03 20:50:57 | 000,000,909 | ---- | M] () -- C:\Users\Matthew\Desktop\C4D - Shortcut (2).lnk
[2011-08-03 20:38:27 | 000,001,345 | ---- | M] () -- C:\Users\Matthew\Desktop\VirtualRouterClient - Shortcut.lnk
[2011-08-03 19:10:00 | 000,001,046 | ---- | M] () -- C:\Users\Matthew\Desktop\Any Video Converter (2).lnk
[2011-08-03 13:04:57 | 000,001,571 | ---- | M] () -- C:\Users\Matthew\Desktop\dirt3 - Shortcut.lnk
[2011-08-03 12:51:13 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011-08-03 12:51:12 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011-08-03 12:35:18 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011-08-02 21:35:16 | 088,192,105 | ---- | M] () -- C:\Users\Matthew\Documents\YELLE - Safari Disco Club.mp4
[2011-08-02 19:46:20 | 000,000,766 | ---- | M] () -- C:\Users\Matthew\Desktop\Mafia.lnk
[2011-08-02 19:24:22 | 000,001,143 | ---- | M] () -- C:\Users\Matthew\Desktop\MafiaCon - Shortcut.lnk
[2011-08-02 18:38:24 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2011-08-02 16:02:34 | 000,001,622 | ---- | M] () -- C:\Users\Matthew\Desktop\CoLD Mod.lnk
[2011-08-02 15:53:24 | 001,059,840 | ---- | M] () -- C:\VirtualRouterInstaller.msi
[2011-08-01 23:27:54 | 000,000,702 | ---- | M] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut (2).lnk
[2011-08-01 23:24:37 | 000,029,074 | ---- | M] () -- C:\Users\Matthew\Desktop\energy-report.html
[2011-08-01 22:45:53 | 000,001,040 | ---- | M] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut.lnk
[2011-08-01 20:06:49 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011-08-01 20:06:49 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-08-01 18:38:28 | 000,000,773 | ---- | M] () -- C:\Users\Matthew\Desktop\MafiaDataXTractor - Shortcut.lnk
[2011-08-01 17:51:46 | 000,000,256 | ---- | M] () -- C:\dk2.mem
[2011-08-01 17:50:27 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2011-08-01 16:57:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011-08-01 16:33:23 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2011-07-15 12:43:15 | 000,001,723 | ---- | M] () -- C:\Users\Matthew\Desktop\PeerBlock.lnk
[2011-07-15 12:15:04 | 000,002,125 | ---- | M] () -- C:\Users\Public\Desktop\The Battle for Middle-earth ™ II.lnk
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-08-13 20:54:05 | 008,210,693 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.psd
[2011-08-13 20:50:30 | 000,086,844 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.jpg
[2011-08-13 20:49:55 | 000,000,132 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-08-13 20:49:39 | 008,209,833 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.xcf
[2011-08-13 20:25:05 | 000,239,055 | ---- | C] () -- C:\Users\Matthew\Desktop\warrior_of_eclipse_by_newmand-d3kv3a8.jpg
[2011-08-13 19:58:38 | 000,000,412 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
[2011-08-13 19:55:03 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\Star wars Battlefront II.lnk
[2011-08-13 18:23:35 | 000,035,356 | ---- | C] () -- C:\Users\Matthew\.recently-used.xbel
[2011-08-13 17:56:17 | 000,105,943 | ---- | C] () -- C:\Users\Matthew\Desktop\firstPhotoshop.png
[2011-08-13 17:48:36 | 008,615,105 | ---- | C] () -- C:\Users\Matthew\Desktop\first.psd
[2011-08-13 14:31:29 | 001,758,622 | ---- | C] () -- C:\Users\Matthew\Desktop\halflife2render.png
[2011-08-13 11:45:51 | 000,000,631 | ---- | C] () -- C:\Users\Matthew\Desktop\Identity Cloaker.lnk
[2011-08-13 11:16:34 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2011-08-13 11:05:55 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2011-08-13 10:28:08 | 001,663,882 | ---- | C] () -- C:\Users\Matthew\Desktop\bioshockr_1.png
[2011-08-12 22:56:43 | 000,000,938 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airytec Switch Off.lnk
[2011-08-12 22:56:43 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\Airytec Switch Off.lnk
[2011-08-12 22:50:02 | 000,002,280 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011-08-12 22:47:28 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-12 22:47:24 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-12 20:37:01 | 000,862,483 | ---- | C] () -- C:\Users\Matthew\Desktop\4781_render_Renders_devil_may_cry.png
[2011-08-12 13:21:09 | 000,731,536 | ---- | C] () -- C:\Users\Matthew\Desktop\hitman1.png
[2011-08-11 19:23:15 | 000,647,127 | ---- | C] () -- C:\Users\Matthew\Desktop\dame_en_noir.png
[2011-08-11 19:20:16 | 000,039,538 | ---- | C] () -- C:\Users\Matthew\Desktop\thumb-74381.jpg
[2011-08-11 19:19:29 | 000,047,656 | ---- | C] () -- C:\Users\Matthew\Desktop\dark_side_of_nyan_wallpaper_by_davidwoodfx-d3l3h5y.png
[2011-08-11 15:25:23 | 001,519,212 | ---- | C] () -- C:\Users\Matthew\Desktop\98546.jpg
[2011-08-10 22:50:48 | 000,000,895 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-08-10 20:34:22 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-08-10 16:59:40 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011-08-10 16:59:38 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011-08-10 13:58:20 | 000,001,082 | ---- | C] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011-08-10 13:58:20 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011-08-10 13:37:33 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011-08-09 19:49:02 | 000,001,509 | ---- | C] () -- C:\Users\Matthew\Desktop\VideoConverter - Shortcut.lnk
[2011-08-09 18:44:24 | 000,001,022 | ---- | C] () -- C:\Users\Matthew\Desktop\Any Video Converter.lnk
[2011-08-09 16:14:35 | 000,052,991 | ---- | C] () -- C:\Users\Matthew\Desktop\1440-900-104848.jpg
[2011-08-09 12:50:23 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download Version.lnk
[2011-08-08 21:55:50 | 000,002,823 | ---- | C] () -- C:\Users\Public\Desktop\Video Tutorials.lnk
[2011-08-08 21:55:50 | 000,002,635 | ---- | C] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2011-08-08 21:55:50 | 000,002,627 | ---- | C] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2011-08-08 21:55:50 | 000,002,619 | ---- | C] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2011-08-08 21:55:50 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Corel CONNECT.lnk
[2011-08-08 21:55:50 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2011-08-04 18:30:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-08-04 18:30:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011-08-04 17:18:15 | 000,001,707 | ---- | C] () -- C:\Users\Matthew\Desktop\AssassinsCreedBrotherhood - Shortcut.lnk
[2011-08-04 16:23:06 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-08-04 16:22:50 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-08-03 23:19:37 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2011-08-03 20:50:57 | 000,000,909 | ---- | C] () -- C:\Users\Matthew\Desktop\C4D - Shortcut (2).lnk
[2011-08-03 20:38:27 | 000,001,345 | ---- | C] () -- C:\Users\Matthew\Desktop\VirtualRouterClient - Shortcut.lnk
[2011-08-03 19:10:00 | 000,001,046 | ---- | C] () -- C:\Users\Matthew\Desktop\Any Video Converter (2).lnk
[2011-08-03 13:04:57 | 000,001,571 | ---- | C] () -- C:\Users\Matthew\Desktop\dirt3 - Shortcut.lnk
[2011-08-03 12:54:47 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011-08-02 21:41:08 | 001,059,840 | ---- | C] () -- C:\VirtualRouterInstaller.msi
[2011-08-02 21:31:24 | 088,192,105 | ---- | C] () -- C:\Users\Matthew\Documents\YELLE - Safari Disco Club.mp4
[2011-08-02 19:46:20 | 000,000,766 | ---- | C] () -- C:\Users\Matthew\Desktop\Mafia.lnk
[2011-08-02 19:24:22 | 000,001,143 | ---- | C] () -- C:\Users\Matthew\Desktop\MafiaCon - Shortcut.lnk
[2011-08-02 18:38:24 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2011-08-02 16:02:34 | 000,001,622 | ---- | C] () -- C:\Users\Matthew\Desktop\CoLD Mod.lnk
[2011-08-01 23:27:54 | 000,000,702 | ---- | C] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut (2).lnk
[2011-08-01 23:24:37 | 000,029,074 | ---- | C] () -- C:\Users\Matthew\Desktop\energy-report.html
[2011-08-01 22:45:53 | 000,001,040 | ---- | C] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut.lnk
[2011-08-01 20:06:49 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011-08-01 20:06:49 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-08-01 18:38:28 | 000,000,773 | ---- | C] () -- C:\Users\Matthew\Desktop\MafiaDataXTractor - Shortcut.lnk
[2011-08-01 17:51:46 | 000,000,256 | ---- | C] () -- C:\dk2.mem
[2011-08-01 17:50:27 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2011-08-01 16:57:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011-08-01 16:33:23 | 000,002,130 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2011-07-15 12:43:15 | 000,001,723 | ---- | C] () -- C:\Users\Matthew\Desktop\PeerBlock.lnk
[2011-07-15 12:15:04 | 000,002,125 | ---- | C] () -- C:\Users\Public\Desktop\The Battle for Middle-earth ™ II.lnk
[2011-07-15 11:20:12 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011-07-15 11:16:55 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011-07-15 11:16:23 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011-07-15 11:16:23 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011-07-15 11:15:50 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2011-07-15 11:15:50 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011-07-10 18:13:37 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011-07-08 19:55:09 | 000,007,607 | ---- | C] () -- C:\Users\Matthew\AppData\Local\resmon.resmoncfg
[2011-07-08 14:49:51 | 000,008,192 | R--- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011-07-08 12:48:08 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-07-08 12:48:08 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-07-08 12:48:08 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007-04-27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2003-04-09 05:28:44 | 000,233,472 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2003-04-09 05:28:44 | 000,233,472 | R--- | C] () -- C:\Users\Matthew\AppData\Roaming\MafiaSetup.exe
[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\SysWow64\DK2WIN32.DLL

========== LOP Check ==========

[2011-07-13 14:28:51 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\AnvSoft
[2011-07-09 17:46:35 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\AVG10
[2011-08-14 10:07:51 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\BitTorrent
[2011-07-10 18:06:44 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\DAEMON Tools Lite
[2011-08-12 21:43:22 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\gtk-2.0
[2011-08-08 16:16:15 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\IObit
[2011-08-09 12:50:59 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\MAGIX
[2011-07-15 12:33:15 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\My Battle for Middle-earth™ II Files
[2011-08-10 10:20:55 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\OpenCandy
[2011-08-01 16:57:39 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\PC Suite
[2011-08-04 16:22:48 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\PunkBuster
[2011-07-08 15:20:06 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\Virtual Desktop Manager
[2011-08-13 12:04:42 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\WhiteSmoke
[2011-08-09 20:28:23 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\WNR
[2009-07-14 07:08:49 | 000,027,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Edited by Comkrin, 14 August 2011 - 02:36 AM.

  • 0

Advertisements

#2
Essexboy
Posted 14 August 2011 - 08:14 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, run this quick fix and then let me know if the problem persists

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
    IE - HKCU\..\URLSearchHook: {12a9db21-42a2-492d-a85c-cdde0c88b608} - Reg Error: Key error. File not found
    IE - HKCU\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - Reg Error: Key error. File not found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080
    O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
    O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
    O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - File not found
    O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
    O4 - HKCU..\Run: [1] C:\Users\Matthew\AppData\Local\Temp\wmplog05.sqv ()
    [2011-08-13 11:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
    [2011-08-10 10:21:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\OpenCandy
    [2011-08-10 10:20:55 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\OpenCandy
    [2011-08-10 10:14:41 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\WhiteSmoke
    [2011-08-09 21:00:27 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
    [2011-08-13 11:16:34 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
    [2011-08-13 12:04:42 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\WhiteSmoke
    [2011-08-10 10:20:55 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\OpenCandy

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
Comkrin
Posted 14 August 2011 - 09:38 AM

Comkrin

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Thank you very much for your time, however it did not fix the problem, there are still 2 "iexplore.exe" at startup running in the background, and the OTL program was deleted after I rebooted... here are the report's:


OTL logfile created on: 2011-08-14 17:29:13 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Matthew\Downloads
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,91 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,09% Memory free
7,83 Gb Paging File | 5,95 Gb Available in Paging File | 76,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 115,57 Gb Free Space | 25,91% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 19,44 Gb Free Space | 99,54% Space Free | Partition Type: NTFS

