Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

How Do I Remove Alureon Rootkit Virus?

Started by Dom Fontana , Aug 28 2011 06:43 AM

  • This topic is locked This topic is locked

#1
Dom Fontana
Posted 28 August 2011 - 06:43 AM

Dom Fontana

    Member

  • Member
  • PipPipPip
  • 170 posts
Hello.

I know I have the Alureon Rootkit Virus, but don't know if I also have other Viruses. MS Security Essential detected the Alureon Virus, but can't delete it. Malwarebytes Anti-Malware doesn't even detect it with the Full Scan and doesn't even finish the scan. When it's almost done with the scan, it becomes non-responsive, I get the Blue Screen, it does a Crash Dump, and then reboots. Plus, when I try to do the Quick Scan with Malwarebytes, it stalls and becomes non-responsive when it reaches a dll file in the system 32 directory, forcing me to reboot.

Besides always getting page redirects in my Browser IE 8, that just seems to be the tip of the iceberg. My computer is behaving very erratically and slowly now and many programs, including IE, hang and say non-responsive. Plus many times, when I try to call up Task Manager, it doesn't appear. I read up on it and these are all symptons of the Alureon Rootkit Virus.

I am using Windows 7 Ultimate - 32 bit, have 4 GB of RAM, and a 500 GB hard drive with 3 partitions. I am using IE 8 and have Malwarebytes Anti-Malware and MS Security Essentials.

Any help would be much appreciated.

Thanks.

Edited by Dom Fontana, 28 August 2011 - 06:59 AM.

  • 0

Advertisements

#2
Essexboy
Posted 28 August 2011 - 08:25 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi again :)

Please read carefully and follow these steps.

  • DownloadTDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

    Posted Image
  • If an infected file is detected, the default action will be Cure, click on Continue.

    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    Posted Image

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

THEN

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
Dom Fontana
Posted 28 August 2011 - 08:50 AM

Dom Fontana

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Hi, Essexboy! I was hoping I got you. You helped me last time a few months ago, remember? Okay, I'll get started on it right away.

I saved all the files from last time, inluding TDSSKiller, so this shouldn't take that long.

Thanks.

Edited by Dom Fontana, 28 August 2011 - 10:06 AM.

  • 0

#4
Essexboy
Posted 28 August 2011 - 08:57 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Download the latest TDSSKiller as it is updated often
  • 0

#5
Dom Fontana
Posted 28 August 2011 - 09:02 AM

Dom Fontana

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Yes, I updated it. When I ran it, it said an update was available, so I installed it. It found a Rootkit Virus. I just rebooted and will be posting everything soon.

Edited by Dom Fontana, 28 August 2011 - 09:15 AM.

  • 0

#6
Dom Fontana
Posted 28 August 2011 - 09:14 AM

Dom Fontana

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Okay, here are the 3 log files.