Computer Name: MATTHEW-LAPTOP | User Name: Matthew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-08-14 17:28:27 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Downloads\OTL.exe
PRC - [2011-08-04 16:22:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-07-08 18:50:41 | 000,403,320 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files II\BitTorrent\BitTorrent.exe
PRC - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files II\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\afwServ.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-07-01 20:40:28 | 000,129,352 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpntray.exe
PRC - [2011-07-01 20:38:58 | 000,298,824 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2011-06-15 13:11:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-05-25 02:54:54 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2011-05-25 01:40:12 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011-04-22 15:08:52 | 000,352,656 | ---- | M] (IObit) -- C:\Program Files II\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files II\DAEMON Tools Lite\DTLite.exe
PRC - [2011-01-13 19:34:30 | 000,814,088 | R--- | M] (Pegatron Corporation) -- C:\Program Files (x86)\PHotkey\PHotkey.exe
PRC - [2011-01-13 19:34:20 | 004,243,976 | R--- | M] (Pegatron Corporation) -- C:\Program Files (x86)\PHotkey\MsOsd.exe
PRC - [2010-12-10 12:19:36 | 000,117,256 | R--- | M] () -- C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
PRC - [2010-12-10 12:19:36 | 000,104,968 | R--- | M] () -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
PRC - [2010-10-05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.EXE
PRC - [2010-10-05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.EXE
PRC - [2010-04-27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (SafeList) ==========

MOD - [2011-08-14 17:28:27 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Downloads\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\snxhk.dll
MOD - [2011-06-15 13:11:00 | 000,231,528 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll
MOD - [2011-06-15 13:11:00 | 000,224,360 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll
MOD - [2011-06-15 13:11:00 | 000,200,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll
MOD - [2011-06-15 13:11:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-12-17 10:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-08-04 16:22:50 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files II\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files II\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files II\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-07-01 20:40:36 | 000,063,976 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2011-07-01 20:38:58 | 000,298,824 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2011-06-15 13:11:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files II\Airytec\Switch Off\swoff.exe -- (SwOffWeb)
SRV - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files II\Airytec\Switch Off\swoff.exe -- (SwOffScheduler)
SRV - [2011-05-25 02:54:54 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011-05-25 01:40:12 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011-04-22 15:08:52 | 000,352,656 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files II\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010-12-10 12:19:36 | 000,159,752 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv)
SRV - [2010-12-10 12:19:36 | 000,104,968 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2010-10-20 11:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-10-05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010-10-05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.EXE -- (LMS) Intel®
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-11-18 13:40:26 | 000,012,288 | ---- | M] (Chris Pietschmann (http://pietschsoft.com)) [Auto | Running] -- C:\Program Files II\Virtual Router\VirtualRouterService.exe -- (Virtual Router)
SRV - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011-07-10 18:05:03 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011-07-09 12:36:48 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011-07-06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011-06-15 13:11:00 | 000,027,240 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011-05-25 01:40:10 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2011-02-23 14:34:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2011-01-28 03:44:24 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010-12-16 11:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010-12-02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010-12-02 10:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010-12-02 10:36:40 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-08 08:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2010-11-08 06:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010-10-14 18:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010-09-21 03:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010-07-30 10:49:46 | 002,485,760 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010-07-27 03:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010-07-27 03:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010-12-10 12:19:36 | 000,014,344 | R--- | M] (PEGATRON) [Kernel | Auto | Running] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN)
DRV - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {12a9db21-42a2-492d-a85c-cdde0c88b608} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {167d9323-f7cc-48f5-948a-6f012831a69f} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8080

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)


[2011-08-10 10:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthew\AppData\Roaming\Mozilla\Extensions

O1 HOSTS File: ([2011-04-24 22:58:29 | 000,001,211 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - File not found
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [avast] C:\Program Files II\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files II\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [1] C:\Users\Matthew\AppData\Local\Temp\wmplog05.sqv ()
O4 - HKCU..\Run: [BitTorrent] C:\Program Files II\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files II\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1 193.0.71.133
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4b708a17-ab04-11e0-84a2-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{4b708a17-ab04-11e0-84a2-e0699541a433}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{63270feb-aa29-11e0-a799-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{63270feb-aa29-11e0-a799-e0699541a433}\Shell\AutoRun\command - "" = H:\m.exe
O33 - MountPoints2\{f57c141d-aa14-11e0-9754-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{f57c141d-aa14-11e0-9754-e0699541a433}\Shell\AutoRun\command - "" = F:\MLLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-08-14 14:52:37 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\NVIDIA
[2011-08-13 19:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star wars Battlefront II
[2011-08-13 14:12:19 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\Photoshop Brushes
[2011-08-13 11:53:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\antiphishing-webblog1_1dn
[2011-08-13 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Identity Cloaker
[2011-08-13 11:45:50 | 000,000,000 | ---D | C] -- C:\Identity Cloaker
[2011-08-13 11:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2011-08-13 11:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield
[2011-08-13 11:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
[2011-08-12 23:06:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Microsoft_Research
[2011-08-12 23:02:26 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\WWT Collections
[2011-08-12 22:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011-08-12 22:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011-08-10 22:50:54 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Malwarebytes
[2011-08-10 22:50:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-08-10 22:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-08-10 22:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-08-10 22:50:43 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011-08-10 21:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2011-08-10 20:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011-08-10 20:34:20 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011-08-10 20:34:19 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011-08-10 20:34:15 | 000,129,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2011-08-10 20:32:19 | 000,257,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2011-08-10 20:32:18 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011-08-10 20:32:16 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011-08-10 20:32:13 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011-08-10 20:32:10 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011-08-10 20:32:08 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011-08-10 20:31:48 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2011-08-10 17:49:12 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadwh.sys
[2011-08-10 17:49:11 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadcm.sys
[2011-08-10 17:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2011-08-10 16:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4
[2011-08-10 13:58:25 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\VS Revo Group
[2011-08-10 13:58:19 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2011-08-10 13:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2011-08-10 13:39:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\FreeCause
[2011-08-10 13:39:38 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Conduit
[2011-08-10 10:21:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\OpenCandy
[2011-08-10 10:20:55 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\OpenCandy
[2011-08-10 10:14:41 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\WhiteSmoke
[2011-08-10 10:00:13 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Mozilla
[2011-08-09 21:00:27 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2011-08-09 20:47:54 | 000,424,296 | ---- | C] (Hide My IP) -- C:\Windows\SysNative\HMIPCore64.dll
[2011-08-09 20:47:52 | 000,330,600 | ---- | C] (Hide My IP) -- C:\Windows\SysWow64\HMIPCore.dll
[2011-08-09 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\WNR
[2011-08-09 20:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011-08-09 18:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2011-08-09 14:12:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2011-08-09 13:48:48 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\GPUMonitor
[2011-08-09 13:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011-08-09 13:00:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX_Music_Maker_17_Premium_Download_Version
[2011-08-09 13:00:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX downloads
[2011-08-09 12:51:10 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX_MusicEditor
[2011-08-09 12:50:59 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\MAGIX
[2011-08-09 12:49:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX_Music_Maker_17_Premium_Download_Version
[2011-08-09 12:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2011-08-09 12:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2011-08-09 12:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011-08-09 12:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2011-08-08 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\My Palettes
[2011-08-08 21:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2011-08-08 21:56:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Corel
[2011-08-08 21:53:39 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Corel
[2011-08-08 21:53:25 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Visual Studio 2008
[2011-08-08 21:53:18 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Microsoft Help
[2011-08-08 21:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2011-08-08 21:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2011-08-08 21:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011-08-08 21:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gs
[2011-08-08 21:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011-08-08 21:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2011-08-08 21:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011-08-08 21:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
[2011-08-07 22:00:20 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\FSW7AGST
[2011-08-05 13:35:45 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011-08-04 16:22:48 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\PunkBuster
[2011-08-04 16:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011-08-04 12:37:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
[2011-08-04 12:36:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
[2011-08-04 12:36:07 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\PackageAware
[2011-08-03 23:28:46 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\CrashRpt
[2011-08-03 23:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2011-08-03 22:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2011-08-03 22:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011-08-03 22:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011-08-03 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011-08-03 13:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011-08-03 13:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2011-08-03 13:05:18 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\My Games
[2011-08-03 12:55:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011-08-03 12:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011-08-03 12:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011-08-03 12:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
[2011-08-03 12:51:15 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2011-08-03 12:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2011-08-03 12:51:13 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011-08-03 12:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011-08-03 12:51:12 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011-08-03 12:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2011-08-02 21:43:29 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Chris_Pietschmann_(http__
[2011-08-02 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
[2011-08-02 19:46:14 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-08-02 18:38:52 | 000,000,000 | RH-D | C] -- C:\Users\Matthew\AppData\Roaming\SecuROM
[2011-08-02 18:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
[2011-08-02 16:02:34 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\City of Lost Dreams Mod 1.1
[2011-08-02 16:02:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City of Lost Dreams Mod 1.1
[2011-08-01 20:11:53 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Activision
[2011-08-01 20:08:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011-08-01 20:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011-08-01 17:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011-08-01 17:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoenix
[2011-08-01 16:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011-08-01 16:57:39 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\PC Suite
[2011-08-01 16:39:26 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\Nokia x2
[2011-08-01 16:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2011-08-01 16:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011-08-01 16:34:44 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2011-08-01 16:34:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011-08-01 16:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011-08-01 16:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011-08-01 16:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2011-08-01 16:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2011-08-01 16:31:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2011-08-01 15:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-08-01 12:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2011-08-01 10:47:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011-08-01 10:44:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011-07-15 23:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011-07-15 23:01:07 | 000,000,000 | ---D | C] -- C:\ec4d08134c138221293c870033
[2011-07-15 21:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-08-14 17:29:56 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-08-14 17:29:56 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-08-14 17:22:15 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-14 17:22:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-08-14 17:03:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-736223655-864630041-865155394-1000UA.job
[2011-08-14 17:03:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-14 15:02:59 | 000,001,388 | ---- | M] () -- C:\Users\Matthew\Desktop\GpuCapsViewer - Shortcut.lnk
[2011-08-14 14:46:42 | 000,391,211 | ---- | M] () -- C:\Users\Matthew\Desktop\3870.jpg
[2011-08-14 11:22:34 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-08-14 11:22:34 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-08-14 11:22:34 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-08-13 22:03:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-736223655-864630041-865155394-1000Core.job
[2011-08-13 20:54:07 | 008,210,693 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.psd
[2011-08-13 20:50:30 | 000,086,844 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.jpg
[2011-08-13 20:49:55 | 000,000,132 | ---- | M] () -- C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-08-13 20:49:42 | 008,209,833 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.xcf
[2011-08-13 20:25:02 | 000,239,055 | ---- | M] () -- C:\Users\Matthew\Desktop\warrior_of_eclipse_by_newmand-d3kv3a8.jpg
[2011-08-13 20:05:56 | 000,000,412 | ---- | M] () -- C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
[2011-08-13 19:55:03 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\Star wars Battlefront II.lnk
[2011-08-13 18:23:35 | 000,105,943 | ---- | M] () -- C:\Users\Matthew\Desktop\firstPhotoshop.png
[2011-08-13 18:23:35 | 000,035,356 | ---- | M] () -- C:\Users\Matthew\.recently-used.xbel
[2011-08-13 17:56:10 | 008,615,105 | ---- | M] () -- C:\Users\Matthew\Desktop\first.psd
[2011-08-13 14:31:24 | 001,758,622 | ---- | M] () -- C:\Users\Matthew\Desktop\halflife2render.png
[2011-08-13 11:45:51 | 000,000,631 | ---- | M] () -- C:\Users\Matthew\Desktop\Identity Cloaker.lnk
[2011-08-13 11:16:34 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2011-08-13 11:05:55 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2011-08-13 10:28:03 | 001,663,882 | ---- | M] () -- C:\Users\Matthew\Desktop\bioshockr_1.png
[2011-08-12 22:56:43 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\Airytec Switch Off.lnk
[2011-08-12 22:50:02 | 000,002,280 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011-08-12 20:36:56 | 000,862,483 | ---- | M] () -- C:\Users\Matthew\Desktop\4781_render_Renders_devil_may_cry.png
[2011-08-12 13:20:58 | 000,731,536 | ---- | M] () -- C:\Users\Matthew\Desktop\hitman1.png
[2011-08-11 19:23:12 | 000,647,127 | ---- | M] () -- C:\Users\Matthew\Desktop\dame_en_noir.png
[2011-08-11 19:20:13 | 000,039,538 | ---- | M] () -- C:\Users\Matthew\Desktop\thumb-74381.jpg
[2011-08-11 19:19:25 | 000,047,656 | ---- | M] () -- C:\Users\Matthew\Desktop\dark_side_of_nyan_wallpaper_by_davidwoodfx-d3l3h5y.png
[2011-08-11 15:25:16 | 001,519,212 | ---- | M] () -- C:\Users\Matthew\Desktop\98546.jpg
[2011-08-10 22:50:48 | 000,000,895 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-08-10 21:50:33 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-08-10 21:50:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011-08-10 21:46:18 | 000,001,725 | ---- | M] () -- C:\Users\Matthew\Desktop\Avast Internet Security lic.avastlic
[2011-08-10 20:52:08 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2011-08-10 19:44:58 | 000,007,607 | ---- | M] () -- C:\Users\Matthew\AppData\Local\resmon.resmoncfg
[2011-08-10 16:59:40 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011-08-10 16:59:38 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011-08-10 13:58:20 | 000,001,082 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011-08-10 13:58:20 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011-08-10 13:41:24 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2011-08-10 10:05:24 | 000,002,365 | ---- | M] () -- C:\Users\Matthew\Desktop\Google Chrome.lnk
[2011-08-09 19:49:02 | 000,001,509 | ---- | M] () -- C:\Users\Matthew\Desktop\VideoConverter - Shortcut.lnk
[2011-08-09 18:44:24 | 000,001,022 | ---- | M] () -- C:\Users\Matthew\Desktop\Any Video Converter.lnk
[2011-08-09 16:14:26 | 000,052,991 | ---- | M] () -- C:\Users\Matthew\Desktop\1440-900-104848.jpg
[2011-08-09 16:06:35 | 000,000,574 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011-08-09 13:34:54 | 005,129,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-08-09 12:50:23 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download Version.lnk
[2011-08-08 21:50:42 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2011-08-08 21:49:21 | 000,002,823 | ---- | M] () -- C:\Users\Public\Desktop\Video Tutorials.lnk
[2011-08-08 21:49:17 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Corel CONNECT.lnk
[2011-08-08 21:49:10 | 000,002,627 | ---- | M] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2011-08-08 21:49:02 | 000,002,635 | ---- | M] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2011-08-08 21:48:44 | 000,002,619 | ---- | M] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2011-08-08 16:00:59 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2011-08-08 16:00:59 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2011-08-05 13:19:57 | 000,001,433 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011-08-04 18:30:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-08-04 18:30:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011-08-04 17:18:15 | 000,001,707 | ---- | M] () -- C:\Users\Matthew\Desktop\AssassinsCreedBrotherhood - Shortcut.lnk
[2011-08-04 16:23:06 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-08-04 16:22:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-08-03 23:19:37 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2011-08-03 20:50:57 | 000,000,909 | ---- | M] () -- C:\Users\Matthew\Desktop\C4D - Shortcut (2).lnk
[2011-08-03 20:38:27 | 000,001,345 | ---- | M] () -- C:\Users\Matthew\Desktop\VirtualRouterClient - Shortcut.lnk
[2011-08-03 19:10:00 | 000,001,046 | ---- | M] () -- C:\Users\Matthew\Desktop\Any Video Converter (2).lnk
[2011-08-03 13:04:57 | 000,001,571 | ---- | M] () -- C:\Users\Matthew\Desktop\dirt3 - Shortcut.lnk
[2011-08-03 12:51:13 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011-08-03 12:51:12 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011-08-03 12:35:18 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011-08-02 21:35:16 | 088,192,105 | ---- | M] () -- C:\Users\Matthew\Documents\YELLE - Safari Disco Club.mp4
[2011-08-02 19:46:20 | 000,000,766 | ---- | M] () -- C:\Users\Matthew\Desktop\Mafia.lnk
[2011-08-02 19:24:22 | 000,001,143 | ---- | M] () -- C:\Users\Matthew\Desktop\MafiaCon - Shortcut.lnk
[2011-08-02 18:38:24 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2011-08-02 16:02:34 | 000,001,622 | ---- | M] () -- C:\Users\Matthew\Desktop\CoLD Mod.lnk
[2011-08-02 15:53:24 | 001,059,840 | ---- | M] () -- C:\VirtualRouterInstaller.msi
[2011-08-01 23:27:54 | 000,000,702 | ---- | M] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut (2).lnk
[2011-08-01 23:24:37 | 000,029,074 | ---- | M] () -- C:\Users\Matthew\Desktop\energy-report.html
[2011-08-01 22:45:53 | 000,001,040 | ---- | M] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut.lnk
[2011-08-01 20:06:49 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011-08-01 20:06:49 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-08-01 18:38:28 | 000,000,773 | ---- | M] () -- C:\Users\Matthew\Desktop\MafiaDataXTractor - Shortcut.lnk
[2011-08-01 17:51:46 | 000,000,256 | ---- | M] () -- C:\dk2.mem
[2011-08-01 17:50:27 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2011-08-01 16:57:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011-08-01 16:33:23 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-08-14 15:02:59 | 000,001,388 | ---- | C] () -- C:\Users\Matthew\Desktop\GpuCapsViewer - Shortcut.lnk
[2011-08-14 14:46:45 | 000,391,211 | ---- | C] () -- C:\Users\Matthew\Desktop\3870.jpg
[2011-08-13 20:54:05 | 008,210,693 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.psd
[2011-08-13 20:50:30 | 000,086,844 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.jpg
[2011-08-13 20:49:55 | 000,000,132 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-08-13 20:49:39 | 008,209,833 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.xcf
[2011-08-13 20:25:05 | 000,239,055 | ---- | C] () -- C:\Users\Matthew\Desktop\warrior_of_eclipse_by_newmand-d3kv3a8.jpg
[2011-08-13 19:58:38 | 000,000,412 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
[2011-08-13 19:55:03 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\Star wars Battlefront II.lnk
[2011-08-13 18:23:35 | 000,035,356 | ---- | C] () -- C:\Users\Matthew\.recently-used.xbel
[2011-08-13 17:56:17 | 000,105,943 | ---- | C] () -- C:\Users\Matthew\Desktop\firstPhotoshop.png
[2011-08-13 17:48:36 | 008,615,105 | ---- | C] () -- C:\Users\Matthew\Desktop\first.psd
[2011-08-13 14:31:29 | 001,758,622 | ---- | C] () -- C:\Users\Matthew\Desktop\halflife2render.png
[2011-08-13 11:45:51 | 000,000,631 | ---- | C] () -- C:\Users\Matthew\Desktop\Identity Cloaker.lnk
[2011-08-13 11:16:34 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk
[2011-08-13 11:05:55 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2011-08-13 10:28:08 | 001,663,882 | ---- | C] () -- C:\Users\Matthew\Desktop\bioshockr_1.png
[2011-08-12 22:56:43 | 000,000,938 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airytec Switch Off.lnk
[2011-08-12 22:56:43 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\Airytec Switch Off.lnk
[2011-08-12 22:50:02 | 000,002,280 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011-08-12 22:47:28 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-12 22:47:24 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-12 20:37:01 | 000,862,483 | ---- | C] () -- C:\Users\Matthew\Desktop\4781_render_Renders_devil_may_cry.png
[2011-08-12 13:21:09 | 000,731,536 | ---- | C] () -- C:\Users\Matthew\Desktop\hitman1.png
[2011-08-11 19:23:15 | 000,647,127 | ---- | C] () -- C:\Users\Matthew\Desktop\dame_en_noir.png
[2011-08-11 19:20:16 | 000,039,538 | ---- | C] () -- C:\Users\Matthew\Desktop\thumb-74381.jpg
[2011-08-11 19:19:29 | 000,047,656 | ---- | C] () -- C:\Users\Matthew\Desktop\dark_side_of_nyan_wallpaper_by_davidwoodfx-d3l3h5y.png
[2011-08-11 15:25:23 | 001,519,212 | ---- | C] () -- C:\Users\Matthew\Desktop\98546.jpg
[2011-08-10 22:50:48 | 000,000,895 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-08-10 21:46:18 | 000,001,725 | ---- | C] () -- C:\Users\Matthew\Desktop\Avast Internet Security lic.avastlic
[2011-08-10 20:34:22 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-08-10 16:59:40 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011-08-10 16:59:38 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011-08-10 13:58:20 | 000,001,082 | ---- | C] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011-08-10 13:58:20 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011-08-10 13:37:33 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011-08-09 19:49:02 | 000,001,509 | ---- | C] () -- C:\Users\Matthew\Desktop\VideoConverter - Shortcut.lnk
[2011-08-09 18:44:24 | 000,001,022 | ---- | C] () -- C:\Users\Matthew\Desktop\Any Video Converter.lnk
[2011-08-09 16:14:35 | 000,052,991 | ---- | C] () -- C:\Users\Matthew\Desktop\1440-900-104848.jpg
[2011-08-09 12:50:23 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download Version.lnk
[2011-08-08 21:55:50 | 000,002,823 | ---- | C] () -- C:\Users\Public\Desktop\Video Tutorials.lnk
[2011-08-08 21:55:50 | 000,002,635 | ---- | C] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2011-08-08 21:55:50 | 000,002,627 | ---- | C] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2011-08-08 21:55:50 | 000,002,619 | ---- | C] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2011-08-08 21:55:50 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Corel CONNECT.lnk
[2011-08-08 21:55:50 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2011-08-04 18:30:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-08-04 18:30:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011-08-04 17:18:15 | 000,001,707 | ---- | C] () -- C:\Users\Matthew\Desktop\AssassinsCreedBrotherhood - Shortcut.lnk
[2011-08-04 16:23:06 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-08-04 16:22:50 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-08-03 23:19:37 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2011-08-03 20:50:57 | 000,000,909 | ---- | C] () -- C:\Users\Matthew\Desktop\C4D - Shortcut (2).lnk
[2011-08-03 20:38:27 | 000,001,345 | ---- | C] () -- C:\Users\Matthew\Desktop\VirtualRouterClient - Shortcut.lnk
[2011-08-03 19:10:00 | 000,001,046 | ---- | C] () -- C:\Users\Matthew\Desktop\Any Video Converter (2).lnk
[2011-08-03 13:04:57 | 000,001,571 | ---- | C] () -- C:\Users\Matthew\Desktop\dirt3 - Shortcut.lnk
[2011-08-03 12:54:47 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011-08-02 21:41:08 | 001,059,840 | ---- | C] () -- C:\VirtualRouterInstaller.msi
[2011-08-02 21:31:24 | 088,192,105 | ---- | C] () -- C:\Users\Matthew\Documents\YELLE - Safari Disco Club.mp4
[2011-08-02 19:46:20 | 000,000,766 | ---- | C] () -- C:\Users\Matthew\Desktop\Mafia.lnk
[2011-08-02 19:24:22 | 000,001,143 | ---- | C] () -- C:\Users\Matthew\Desktop\MafiaCon - Shortcut.lnk
[2011-08-02 18:38:24 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2011-08-02 16:02:34 | 000,001,622 | ---- | C] () -- C:\Users\Matthew\Desktop\CoLD Mod.lnk
[2011-08-01 23:27:54 | 000,000,702 | ---- | C] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut (2).lnk
[2011-08-01 23:24:37 | 000,029,074 | ---- | C] () -- C:\Users\Matthew\Desktop\energy-report.html
[2011-08-01 22:45:53 | 000,001,040 | ---- | C] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut.lnk
[2011-08-01 20:06:49 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011-08-01 20:06:49 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-08-01 18:38:28 | 000,000,773 | ---- | C] () -- C:\Users\Matthew\Desktop\MafiaDataXTractor - Shortcut.lnk
[2011-08-01 17:51:46 | 000,000,256 | ---- | C] () -- C:\dk2.mem
[2011-08-01 17:50:27 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2011-08-01 16:57:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011-08-01 16:33:23 | 000,002,130 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2011-07-10 18:13:37 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011-07-08 19:55:09 | 000,007,607 | ---- | C] () -- C:\Users\Matthew\AppData\Local\resmon.resmoncfg
[2011-07-08 14:49:51 | 000,008,192 | R--- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011-07-08 12:48:08 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-07-08 12:48:08 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-07-08 12:48:08 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007-04-27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2003-04-09 05:28:44 | 000,233,472 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2003-04-09 05:28:44 | 000,233,472 | R--- | C] () -- C:\Users\Matthew\AppData\Roaming\MafiaSetup.exe
[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\SysWow64\DK2WIN32.DLL

========== LOP Check ==========

[2011-07-13 14:28:51 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\AnvSoft
[2011-07-09 17:46:35 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\AVG10
[2011-08-14 17:31:06 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\BitTorrent
[2011-07-10 18:06:44 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\DAEMON Tools Lite
[2011-08-12 21:43:22 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\gtk-2.0
[2011-08-08 16:16:15 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\IObit
[2011-08-09 12:50:59 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\MAGIX
[2011-07-15 12:33:15 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\My Battle for Middle-earth™ II Files
[2011-08-10 10:20:55 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\OpenCandy
[2011-08-01 16:57:39 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\PC Suite
[2011-08-04 16:22:48 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\PunkBuster
[2011-07-08 15:20:06 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\Virtual Desktop Manager
[2011-08-13 12:04:42 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\WhiteSmoke
[2011-08-09 20:28:23 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\WNR
[2009-07-14 07:08:49 | 000,028,390 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >





OTL Extras logfile created on: 2011-08-14 17:29:13 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Matthew\Downloads
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,91 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,09% Memory free
7,83 Gb Paging File | 5,95 Gb Available in Paging File | 76,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 115,57 Gb Free Space | 25,91% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 19,44 Gb Free Space | 99,54% Space Free | Partition Type: NTFS