2011/08/27 10:55:58.0057 4684 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/27 10:55:58.0403 4684 ================================================================================
2011/08/27 10:55:58.0403 4684 SystemInfo:
2011/08/27 10:55:58.0403 4684
2011/08/27 10:55:58.0403 4684 OS Version: 6.1.7601 ServicePack: 1.0
2011/08/27 10:55:58.0403 4684 Product type: Workstation
2011/08/27 10:55:58.0404 4684 ComputerName: FONTANA
2011/08/27 10:55:58.0407 4684 UserName: Dominick J. Fontana
2011/08/27 10:55:58.0407 4684 Windows directory: C:\Windows
2011/08/27 10:55:58.0407 4684 System windows directory: C:\Windows
2011/08/27 10:55:58.0407 4684 Processor architecture: Intel x86
2011/08/27 10:55:58.0407 4684 Number of processors: 2
2011/08/27 10:55:58.0407 4684 Page size: 0x1000
2011/08/27 10:55:58.0407 4684 Boot type: Normal boot
2011/08/27 10:55:58.0407 4684 ================================================================================
2011/08/27 10:55:59.0766 4684 Initialize success
2011/08/27 10:56:25.0324 3776 ================================================================================
2011/08/27 10:56:25.0324 3776 Scan started
2011/08/27 10:56:25.0324 3776 Mode: Manual;
2011/08/27 10:56:25.0324 3776 ================================================================================
2011/08/27 10:56:27.0186 3776 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
2011/08/27 10:56:27.0346 3776 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
2011/08/27 10:56:27.0387 3776 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
2011/08/27 10:56:27.0440 3776 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/08/27 10:56:27.0486 3776 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/08/27 10:56:27.0515 3776 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/08/27 10:56:27.0598 3776 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
2011/08/27 10:56:27.0647 3776 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/08/27 10:56:27.0664 3776 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/08/27 10:56:27.0718 3776 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/08/27 10:56:27.0764 3776 amacpi (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\DRIVERS\null.sys
2011/08/27 10:56:27.0811 3776 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/08/27 10:56:27.0842 3776 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/08/27 10:56:27.0878 3776 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/08/27 10:56:27.0940 3776 AmdLLD (10224efdadfab5abd2d9177bf14428d2) C:\Windows\system32\DRIVERS\AmdLLD.sys
2011/08/27 10:56:27.0966 3776 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/08/27 10:56:28.0009 3776 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
2011/08/27 10:56:28.0045 3776 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/08/27 10:56:28.0066 3776 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
2011/08/27 10:56:28.0117 3776 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
2011/08/27 10:56:28.0172 3776 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/08/27 10:56:28.0201 3776 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/08/27 10:56:28.0244 3776 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/27 10:56:28.0297 3776 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/08/27 10:56:28.0379 3776 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/08/27 10:56:28.0437 3776 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/08/27 10:56:28.0479 3776 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/08/27 10:56:28.0534 3776 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/08/27 10:56:28.0573 3776 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/27 10:56:28.0591 3776 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/08/27 10:56:28.0636 3776 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/08/27 10:56:28.0672 3776 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/08/27 10:56:28.0692 3776 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/27 10:56:28.0722 3776 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/27 10:56:28.0762 3776 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/27 10:56:28.0792 3776 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/08/27 10:56:28.0842 3776 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/27 10:56:28.0918 3776 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
2011/08/27 10:56:28.0949 3776 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/08/27 10:56:28.0991 3776 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/08/27 10:56:29.0049 3776 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/27 10:56:29.0082 3776 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/08/27 10:56:29.0134 3776 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/08/27 10:56:29.0176 3776 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/27 10:56:29.0217 3776 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
2011/08/27 10:56:29.0252 3776 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/08/27 10:56:29.0318 3776 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
2011/08/27 10:56:29.0440 3776 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
2011/08/27 10:56:29.0497 3776 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/08/27 10:56:29.0549 3776 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/08/27 10:56:29.0614 3776 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/08/27 10:56:29.0661 3776 dtsoftbus01 (87b0f28c43b50bbb917f4400fa63cd31) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/08/27 10:56:29.0703 3776 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/27 10:56:29.0891 3776 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/08/27 10:56:29.0995 3776 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/08/27 10:56:30.0047 3776 epmntdrv (6eceb0ce18d352af410dd50ee13eaa9a) C:\Windows\system32\epmntdrv.sys
2011/08/27 10:56:30.0080 3776 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/08/27 10:56:30.0135 3776 EuGdiDrv (5f779f5edab787f2d090c71a9051f365) C:\Windows\system32\EuGdiDrv.sys
2011/08/27 10:56:30.0175 3776 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/08/27 10:56:30.0194 3776 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/08/27 10:56:30.0224 3776 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/27 10:56:30.0264 3776 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/08/27 10:56:30.0286 3776 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/08/27 10:56:30.0312 3776 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/27 10:56:30.0341 3776 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/08/27 10:56:30.0381 3776 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/08/27 10:56:30.0410