Computer Name: MATTHEW-LAPTOP | User Name: Matthew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{1CDE9DB9-7D47-46F8-83DC-9DD9899BBBFC}" = Topaz ReMask 3 (64-bit)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{66C10F29-31F0-4A9B-B2CF-465F488AE086}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.3
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A22BB575-BA48-4A54-89BD-B5B56C57023C}" = Topaz Adjust 4 (64-bit)
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 275.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 275.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver
"{F3C66EC8-2F33-452D-9CFF-E8C886B3ECC4}" = PC Sound
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Airytec Switch Off" = Airytec Switch Off
"CNXT_AUDIO_HDA" = Conexant HD Audio
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW® Graphics Suite X5
"{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)
"{0777E8B0-0BC4-4802-A6AA-0992716C78FD}" = Topaz Adjust 4
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24047BE4-329D-46F7-9689-8684C7A1CFBB}" = PHotkey
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications ® Core
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth ™ II
"{2EF34761-F147-4984-8AF1-BB9F8DA76CDD}_is1" = Star wars Battlefront II version 1.3
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47F6627C-61DD-4191-91C3-2E4077EE7B1F}" = MAGIX Music Maker 17 Premium Download Version
"{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}" = Alcor Micro USB Card Reader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5BFF7DE6-C3F0-40F8-AC32-75D628E46C6B}" = XW204E
"{628C3D50-F524-4C49-A958-672CE7953756}" = The Lord of the Rings - Conquest™
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{8117EA22-035F-4880-86AE-AC7C4F1FA3E2}" = Topaz ReMask 3
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}" = Virtual Router v0.9 Beta
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92DA4424-0CFB-44D1-A08B-B63D5D8BEFBC}_is1" = Phoenix Service Software 2010.8.4.41526
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A89DEBCA-F743-3412-97F6-B2E489194551}" = Google Talk Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B39AA98E-C966-46C9-ACA2-D2586E300988}" = WinFlash
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B69F28DF-CBB1-41B7-008A-210E4D0518FC}" = Harry Potter and the Order of the Phoenix™
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D560A981-FEB3-42F0-A61A-13E9528E0C51}_is1" = GTR 2 1.0.0.0
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications ® Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{DFDD2913-557D-4EB5-8745-47749E521760}" = MAGIX Screenshare
"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDD41BE8-3FEE-4839-B1D8-8970D24D314D}" = MAGIX Speed burnR (MSI)
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"AmUStor" = Alcor Micro USB Card Reader
"Any Video Converter_is1" = Any Video Converter 3.2.7
"avast" = avast! Internet Security
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CamStudio" = CamStudio
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"DAEMON Tools Lite" = DAEMON Tools Lite
"Game Booster_is1" = Game Booster
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"G'MIC for GIMP_is1" = G'MIC for GIMP version 1.5.0.0
"HotspotShield" = Hotspot Shield 2.06
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"Mafia" = Mafia
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium Download Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"MobileForces" = Mobile Forces
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Smart Defrag 2_is1" = Smart Defrag 2
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
"Topaz ReMask 3" = Topaz ReMask 3
"Topaz ReMask 3 (64-bit)" = Topaz ReMask 3 (64-bit)
"WinGimp-2.0_is1" = GIMP 2.6.11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Identity Cloaker" = Identity Cloaker

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2011-08-10 16:23:17 | Computer Name = Matthew-Laptop | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "C:\Bittorent\avast! Internet
Security v6.0.1203 Final + Working License [loco]\setup_ais.exe".Error in manifest
or policy file "C:\Bittorent\avast! Internet Security v6.0.1203 Final + Working
License [loco]\setup_ais.exe" on line 0. Invalid Xml syntax.

Error - 2011-08-10 16:34:25 | Computer Name = Matthew-Laptop | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "C:\Bittorent\avast! Internet
Security v6.0.1203 Final + Working License [loco]\setup_ais.exe".Error in manifest
or policy file "C:\Bittorent\avast! Internet Security v6.0.1203 Final + Working
License [loco]\setup_ais.exe" on line 0. Invalid Xml syntax.

Error - 2011-08-11 05:20:44 | Computer Name = Matthew-Laptop | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "C:\Bittorent\avast! Internet
Security v6.0.1203 Final + Working License [loco]\setup_ais.exe".Error in manifest
or policy file "C:\Bittorent\avast! Internet Security v6.0.1203 Final + Working
License [loco]\setup_ais.exe" on line 0. Invalid Xml syntax.

Error - 2011-08-11 08:33:51 | Computer Name = Matthew-Laptop | Source = VSS | ID = 8194
Description =

Error - 2011-08-13 06:01:28 | Computer Name = Matthew-Laptop | Source = VSS | ID = 8194
Description =

Error - 2011-08-14 04:26:16 | Computer Name = Matthew-Laptop | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "C:\Bittorent\avast! Internet
Security v6.0.1203 Final + Working License [loco]\setup_ais.exe".Error in manifest
or policy file "C:\Bittorent\avast! Internet Security v6.0.1203 Final + Working
License [loco]\setup_ais.exe" on line 0. Invalid Xml syntax.

Error - 2011-08-14 04:26:25 | Computer Name = Matthew-Laptop | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "C:\Bittorent\avast! Internet
Security v6.0.1203 Final + Working License [loco]\setup_ais.exe".Error in manifest
or policy file "C:\Bittorent\avast! Internet Security v6.0.1203 Final + Working
License [loco]\setup_ais.exe" on line 0. Invalid Xml syntax.

Error - 2011-08-14 04:26:27 | Computer Name = Matthew-Laptop | Source = SideBySide | ID = 16842811
Description = Activation context generation failed for "C:\Bittorent\avast! Internet
Security v6.0.1203 Final + Working License [loco]\setup_ais.exe".Error in manifest
or policy file "C:\Bittorent\avast! Internet Security v6.0.1203 Final + Working
License [loco]\setup_ais.exe" on line 0. Invalid Xml syntax.

Error - 2011-08-14 11:09:01 | Computer Name = Matthew-Laptop | Source = Application Error | ID = 1000
Description = Faulting application name: QuestViewer.exe, version: 0.0.0.0, time
stamp: 0x462c939e Faulting module name: ntdll.dll, version: 6.1.7601.17514, time
stamp: 0x4ce7ba58 Exception code: 0xc0000005 Fault offset: 0x000222c2 Faulting process
id: 0xf44 Faulting application start time: 0x01cc5a910fe8d1e5 Faulting application
path: C:\Program Files II\Audiosurf - Portable & Steamless\Audiosurf - Portable
& Steamless\engine\QuestViewer.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report
Id: 571dd9b4-c687-11e0-ba4d-e0699541a433

Error - 2011-08-14 11:10:33 | Computer Name = Matthew-Laptop | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.26.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 37c Start Time:
01cc5a94365df190 Termination Time: 16 Application Path: C:\Users\Matthew\Downloads\OTL.exe

Report
Id:

[ System Events ]
Error - 2011-08-11 08:19:01 | Computer Name = Matthew-Laptop | Source = DCOM | ID = 10005
Description =

Error - 2011-08-11 11:00:43 | Computer Name = Matthew-Laptop | Source = Service Control Manager | ID = 7034
Description = The Advanced SystemCare Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2011-08-11 15:05:50 | Computer Name = Matthew-Laptop | Source = EventLog | ID = 6008
Description = The previous system shutdown at 21:03:14 on ?2011-?08-?11 was unexpected.

Error - 2011-08-12 11:00:16 | Computer Name = Matthew-Laptop | Source = Service Control Manager | ID = 7034
Description = The Advanced SystemCare Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2011-08-13 05:08:17 | Computer Name = Matthew-Laptop | Source = Service Control Manager | ID = 7034
Description = The Hotspot Shield Routing Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2011-08-13 05:08:26 | Computer Name = Matthew-Laptop | Source = Service Control Manager | ID = 7034
Description = The Hotspot Shield Monitoring Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2011-08-13 05:16:29 | Computer Name = Matthew-Laptop | Source = Service Control Manager | ID = 7030
Description = The Hotspot Shield Service service is marked as an interactive service.
However, the system is configured to not allow interactive services. This service
may not function properly.

Error - 2011-08-13 11:00:19 | Computer Name = Matthew-Laptop | Source = Service Control Manager | ID = 7034
Description = The Advanced SystemCare Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2011-08-14 02:32:40 | Computer Name = Matthew-Laptop | Source = bowser | ID = 8003
Description =

Error - 2011-08-14 11:00:20 | Computer Name = Matthew-Laptop | Source = Service Control Manager | ID = 7034
Description = The Advanced SystemCare Service service terminated unexpectedly.
It has done this 1 time(s).


< End of report >
  • 0

#4
Essexboy
Posted 14 August 2011 - 09:56 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK a question - when you ran OTL did Avast offer to sandbox it ? If so the answer should be run normally

Could you re-run the fix again please but this time do not allow Avast to sandbox OTL
  • 0

#5
Comkrin
Posted 14 August 2011 - 11:02 AM

Comkrin

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Thanks, I didn't sandbox it but I pressed the wrong button (sorry). After doing it properly and after a reboot I checked and the iexplore's had gone. Thank you Very much :)

This log came up when my laptop came back on:


All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{12a9db21-42a2-492d-a85c-cdde0c88b608} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12a9db21-42a2-492d-a85c-cdde0c88b608}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{167d9323-f7cc-48f5-948a-6f012831a69f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{167d9323-f7cc-48f5-948a-6f012831a69f}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\1 deleted successfully.
C:\Users\Matthew\AppData\Local\Temp\wmplog05.sqv moved successfully.
C:\Program Files (x86)\Hotspot Shield\update folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\log\verify folder moved successfully.
Folder move failed. C:\Program Files (x86)\Hotspot Shield\log scheduled to be moved on reboot.
C:\Program Files (x86)\Hotspot Shield\htdocs folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\HssWPR folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\hsswd\default folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\hsswd\config folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\hsswd folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\HssIE folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\HssFF folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\driver folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\config\hss_data folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\config folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\bin\lang folder moved successfully.
C:\Program Files (x86)\Hotspot Shield\bin folder moved successfully.
Folder move failed. C:\Program Files (x86)\Hotspot Shield scheduled to be moved on reboot.
C:\Users\Matthew\AppData\Local\OpenCandy folder moved successfully.
C:\Users\Matthew\AppData\Roaming\OpenCandy\OpenCandy_F69A86BC2A4B4B7AACD69C0D0CF8E89D folder moved successfully.
C:\Users\Matthew\AppData\Roaming\OpenCandy folder moved successfully.
C:\Users\Matthew\AppData\Roaming\WhiteSmoke folder moved successfully.
C:\Hotspot Shield\hsswd\config folder moved successfully.
C:\Hotspot Shield\hsswd folder moved successfully.
C:\Hotspot Shield\hsspx\hsspxie folder moved successfully.
C:\Hotspot Shield\hsspx\hsspxff folder moved successfully.
C:\Hotspot Shield\hsspx folder moved successfully.
Folder move failed. C:\Hotspot Shield scheduled to be moved on reboot.
C:\Users\Public\Desktop\Hotspot Shield Launch.lnk moved successfully.
Folder C:\Users\Matthew\AppData\Roaming\WhiteSmoke\ not found.
Folder C:\Users\Matthew\AppData\Roaming\OpenCandy\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Matthew\Desktop\cmd.bat deleted successfully.
C:\Users\Matthew\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Matthew
->Temp folder emptied: 389050219 bytes
->Temporary Internet Files folder emptied: 88291700 bytes
->Java cache emptied: 43543 bytes
->Google Chrome cache emptied: 376227362 bytes
->Flash cache emptied: 6171 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1618992 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8660726 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 420131 bytes
RecycleBin emptied: 38346106 bytes

Total Files Cleaned = 861,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Matthew
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.26.1 log created on 08142011_184700

Files\Folders moved on Reboot...
C:\Program Files (x86)\Hotspot Shield\log folder moved successfully.
C:\Program Files (x86)\Hotspot Shield folder moved successfully.
C:\Hotspot Shield\hsswd folder moved successfully.
C:\Hotspot Shield folder moved successfully.
C:\Users\Matthew\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Matthew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E31UQQ26\sess[1].htm moved successfully.
File\Folder C:\Users\Matthew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E31UQQ26\swap[2].htm not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...


and the new log:


OTL logfile created on: 2011-08-14 18:55:33 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Matthew\Desktop
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,91 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 61,84% Memory free
7,83 Gb Paging File | 6,29 Gb Available in Paging File | 80,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 115,96 Gb Free Space | 25,99% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 19,44 Gb Free Space | 99,54% Space Free | Partition Type: NTFS

Computer Name: MATTHEW-LAPTOP | User Name: Matthew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-08-14 18:45:02 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Desktop\OTL.exe
PRC - [2011-08-14 18:19:27 | 000,402,808 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files II\BitTorrent\BitTorrent.exe
PRC - [2011-08-04 16:22:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files II\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\afwServ.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-06-15 13:11:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-04-22 15:08:52 | 000,352,656 | ---- | M] (IObit) -- C:\Program Files II\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files II\DAEMON Tools Lite\DTLite.exe
PRC - [2011-01-13 19:34:30 | 000,814,088 | R--- | M] (Pegatron Corporation) -- C:\Program Files (x86)\PHotkey\PHotkey.exe
PRC - [2011-01-13 19:34:20 | 004,243,976 | R--- | M] (Pegatron Corporation) -- C:\Program Files (x86)\PHotkey\MsOsd.exe
PRC - [2010-12-10 12:19:36 | 000,117,256 | R--- | M] () -- C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
PRC - [2010-12-10 12:19:36 | 000,104,968 | R--- | M] () -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
PRC - [2010-10-05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.EXE
PRC - [2010-10-05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.EXE
PRC - [2010-04-27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (SafeList) ==========

MOD - [2011-08-14 18:45:02 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Desktop\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\snxhk.dll
MOD - [2011-06-15 13:11:00 | 000,231,528 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll
MOD - [2011-06-15 13:11:00 | 000,224,360 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll
MOD - [2011-06-15 13:11:00 | 000,200,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll
MOD - [2011-06-15 13:11:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-12-17 10:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-08-04 16:22:50 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files II\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files II\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files II\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-06-15 13:11:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files II\Airytec\Switch Off\swoff.exe -- (SwOffWeb)
SRV - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files II\Airytec\Switch Off\swoff.exe -- (SwOffScheduler)
SRV - [2011-04-22 15:08:52 | 000,352,656 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files II\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010-12-10 12:19:36 | 000,159,752 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv)
SRV - [2010-12-10 12:19:36 | 000,104,968 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2010-10-20 11:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-10-05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010-10-05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.EXE -- (LMS) Intel®
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-11-18 13:40:26 | 000,012,288 | ---- | M] (Chris Pietschmann (http://pietschsoft.com)) [Auto | Running] -- C:\Program Files II\Virtual Router\VirtualRouterService.exe -- (Virtual Router)
SRV - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011-07-10 18:05:03 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011-07-09 12:36:48 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011-07-06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011-06-15 13:11:00 | 000,027,240 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011-05-25 01:40:10 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2011-02-23 14:34:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2011-01-28 03:44:24 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010-12-16 11:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010-12-02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010-12-02 10:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010-12-02 10:36:40 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-08 08:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2010-11-08 06:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010-10-14 18:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010-09-21 03:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010-07-30 10:49:46 | 002,485,760 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010-07-27 03:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010-07-27 03:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010-12-10 12:19:36 | 000,014,344 | R--- | M] (PEGATRON) [Kernel | Auto | Running] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN)
DRV - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)


[2011-08-10 10:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthew\AppData\Roaming\Mozilla\Extensions

O1 HOSTS File: ([2011-08-14 18:47:09 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [avast] C:\Program Files II\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files II\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files II\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files II\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1 193.0.71.133
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4b708a17-ab04-11e0-84a2-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{4b708a17-ab04-11e0-84a2-e0699541a433}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{63270feb-aa29-11e0-a799-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{63270feb-aa29-11e0-a799-e0699541a433}\Shell\AutoRun\command - "" = H:\m.exe
O33 - MountPoints2\{f57c141d-aa14-11e0-9754-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{f57c141d-aa14-11e0-9754-e0699541a433}\Shell\AutoRun\command - "" = F:\MLLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-08-14 18:47:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-08-14 18:45:11 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Matthew\Desktop\OTL.exe
[2011-08-14 18:19:00 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\BitTorrent
[2011-08-14 14:52:37 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\NVIDIA
[2011-08-13 19:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star wars Battlefront II
[2011-08-13 14:12:19 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\Photoshop Brushes
[2011-08-13 11:53:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\antiphishing-webblog1_1dn
[2011-08-13 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Identity Cloaker
[2011-08-13 11:45:50 | 000,000,000 | ---D | C] -- C:\Identity Cloaker
[2011-08-13 11:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2011-08-13 11:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
[2011-08-12 23:06:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Microsoft_Research
[2011-08-12 23:02:26 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\WWT Collections
[2011-08-12 22:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011-08-12 22:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011-08-10 22:50:54 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Malwarebytes
[2011-08-10 22:50:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-08-10 22:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-08-10 22:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-08-10 22:50:43 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011-08-10 21:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2011-08-10 20:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011-08-10 20:34:20 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011-08-10 20:34:19 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011-08-10 20:34:15 | 000,129,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2011-08-10 20:32:19 | 000,257,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2011-08-10 20:32:18 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011-08-10 20:32:16 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011-08-10 20:32:13 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011-08-10 20:32:10 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011-08-10 20:32:08 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011-08-10 20:31:48 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2011-08-10 17:49:12 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadwh.sys
[2011-08-10 17:49:11 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadcm.sys
[2011-08-10 17:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2011-08-10 16:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4
[2011-08-10 13:58:25 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\VS Revo Group
[2011-08-10 13:58:19 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2011-08-10 13:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2011-08-10 13:39:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\FreeCause
[2011-08-10 13:39:38 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Conduit
[2011-08-10 10:00:13 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Mozilla
[2011-08-09 20:47:54 | 000,424,296 | ---- | C] (Hide My IP) -- C:\Windows\SysNative\HMIPCore64.dll
[2011-08-09 20:47:52 | 000,330,600 | ---- | C] (Hide My IP) -- C:\Windows\SysWow64\HMIPCore.dll
[2011-08-09 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\WNR
[2011-08-09 20:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011-08-09 18:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2011-08-09 14:12:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2011-08-09 13:48:48 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\GPUMonitor
[2011-08-09 13:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011-08-09 13:00:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX_Music_Maker_17_Premium_Download_Version
[2011-08-09 13:00:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX downloads
[2011-08-09 12:51:10 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX_MusicEditor
[2011-08-09 12:50:59 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\MAGIX
[2011-08-09 12:49:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX_Music_Maker_17_Premium_Download_Version
[2011-08-09 12:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2011-08-09 12:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2011-08-09 12:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011-08-09 12:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2011-08-08 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\My Palettes
[2011-08-08 21:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2011-08-08 21:56:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Corel
[2011-08-08 21:53:39 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Corel
[2011-08-08 21:53:25 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Visual Studio 2008
[2011-08-08 21:53:18 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Microsoft Help
[2011-08-08 21:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2011-08-08 21:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2011-08-08 21:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011-08-08 21:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gs
[2011-08-08 21:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011-08-08 21:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2011-08-08 21:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011-08-08 21:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
[2011-08-07 22:00:20 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\FSW7AGST
[2011-08-05 13:35:45 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011-08-04 16:22:48 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\PunkBuster
[2011-08-04 16:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011-08-04 12:37:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
[2011-08-04 12:36:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
[2011-08-04 12:36:07 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\PackageAware
[2011-08-03 23:28:46 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\CrashRpt
[2011-08-03 23:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2011-08-03 22:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2011-08-03 22:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011-08-03 22:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011-08-03 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011-08-03 13:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011-08-03 13:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2011-08-03 13:05:18 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\My Games
[2011-08-03 12:55:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011-08-03 12:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011-08-03 12:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011-08-03 12:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
[2011-08-03 12:51:15 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2011-08-03 12:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2011-08-03 12:51:13 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011-08-03 12:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011-08-03 12:51:12 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011-08-03 12:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2011-08-02 21:43:29 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Chris_Pietschmann_(http__
[2011-08-02 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
[2011-08-02 19:46:14 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-08-02 18:38:52 | 000,000,000 | RH-D | C] -- C:\Users\Matthew\AppData\Roaming\SecuROM
[2011-08-02 18:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
[2011-08-02 16:02:34 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\City of Lost Dreams Mod 1.1
[2011-08-02 16:02:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City of Lost Dreams Mod 1.1
[2011-08-01 20:11:53 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Activision
[2011-08-01 20:08:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011-08-01 20:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011-08-01 17:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011-08-01 17:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoenix
[2011-08-01 16:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011-08-01 16:57:39 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\PC Suite
[2011-08-01 16:39:26 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\Nokia x2
[2011-08-01 16:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2011-08-01 16:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011-08-01 16:34:44 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2011-08-01 16:34:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011-08-01 16:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011-08-01 16:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011-08-01 16:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2011-08-01 16:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2011-08-01 16:31:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2011-08-01 15:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-08-01 12:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2011-08-01 10:47:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011-08-01 10:44:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011-07-15 23:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011-07-15 23:01:07 | 000,000,000 | ---D | C] -- C:\ec4d08134c138221293c870033
[2011-07-15 21:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0

========== Files - Modified Within 30 Days ==========

[2011-08-14 18:58:23 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-08-14 18:58:23 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-08-14 18:50:51 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-14 18:50:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-08-14 18:47:09 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011-08-14 18:45:02 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Desktop\OTL.exe
[2011-08-14 18:19:27 | 000,000,779 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2011-08-14 18:19:27 | 000,000,755 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011-08-14 18:03:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-736223655-864630041-865155394-1000UA.job
[2011-08-14 18:03:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-14 15:02:59 | 000,001,388 | ---- | M] () -- C:\Users\Matthew\Desktop\GpuCapsViewer - Shortcut.lnk
[2011-08-14 14:46:42 | 000,391,211 | ---- | M] () -- C:\Users\Matthew\Desktop\3870.jpg
[2011-08-14 11:22:34 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-08-14 11:22:34 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-08-14 11:22:34 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-08-13 22:03:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-736223655-864630041-865155394-1000Core.job
[2011-08-13 20:54:07 | 008,210,693 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.psd
[2011-08-13 20:50:30 | 000,086,844 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.jpg
[2011-08-13 20:49:55 | 000,000,132 | ---- | M] () -- C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-08-13 20:49:42 | 008,209,833 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.xcf
[2011-08-13 20:25:02 | 000,239,055 | ---- | M] () -- C:\Users\Matthew\Desktop\warrior_of_eclipse_by_newmand-d3kv3a8.jpg
[2011-08-13 20:05:56 | 000,000,412 | ---- | M] () -- C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
[2011-08-13 19:55:03 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\Star wars Battlefront II.lnk
[2011-08-13 18:23:35 | 000,105,943 | ---- | M] () -- C:\Users\Matthew\Desktop\firstPhotoshop.png
[2011-08-13 18:23:35 | 000,035,356 | ---- | M] () -- C:\Users\Matthew\.recently-used.xbel
[2011-08-13 17:56:10 | 008,615,105 | ---- | M] () -- C:\Users\Matthew\Desktop\first.psd
[2011-08-13 14:31:24 | 001,758,622 | ---- | M] () -- C:\Users\Matthew\Desktop\halflife2render.png
[2011-08-13 11:45:51 | 000,000,631 | ---- | M] () -- C:\Users\Matthew\Desktop\Identity Cloaker.lnk
[2011-08-13 11:05:55 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2011-08-13 10:28:03 | 001,663,882 | ---- | M] () -- C:\Users\Matthew\Desktop\bioshockr_1.png
[2011-08-12 22:56:43 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\Airytec Switch Off.lnk
[2011-08-12 22:50:02 | 000,002,280 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011-08-12 20:36:56 | 000,862,483 | ---- | M] () -- C:\Users\Matthew\Desktop\4781_render_Renders_devil_may_cry.png
[2011-08-12 13:20:58 | 000,731,536 | ---- | M] () -- C:\Users\Matthew\Desktop\hitman1.png
[2011-08-11 19:23:12 | 000,647,127 | ---- | M] () -- C:\Users\Matthew\Desktop\dame_en_noir.png
[2011-08-11 19:20:13 | 000,039,538 | ---- | M] () -- C:\Users\Matthew\Desktop\thumb-74381.jpg
[2011-08-11 19:19:25 | 000,047,656 | ---- | M] () -- C:\Users\Matthew\Desktop\dark_side_of_nyan_wallpaper_by_davidwoodfx-d3l3h5y.png
[2011-08-11 15:25:16 | 001,519,212 | ---- | M] () -- C:\Users\Matthew\Desktop\98546.jpg
[2011-08-10 22:50:48 | 000,000,895 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-08-10 21:50:33 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-08-10 21:50:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011-08-10 21:46:18 | 000,001,725 | ---- | M] () -- C:\Users\Matthew\Desktop\Avast Internet Security lic.avastlic
[2011-08-10 20:52:08 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2011-08-10 19:44:58 | 000,007,607 | ---- | M] () -- C:\Users\Matthew\AppData\Local\resmon.resmoncfg
[2011-08-10 16:59:40 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011-08-10 16:59:38 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011-08-10 13:58:20 | 000,001,082 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011-08-10 13:58:20 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011-08-10 13:41:24 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2011-08-10 10:05:24 | 000,002,365 | ---- | M] () -- C:\Users\Matthew\Desktop\Google Chrome.lnk
[2011-08-09 19:49:02 | 000,001,509 | ---- | M] () -- C:\Users\Matthew\Desktop\VideoConverter - Shortcut.lnk
[2011-08-09 18:44:24 | 000,001,022 | ---- | M] () -- C:\Users\Matthew\Desktop\Any Video Converter.lnk
[2011-08-09 16:14:26 | 000,052,991 | ---- | M] () -- C:\Users\Matthew\Desktop\1440-900-104848.jpg
[2011-08-09 16:06:35 | 000,000,574 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011-08-09 13:34:54 | 005,129,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-08-09 12:50:23 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download Version.lnk
[2011-08-08 21:50:42 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2011-08-08 21:49:21 | 000,002,823 | ---- | M] () -- C:\Users\Public\Desktop\Video Tutorials.lnk
[2011-08-08 21:49:17 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Corel CONNECT.lnk
[2011-08-08 21:49:10 | 000,002,627 | ---- | M] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2011-08-08 21:49:02 | 000,002,635 | ---- | M] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2011-08-08 21:48:44 | 000,002,619 | ---- | M] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2011-08-08 16:00:59 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2011-08-08 16:00:59 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2011-08-05 13:19:57 | 000,001,433 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011-08-04 18:30:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-08-04 18:30:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011-08-04 17:18:15 | 000,001,707 | ---- | M] () -- C:\Users\Matthew\Desktop\AssassinsCreedBrotherhood - Shortcut.lnk
[2011-08-04 16:23:06 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-08-04 16:22:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-08-03 23:19:37 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2011-08-03 20:50:57 | 000,000,909 | ---- | M] () -- C:\Users\Matthew\Desktop\C4D - Shortcut (2).lnk
[2011-08-03 20:38:27 | 000,001,345 | ---- | M] () -- C:\Users\Matthew\Desktop\VirtualRouterClient - Shortcut.lnk
[2011-08-03 19:10:00 | 000,001,046 | ---- | M] () -- C:\Users\Matthew\Desktop\Any Video Converter (2).lnk
[2011-08-03 13:04:57 | 000,001,571 | ---- | M] () -- C:\Users\Matthew\Desktop\dirt3 - Shortcut.lnk
[2011-08-03 12:51:13 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011-08-03 12:51:12 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011-08-03 12:35:18 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011-08-02 21:35:16 | 088,192,105 | ---- | M] () -- C:\Users\Matthew\Documents\YELLE - Safari Disco Club.mp4
[2011-08-02 19:46:20 | 000,000,766 | ---- | M] () -- C:\Users\Matthew\Desktop\Mafia.lnk
[2011-08-02 19:24:22 | 000,001,143 | ---- | M] () -- C:\Users\Matthew\Desktop\MafiaCon - Shortcut.lnk
[2011-08-02 18:38:24 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2011-08-02 16:02:34 | 000,001,622 | ---- | M] () -- C:\Users\Matthew\Desktop\CoLD Mod.lnk
[2011-08-02 15:53:24 | 001,059,840 | ---- | M] () -- C:\VirtualRouterInstaller.msi
[2011-08-01 23:27:54 | 000,000,702 | ---- | M] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut (2).lnk
[2011-08-01 23:24:37 | 000,029,074 | ---- | M] () -- C:\Users\Matthew\Desktop\energy-report.html
[2011-08-01 22:45:53 | 000,001,040 | ---- | M] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut.lnk
[2011-08-01 20:06:49 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011-08-01 20:06:49 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-08-01 18:38:28 | 000,000,773 | ---- | M] () -- C:\Users\Matthew\Desktop\MafiaDataXTractor - Shortcut.lnk
[2011-08-01 17:51:46 | 000,000,256 | ---- | M] () -- C:\dk2.mem
[2011-08-01 17:50:27 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2011-08-01 16:57:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011-08-01 16:33:23 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk

========== Files Created - No Company Name ==========

[2011-08-14 18:19:27 | 000,000,779 | ---- | C] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2011-08-14 18:19:27 | 000,000,755 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011-08-14 15:02:59 | 000,001,388 | ---- | C] () -- C:\Users\Matthew\Desktop\GpuCapsViewer - Shortcut.lnk
[2011-08-14 14:46:45 | 000,391,211 | ---- | C] () -- C:\Users\Matthew\Desktop\3870.jpg
[2011-08-13 20:54:05 | 008,210,693 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.psd
[2011-08-13 20:50:30 | 000,086,844 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.jpg
[2011-08-13 20:49:55 | 000,000,132 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-08-13 20:49:39 | 008,209,833 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.xcf
[2011-08-13 20:25:05 | 000,239,055 | ---- | C] () -- C:\Users\Matthew\Desktop\warrior_of_eclipse_by_newmand-d3kv3a8.jpg
[2011-08-13 19:58:38 | 000,000,412 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
[2011-08-13 19:55:03 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\Star wars Battlefront II.lnk
[2011-08-13 18:23:35 | 000,035,356 | ---- | C] () -- C:\Users\Matthew\.recently-used.xbel
[2011-08-13 17:56:17 | 000,105,943 | ---- | C] () -- C:\Users\Matthew\Desktop\firstPhotoshop.png
[2011-08-13 17:48:36 | 008,615,105 | ---- | C] () -- C:\Users\Matthew\Desktop\first.psd
[2011-08-13 14:31:29 | 001,758,622 | ---- | C] () -- C:\Users\Matthew\Desktop\halflife2render.png
[2011-08-13 11:45:51 | 000,000,631 | ---- | C] () -- C:\Users\Matthew\Desktop\Identity Cloaker.lnk
[2011-08-13 11:05:55 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2011-08-13 10:28:08 | 001,663,882 | ---- | C] () -- C:\Users\Matthew\Desktop\bioshockr_1.png
[2011-08-12 22:56:43 | 000,000,938 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airytec Switch Off.lnk
[2011-08-12 22:56:43 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\Airytec Switch Off.lnk
[2011-08-12 22:50:02 | 000,002,280 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011-08-12 22:47:28 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-12 22:47:24 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-12 20:37:01 | 000,862,483 | ---- | C] () -- C:\Users\Matthew\Desktop\4781_render_Renders_devil_may_cry.png
[2011-08-12 13:21:09 | 000,731,536 | ---- | C] () -- C:\Users\Matthew\Desktop\hitman1.png
[2011-08-11 19:23:15 | 000,647,127 | ---- | C] () -- C:\Users\Matthew\Desktop\dame_en_noir.png
[2011-08-11 19:20:16 | 000,039,538 | ---- | C] () -- C:\Users\Matthew\Desktop\thumb-74381.jpg
[2011-08-11 19:19:29 | 000,047,656 | ---- | C] () -- C:\Users\Matthew\Desktop\dark_side_of_nyan_wallpaper_by_davidwoodfx-d3l3h5y.png
[2011-08-11 15:25:23 | 001,519,212 | ---- | C] () -- C:\Users\Matthew\Desktop\98546.jpg
[2011-08-10 22:50:48 | 000,000,895 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-08-10 21:46:18 | 000,001,725 | ---- | C] () -- C:\Users\Matthew\Desktop\Avast Internet Security lic.avastlic
[2011-08-10 20:34:22 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-08-10 16:59:40 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011-08-10 16:59:38 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011-08-10 13:58:20 | 000,001,082 | ---- | C] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011-08-10 13:58:20 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011-08-10 13:37:33 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011-08-09 19:49:02 | 000,001,509 | ---- | C] () -- C:\Users\Matthew\Desktop\VideoConverter - Shortcut.lnk
[2011-08-09 18:44:24 | 000,001,022 | ---- | C] () -- C:\Users\Matthew\Desktop\Any Video Converter.lnk
[2011-08-09 16:14:35 | 000,052,991 | ---- | C] () -- C:\Users\Matthew\Desktop\1440-900-104848.jpg
[2011-08-09 12:50:23 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download Version.lnk
[2011-08-08 21:55:50 | 000,002,823 | ---- | C] () -- C:\Users\Public\Desktop\Video Tutorials.lnk
[2011-08-08 21:55:50 | 000,002,635 | ---- | C] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2011-08-08 21:55:50 | 000,002,627 | ---- | C] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2011-08-08 21:55:50 | 000,002,619 | ---- | C] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2011-08-08 21:55:50 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Corel CONNECT.lnk
[2011-08-08 21:55:50 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2011-08-04 18:30:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-08-04 18:30:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011-08-04 17:18:15 | 000,001,707 | ---- | C] () -- C:\Users\Matthew\Desktop\AssassinsCreedBrotherhood - Shortcut.lnk
[2011-08-04 16:23:06 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-08-04 16:22:50 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-08-03 23:19:37 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2011-08-03 20:50:57 | 000,000,909 | ---- | C] () -- C:\Users\Matthew\Desktop\C4D - Shortcut (2).lnk
[2011-08-03 20:38:27 | 000,001,345 | ---- | C] () -- C:\Users\Matthew\Desktop\VirtualRouterClient - Shortcut.lnk
[2011-08-03 19:10:00 | 000,001,046 | ---- | C] () -- C:\Users\Matthew\Desktop\Any Video Converter (2).lnk
[2011-08-03 13:04:57 | 000,001,571 | ---- | C] () -- C:\Users\Matthew\Desktop\dirt3 - Shortcut.lnk
[2011-08-03 12:54:47 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011-08-02 21:41:08 | 001,059,840 | ---- | C] () -- C:\VirtualRouterInstaller.msi
[2011-08-02 21:31:24 | 088,192,105 | ---- | C] () -- C:\Users\Matthew\Documents\YELLE - Safari Disco Club.mp4
[2011-08-02 19:46:20 | 000,000,766 | ---- | C] () -- C:\Users\Matthew\Desktop\Mafia.lnk
[2011-08-02 19:24:22 | 000,001,143 | ---- | C] () -- C:\Users\Matthew\Desktop\MafiaCon - Shortcut.lnk
[2011-08-02 18:38:24 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2011-08-02 16:02:34 | 000,001,622 | ---- | C] () -- C:\Users\Matthew\Desktop\CoLD Mod.lnk
[2011-08-01 23:27:54 | 000,000,702 | ---- | C] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut (2).lnk
[2011-08-01 23:24:37 | 000,029,074 | ---- | C] () -- C:\Users\Matthew\Desktop\energy-report.html
[2011-08-01 22:45:53 | 000,001,040 | ---- | C] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut.lnk
[2011-08-01 20:06:49 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011-08-01 20:06:49 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-08-01 18:38:28 | 000,000,773 | ---- | C] () -- C:\Users\Matthew\Desktop\MafiaDataXTractor - Shortcut.lnk
[2011-08-01 17:51:46 | 000,000,256 | ---- | C] () -- C:\dk2.mem
[2011-08-01 17:50:27 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2011-08-01 16:57:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011-08-01 16:33:23 | 000,002,130 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2011-07-10 18:13:37 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011-07-08 19:55:09 | 000,007,607 | ---- | C] () -- C:\Users\Matthew\AppData\Local\resmon.resmoncfg
[2011-07-08 14:49:51 | 000,008,192 | R--- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011-07-08 12:48:08 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-07-08 12:48:08 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-07-08 12:48:08 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007-04-27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2003-04-09 05:28:44 | 000,233,472 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2003-04-09 05:28:44 | 000,233,472 | R--- | C] () -- C:\Users\Matthew\AppData\Roaming\MafiaSetup.exe
[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\SysWow64\DK2WIN32.DLL

========== LOP Check ==========

[2011-07-13 14:28:51 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\AnvSoft
[2011-07-09 17:46:35 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\AVG10
[2011-08-14 18:58:48 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\BitTorrent
[2011-07-10 18:06:44 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\DAEMON Tools Lite
[2011-08-12 21:43:22 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\gtk-2.0
[2011-08-08 16:16:15 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\IObit
[2011-08-09 12:50:59 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\MAGIX
[2011-07-15 12:33:15 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\My Battle for Middle-earth™ II Files
[2011-08-01 16:57:39 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\PC Suite
[2011-08-04 16:22:48 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\PunkBuster
[2011-07-08 15:20:06 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\Virtual Desktop Manager
[2011-08-09 20:28:23 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\WNR
[2009-07-14 07:08:49 | 000,028,886 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >




OTL logfile created on: 2011-08-14 18:55:33 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Matthew\Desktop
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,91 Gb Total Physical Memory | 2,42 Gb Available Physical Memory | 61,84% Memory free
7,83 Gb Paging File | 6,29 Gb Available in Paging File | 80,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 115,96 Gb Free Space | 25,99% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 19,44 Gb Free Space | 99,54% Space Free | Partition Type: NTFS

Computer Name: MATTHEW-LAPTOP | User Name: Matthew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-08-14 18:45:02 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Desktop\OTL.exe
PRC - [2011-08-14 18:19:27 | 000,402,808 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files II\BitTorrent\BitTorrent.exe
PRC - [2011-08-04 16:22:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files II\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\afwServ.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-06-15 13:11:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-04-22 15:08:52 | 000,352,656 | ---- | M] (IObit) -- C:\Program Files II\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files II\DAEMON Tools Lite\DTLite.exe
PRC - [2011-01-13 19:34:30 | 000,814,088 | R--- | M] (Pegatron Corporation) -- C:\Program Files (x86)\PHotkey\PHotkey.exe
PRC - [2011-01-13 19:34:20 | 004,243,976 | R--- | M] (Pegatron Corporation) -- C:\Program Files (x86)\PHotkey\MsOsd.exe
PRC - [2010-12-10 12:19:36 | 000,117,256 | R--- | M] () -- C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
PRC - [2010-12-10 12:19:36 | 000,104,968 | R--- | M] () -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
PRC - [2010-10-05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.EXE
PRC - [2010-10-05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.EXE
PRC - [2010-04-27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (SafeList) ==========

MOD - [2011-08-14 18:45:02 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Desktop\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files II\AVAST Software\Avast\snxhk.dll
MOD - [2011-06-15 13:11:00 | 000,231,528 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll
MOD - [2011-06-15 13:11:00 | 000,224,360 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll
MOD - [2011-06-15 13:11:00 | 000,200,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll
MOD - [2011-06-15 13:11:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-12-17 10:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011-08-04 16:22:50 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-07-06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files II\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files II\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files II\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-06-15 13:11:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files II\Airytec\Switch Off\swoff.exe -- (SwOffWeb)
SRV - [2011-05-28 22:24:32 | 000,173,056 | ---- | M] (Airytec) [Auto | Stopped] -- C:\Program Files II\Airytec\Switch Off\swoff.exe -- (SwOffScheduler)
SRV - [2011-04-22 15:08:52 | 000,352,656 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files II\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010-12-10 12:19:36 | 000,159,752 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv)
SRV - [2010-12-10 12:19:36 | 000,104,968 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2010-10-20 11:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-10-05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010-10-05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.EXE -- (LMS) Intel®
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-11-18 13:40:26 | 000,012,288 | ---- | M] (Chris Pietschmann (http://pietschsoft.com)) [Auto | Running] -- C:\Program Files II\Virtual Router\VirtualRouterService.exe -- (Virtual Router)
SRV - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011-07-10 18:05:03 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011-07-09 12:36:48 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011-07-06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011-06-15 13:11:00 | 000,027,240 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011-05-25 01:40:10 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2011-02-23 14:34:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2011-01-28 03:44:24 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010-12-16 11:39:08 | 012,256,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010-12-02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010-12-02 10:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2010-12-02 10:36:40 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-08 08:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2010-11-08 06:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010-10-14 18:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010-09-21 03:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010-07-30 10:49:46 | 002,485,760 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010-07-27 03:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010-07-27 03:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009-12-30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 02:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008-08-28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV - [2010-12-10 12:19:36 | 000,014,344 | R--- | M] (PEGATRON) [Kernel | Auto | Running] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN)
DRV - [2009-02-24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Matthew\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)


[2011-08-10 10:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthew\AppData\Roaming\Mozilla\Extensions

O1 HOSTS File: ([2011-08-14 18:47:09 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files II\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [avast] C:\Program Files II\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files II\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files II\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files II\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.204.152.34 194.204.159.1 193.0.71.133
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4b708a17-ab04-11e0-84a2-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{4b708a17-ab04-11e0-84a2-e0699541a433}\Shell\AutoRun\command - "" = I:\autorun.exe
O33 - MountPoints2\{63270feb-aa29-11e0-a799-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{63270feb-aa29-11e0-a799-e0699541a433}\Shell\AutoRun\command - "" = H:\m.exe
O33 - MountPoints2\{f57c141d-aa14-11e0-9754-e0699541a433}\Shell - "" = AutoRun
O33 - MountPoints2\{f57c141d-aa14-11e0-9754-e0699541a433}\Shell\AutoRun\command - "" = F:\MLLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-08-14 18:47:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-08-14 18:45:11 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Matthew\Desktop\OTL.exe
[2011-08-14 18:19:00 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\BitTorrent
[2011-08-14 14:52:37 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\NVIDIA
[2011-08-13 19:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star wars Battlefront II
[2011-08-13 14:12:19 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\Photoshop Brushes
[2011-08-13 11:53:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\antiphishing-webblog1_1dn
[2011-08-13 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Identity Cloaker
[2011-08-13 11:45:50 | 000,000,000 | ---D | C] -- C:\Identity Cloaker
[2011-08-13 11:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
[2011-08-13 11:05:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
[2011-08-12 23:06:02 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Microsoft_Research
[2011-08-12 23:02:26 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\WWT Collections
[2011-08-12 22:50:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011-08-12 22:47:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011-08-10 22:50:54 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Malwarebytes
[2011-08-10 22:50:47 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-08-10 22:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011-08-10 22:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011-08-10 22:50:43 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011-08-10 21:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2011-08-10 20:34:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011-08-10 20:34:20 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011-08-10 20:34:19 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011-08-10 20:34:15 | 000,129,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2011-08-10 20:32:19 | 000,257,368 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2011-08-10 20:32:18 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011-08-10 20:32:16 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011-08-10 20:32:13 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011-08-10 20:32:10 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011-08-10 20:32:08 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011-08-10 20:31:48 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2011-08-10 17:49:12 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadwh.sys
[2011-08-10 17:49:11 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadcm.sys
[2011-08-10 17:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2011-08-10 16:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4
[2011-08-10 13:58:25 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\VS Revo Group
[2011-08-10 13:58:19 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2011-08-10 13:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2011-08-10 13:39:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\FreeCause
[2011-08-10 13:39:38 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Conduit
[2011-08-10 10:00:13 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Mozilla
[2011-08-09 20:47:54 | 000,424,296 | ---- | C] (Hide My IP) -- C:\Windows\SysNative\HMIPCore64.dll
[2011-08-09 20:47:52 | 000,330,600 | ---- | C] (Hide My IP) -- C:\Windows\SysWow64\HMIPCore.dll
[2011-08-09 20:28:23 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\WNR
[2011-08-09 20:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011-08-09 18:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
[2011-08-09 14:12:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2011-08-09 13:48:48 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\GPUMonitor
[2011-08-09 13:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011-08-09 13:00:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX_Music_Maker_17_Premium_Download_Version
[2011-08-09 13:00:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX downloads
[2011-08-09 12:51:10 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\MAGIX_MusicEditor
[2011-08-09 12:50:59 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\MAGIX
[2011-08-09 12:49:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX_Music_Maker_17_Premium_Download_Version
[2011-08-09 12:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2011-08-09 12:48:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2011-08-09 12:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011-08-09 12:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2011-08-08 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\My Palettes
[2011-08-08 21:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2011-08-08 21:56:50 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Corel
[2011-08-08 21:53:39 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Corel
[2011-08-08 21:53:25 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\Visual Studio 2008
[2011-08-08 21:53:18 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Microsoft Help
[2011-08-08 21:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2011-08-08 21:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2011-08-08 21:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011-08-08 21:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gs
[2011-08-08 21:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011-08-08 21:50:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2011-08-08 21:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011-08-08 21:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
[2011-08-07 22:00:20 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\FSW7AGST
[2011-08-05 13:35:45 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011-08-04 16:22:48 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\PunkBuster
[2011-08-04 16:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011-08-04 12:37:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
[2011-08-04 12:36:36 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
[2011-08-04 12:36:07 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\PackageAware
[2011-08-03 23:28:46 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\CrashRpt
[2011-08-03 23:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2011-08-03 22:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari
[2011-08-03 22:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011-08-03 22:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011-08-03 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011-08-03 13:05:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011-08-03 13:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2011-08-03 13:05:18 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Documents\My Games
[2011-08-03 12:55:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011-08-03 12:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011-08-03 12:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011-08-03 12:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
[2011-08-03 12:51:15 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2011-08-03 12:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2011-08-03 12:51:13 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011-08-03 12:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011-08-03 12:51:12 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011-08-03 12:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2011-08-02 21:43:29 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Chris_Pietschmann_(http__
[2011-08-02 21:41:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
[2011-08-02 19:46:14 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-08-02 18:38:52 | 000,000,000 | RH-D | C] -- C:\Users\Matthew\AppData\Roaming\SecuROM
[2011-08-02 18:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
[2011-08-02 16:02:34 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\City of Lost Dreams Mod 1.1
[2011-08-02 16:02:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City of Lost Dreams Mod 1.1
[2011-08-01 20:11:53 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Local\Activision
[2011-08-01 20:08:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011-08-01 20:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011-08-01 17:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2011-08-01 17:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoenix
[2011-08-01 16:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011-08-01 16:57:39 | 000,000,000 | ---D | C] -- C:\Users\Matthew\AppData\Roaming\PC Suite
[2011-08-01 16:39:26 | 000,000,000 | ---D | C] -- C:\Users\Matthew\Desktop\Nokia x2
[2011-08-01 16:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2011-08-01 16:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011-08-01 16:34:44 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2011-08-01 16:34:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011-08-01 16:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2011-08-01 16:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011-08-01 16:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2011-08-01 16:33:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2011-08-01 16:31:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2011-08-01 15:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
[2011-08-01 12:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2011-08-01 10:47:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011-08-01 10:44:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011-07-15 23:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011-07-15 23:01:07 | 000,000,000 | ---D | C] -- C:\ec4d08134c138221293c870033
[2011-07-15 21:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0

========== Files - Modified Within 30 Days ==========

[2011-08-14 18:58:23 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-08-14 18:58:23 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-08-14 18:50:51 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-14 18:50:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-08-14 18:47:09 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011-08-14 18:45:02 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthew\Desktop\OTL.exe
[2011-08-14 18:19:27 | 000,000,779 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2011-08-14 18:19:27 | 000,000,755 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011-08-14 18:03:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-736223655-864630041-865155394-1000UA.job
[2011-08-14 18:03:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-14 15:02:59 | 000,001,388 | ---- | M] () -- C:\Users\Matthew\Desktop\GpuCapsViewer - Shortcut.lnk
[2011-08-14 14:46:42 | 000,391,211 | ---- | M] () -- C:\Users\Matthew\Desktop\3870.jpg
[2011-08-14 11:22:34 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-08-14 11:22:34 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-08-14 11:22:34 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-08-13 22:03:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-736223655-864630041-865155394-1000Core.job
[2011-08-13 20:54:07 | 008,210,693 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.psd
[2011-08-13 20:50:30 | 000,086,844 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.jpg
[2011-08-13 20:49:55 | 000,000,132 | ---- | M] () -- C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-08-13 20:49:42 | 008,209,833 | ---- | M] () -- C:\Users\Matthew\Desktop\triple.xcf
[2011-08-13 20:25:02 | 000,239,055 | ---- | M] () -- C:\Users\Matthew\Desktop\warrior_of_eclipse_by_newmand-d3kv3a8.jpg
[2011-08-13 20:05:56 | 000,000,412 | ---- | M] () -- C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
[2011-08-13 19:55:03 | 000,000,915 | ---- | M] () -- C:\Users\Public\Desktop\Star wars Battlefront II.lnk
[2011-08-13 18:23:35 | 000,105,943 | ---- | M] () -- C:\Users\Matthew\Desktop\firstPhotoshop.png
[2011-08-13 18:23:35 | 000,035,356 | ---- | M] () -- C:\Users\Matthew\.recently-used.xbel
[2011-08-13 17:56:10 | 008,615,105 | ---- | M] () -- C:\Users\Matthew\Desktop\first.psd
[2011-08-13 14:31:24 | 001,758,622 | ---- | M] () -- C:\Users\Matthew\Desktop\halflife2render.png
[2011-08-13 11:45:51 | 000,000,631 | ---- | M] () -- C:\Users\Matthew\Desktop\Identity Cloaker.lnk
[2011-08-13 11:05:55 | 000,000,800 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2011-08-13 10:28:03 | 001,663,882 | ---- | M] () -- C:\Users\Matthew\Desktop\bioshockr_1.png
[2011-08-12 22:56:43 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\Airytec Switch Off.lnk
[2011-08-12 22:50:02 | 000,002,280 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011-08-12 20:36:56 | 000,862,483 | ---- | M] () -- C:\Users\Matthew\Desktop\4781_render_Renders_devil_may_cry.png
[2011-08-12 13:20:58 | 000,731,536 | ---- | M] () -- C:\Users\Matthew\Desktop\hitman1.png
[2011-08-11 19:23:12 | 000,647,127 | ---- | M] () -- C:\Users\Matthew\Desktop\dame_en_noir.png
[2011-08-11 19:20:13 | 000,039,538 | ---- | M] () -- C:\Users\Matthew\Desktop\thumb-74381.jpg
[2011-08-11 19:19:25 | 000,047,656 | ---- | M] () -- C:\Users\Matthew\Desktop\dark_side_of_nyan_wallpaper_by_davidwoodfx-d3l3h5y.png
[2011-08-11 15:25:16 | 001,519,212 | ---- | M] () -- C:\Users\Matthew\Desktop\98546.jpg
[2011-08-10 22:50:48 | 000,000,895 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-08-10 21:50:33 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-08-10 21:50:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011-08-10 21:46:18 | 000,001,725 | ---- | M] () -- C:\Users\Matthew\Desktop\Avast Internet Security lic.avastlic
[2011-08-10 20:52:08 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2011-08-10 19:44:58 | 000,007,607 | ---- | M] () -- C:\Users\Matthew\AppData\Local\resmon.resmoncfg
[2011-08-10 16:59:40 | 000,001,029 | ---- | M] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011-08-10 16:59:38 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011-08-10 13:58:20 | 000,001,082 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011-08-10 13:58:20 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011-08-10 13:41:24 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2011-08-10 10:05:24 | 000,002,365 | ---- | M] () -- C:\Users\Matthew\Desktop\Google Chrome.lnk
[2011-08-09 19:49:02 | 000,001,509 | ---- | M] () -- C:\Users\Matthew\Desktop\VideoConverter - Shortcut.lnk
[2011-08-09 18:44:24 | 000,001,022 | ---- | M] () -- C:\Users\Matthew\Desktop\Any Video Converter.lnk
[2011-08-09 16:14:26 | 000,052,991 | ---- | M] () -- C:\Users\Matthew\Desktop\1440-900-104848.jpg
[2011-08-09 16:06:35 | 000,000,574 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011-08-09 13:34:54 | 005,129,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-08-09 12:50:23 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download Version.lnk
[2011-08-08 21:50:42 | 000,002,163 | ---- | M] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2011-08-08 21:49:21 | 000,002,823 | ---- | M] () -- C:\Users\Public\Desktop\Video Tutorials.lnk
[2011-08-08 21:49:17 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Corel CONNECT.lnk
[2011-08-08 21:49:10 | 000,002,627 | ---- | M] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2011-08-08 21:49:02 | 000,002,635 | ---- | M] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2011-08-08 21:48:44 | 000,002,619 | ---- | M] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2011-08-08 16:00:59 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2011-08-08 16:00:59 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2011-08-05 13:19:57 | 000,001,433 | ---- | M] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011-08-04 18:30:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-08-04 18:30:03 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011-08-04 17:18:15 | 000,001,707 | ---- | M] () -- C:\Users\Matthew\Desktop\AssassinsCreedBrotherhood - Shortcut.lnk
[2011-08-04 16:23:06 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-08-04 16:22:50 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-08-03 23:19:37 | 000,001,087 | ---- | M] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2011-08-03 20:50:57 | 000,000,909 | ---- | M] () -- C:\Users\Matthew\Desktop\C4D - Shortcut (2).lnk
[2011-08-03 20:38:27 | 000,001,345 | ---- | M] () -- C:\Users\Matthew\Desktop\VirtualRouterClient - Shortcut.lnk
[2011-08-03 19:10:00 | 000,001,046 | ---- | M] () -- C:\Users\Matthew\Desktop\Any Video Converter (2).lnk
[2011-08-03 13:04:57 | 000,001,571 | ---- | M] () -- C:\Users\Matthew\Desktop\dirt3 - Shortcut.lnk
[2011-08-03 12:51:13 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011-08-03 12:51:12 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011-08-03 12:35:18 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011-08-02 21:35:16 | 088,192,105 | ---- | M] () -- C:\Users\Matthew\Documents\YELLE - Safari Disco Club.mp4
[2011-08-02 19:46:20 | 000,000,766 | ---- | M] () -- C:\Users\Matthew\Desktop\Mafia.lnk
[2011-08-02 19:24:22 | 000,001,143 | ---- | M] () -- C:\Users\Matthew\Desktop\MafiaCon - Shortcut.lnk
[2011-08-02 18:38:24 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2011-08-02 16:02:34 | 000,001,622 | ---- | M] () -- C:\Users\Matthew\Desktop\CoLD Mod.lnk
[2011-08-02 15:53:24 | 001,059,840 | ---- | M] () -- C:\VirtualRouterInstaller.msi
[2011-08-01 23:27:54 | 000,000,702 | ---- | M] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut (2).lnk
[2011-08-01 23:24:37 | 000,029,074 | ---- | M] () -- C:\Users\Matthew\Desktop\energy-report.html
[2011-08-01 22:45:53 | 000,001,040 | ---- | M] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut.lnk
[2011-08-01 20:06:49 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011-08-01 20:06:49 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-08-01 18:38:28 | 000,000,773 | ---- | M] () -- C:\Users\Matthew\Desktop\MafiaDataXTractor - Shortcut.lnk
[2011-08-01 17:51:46 | 000,000,256 | ---- | M] () -- C:\dk2.mem
[2011-08-01 17:50:27 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2011-08-01 16:57:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011-08-01 16:33:23 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk

========== Files Created - No Company Name ==========

[2011-08-14 18:19:27 | 000,000,779 | ---- | C] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2011-08-14 18:19:27 | 000,000,755 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2011-08-14 15:02:59 | 000,001,388 | ---- | C] () -- C:\Users\Matthew\Desktop\GpuCapsViewer - Shortcut.lnk
[2011-08-14 14:46:45 | 000,391,211 | ---- | C] () -- C:\Users\Matthew\Desktop\3870.jpg
[2011-08-13 20:54:05 | 008,210,693 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.psd
[2011-08-13 20:50:30 | 000,086,844 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.jpg
[2011-08-13 20:49:55 | 000,000,132 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011-08-13 20:49:39 | 008,209,833 | ---- | C] () -- C:\Users\Matthew\Desktop\triple.xcf
[2011-08-13 20:25:05 | 000,239,055 | ---- | C] () -- C:\Users\Matthew\Desktop\warrior_of_eclipse_by_newmand-d3kv3a8.jpg
[2011-08-13 19:58:38 | 000,000,412 | ---- | C] () -- C:\Users\Matthew\AppData\Roaming\All CPU Meter_Settings.ini
[2011-08-13 19:55:03 | 000,000,915 | ---- | C] () -- C:\Users\Public\Desktop\Star wars Battlefront II.lnk
[2011-08-13 18:23:35 | 000,035,356 | ---- | C] () -- C:\Users\Matthew\.recently-used.xbel
[2011-08-13 17:56:17 | 000,105,943 | ---- | C] () -- C:\Users\Matthew\Desktop\firstPhotoshop.png
[2011-08-13 17:48:36 | 008,615,105 | ---- | C] () -- C:\Users\Matthew\Desktop\first.psd
[2011-08-13 14:31:29 | 001,758,622 | ---- | C] () -- C:\Users\Matthew\Desktop\halflife2render.png
[2011-08-13 11:45:51 | 000,000,631 | ---- | C] () -- C:\Users\Matthew\Desktop\Identity Cloaker.lnk
[2011-08-13 11:05:55 | 000,000,800 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2011-08-13 10:28:08 | 001,663,882 | ---- | C] () -- C:\Users\Matthew\Desktop\bioshockr_1.png
[2011-08-12 22:56:43 | 000,000,938 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airytec Switch Off.lnk
[2011-08-12 22:56:43 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\Airytec Switch Off.lnk
[2011-08-12 22:50:02 | 000,002,280 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011-08-12 22:47:28 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011-08-12 22:47:24 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011-08-12 20:37:01 | 000,862,483 | ---- | C] () -- C:\Users\Matthew\Desktop\4781_render_Renders_devil_may_cry.png
[2011-08-12 13:21:09 | 000,731,536 | ---- | C] () -- C:\Users\Matthew\Desktop\hitman1.png
[2011-08-11 19:23:15 | 000,647,127 | ---- | C] () -- C:\Users\Matthew\Desktop\dame_en_noir.png
[2011-08-11 19:20:16 | 000,039,538 | ---- | C] () -- C:\Users\Matthew\Desktop\thumb-74381.jpg
[2011-08-11 19:19:29 | 000,047,656 | ---- | C] () -- C:\Users\Matthew\Desktop\dark_side_of_nyan_wallpaper_by_davidwoodfx-d3l3h5y.png
[2011-08-11 15:25:23 | 001,519,212 | ---- | C] () -- C:\Users\Matthew\Desktop\98546.jpg
[2011-08-10 22:50:48 | 000,000,895 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011-08-10 21:46:18 | 000,001,725 | ---- | C] () -- C:\Users\Matthew\Desktop\Avast Internet Security lic.avastlic
[2011-08-10 20:34:22 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-08-10 16:59:40 | 000,001,029 | ---- | C] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011-08-10 16:59:38 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011-08-10 13:58:20 | 000,001,082 | ---- | C] () -- C:\Users\Matthew\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2011-08-10 13:58:20 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2011-08-10 13:37:33 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011-08-09 19:49:02 | 000,001,509 | ---- | C] () -- C:\Users\Matthew\Desktop\VideoConverter - Shortcut.lnk
[2011-08-09 18:44:24 | 000,001,022 | ---- | C] () -- C:\Users\Matthew\Desktop\Any Video Converter.lnk
[2011-08-09 16:14:35 | 000,052,991 | ---- | C] () -- C:\Users\Matthew\Desktop\1440-900-104848.jpg
[2011-08-09 12:50:23 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download Version.lnk
[2011-08-08 21:55:50 | 000,002,823 | ---- | C] () -- C:\Users\Public\Desktop\Video Tutorials.lnk
[2011-08-08 21:55:50 | 000,002,635 | ---- | C] () -- C:\Users\Public\Desktop\Corel PHOTO-PAINT X5.lnk
[2011-08-08 21:55:50 | 000,002,627 | ---- | C] () -- C:\Users\Public\Desktop\Corel CAPTURE X5.lnk
[2011-08-08 21:55:50 | 000,002,619 | ---- | C] () -- C:\Users\Public\Desktop\CorelDRAW X5.lnk
[2011-08-08 21:55:50 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Corel CONNECT.lnk
[2011-08-08 21:55:50 | 000,002,163 | ---- | C] () -- C:\Users\Public\Desktop\Bitstream Font Navigator.lnk
[2011-08-04 18:30:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-08-04 18:30:03 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011-08-04 17:18:15 | 000,001,707 | ---- | C] () -- C:\Users\Matthew\Desktop\AssassinsCreedBrotherhood - Shortcut.lnk
[2011-08-04 16:23:06 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-08-04 16:22:50 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-08-03 23:19:37 | 000,001,087 | ---- | C] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2011-08-03 20:50:57 | 000,000,909 | ---- | C] () -- C:\Users\Matthew\Desktop\C4D - Shortcut (2).lnk
[2011-08-03 20:38:27 | 000,001,345 | ---- | C] () -- C:\Users\Matthew\Desktop\VirtualRouterClient - Shortcut.lnk
[2011-08-03 19:10:00 | 000,001,046 | ---- | C] () -- C:\Users\Matthew\Desktop\Any Video Converter (2).lnk
[2011-08-03 13:04:57 | 000,001,571 | ---- | C] () -- C:\Users\Matthew\Desktop\dirt3 - Shortcut.lnk
[2011-08-03 12:54:47 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011-08-02 21:41:08 | 001,059,840 | ---- | C] () -- C:\VirtualRouterInstaller.msi
[2011-08-02 21:31:24 | 088,192,105 | ---- | C] () -- C:\Users\Matthew\Documents\YELLE - Safari Disco Club.mp4
[2011-08-02 19:46:20 | 000,000,766 | ---- | C] () -- C:\Users\Matthew\Desktop\Mafia.lnk
[2011-08-02 19:24:22 | 000,001,143 | ---- | C] () -- C:\Users\Matthew\Desktop\MafiaCon - Shortcut.lnk
[2011-08-02 18:38:24 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Sniper Ghost Warrior.lnk
[2011-08-02 16:02:34 | 000,001,622 | ---- | C] () -- C:\Users\Matthew\Desktop\CoLD Mod.lnk
[2011-08-01 23:27:54 | 000,000,702 | ---- | C] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut (2).lnk
[2011-08-01 23:24:37 | 000,029,074 | ---- | C] () -- C:\Users\Matthew\Desktop\energy-report.html
[2011-08-01 22:45:53 | 000,001,040 | ---- | C] () -- C:\Users\Matthew\Desktop\iw3sp - Shortcut.lnk
[2011-08-01 20:06:49 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops Call MP.lnk
[2011-08-01 20:06:49 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty - Black Ops.lnk
[2011-08-01 18:38:28 | 000,000,773 | ---- | C] () -- C:\Users\Matthew\Desktop\MafiaDataXTractor - Shortcut.lnk
[2011-08-01 17:51:46 | 000,000,256 | ---- | C] () -- C:\dk2.mem
[2011-08-01 17:50:27 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix.lnk
[2011-08-01 16:57:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011-08-01 16:33:23 | 000,002,130 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2011-07-10 18:13:37 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011-07-08 19:55:09 | 000,007,607 | ---- | C] () -- C:\Users\Matthew\AppData\Local\resmon.resmoncfg
[2011-07-08 14:49:51 | 000,008,192 | R--- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011-07-08 12:48:08 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-07-08 12:48:08 | 000,207,376 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-07-08 12:48:08 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007-04-27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2003-04-09 05:28:44 | 000,233,472 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2003-04-09 05:28:44 | 000,233,472 | R--- | C] () -- C:\Users\Matthew\AppData\Roaming\MafiaSetup.exe
[2001-08-29 14:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\SysWow64\DK2WIN32.DLL

========== LOP Check ==========

[2011-07-13 14:28:51 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\AnvSoft
[2011-07-09 17:46:35 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\AVG10
[2011-08-14 18:58:48 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\BitTorrent
[2011-07-10 18:06:44 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\DAEMON Tools Lite
[2011-08-12 21:43:22 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\gtk-2.0
[2011-08-08 16:16:15 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\IObit
[2011-08-09 12:50:59 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\MAGIX
[2011-07-15 12:33:15 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\My Battle for Middle-earth™ II Files
[2011-08-01 16:57:39 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\PC Suite
[2011-08-04 16:22:48 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\PunkBuster
[2011-07-08 15:20:06 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\Virtual Desktop Manager
[2011-08-09 20:28:23 | 000,000,000 | ---D | M] -- C:\Users\Matthew\AppData\Roaming\WNR
[2009-07-14 07:08:49 | 000,028,886 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#6
Essexboy
Posted 14 August 2011 - 01:00 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Any further problems :)
  • 0

#7
Comkrin
Posted 15 August 2011 - 03:15 AM

Comkrin

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Nope, that's it.

Thank you Very much :)
  • 0

#8
Essexboy
Posted 15 August 2011 - 11:19 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :yes:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :unsure:
  • 0

#9
Essexboy
Posted 17 August 2011 - 12:59 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP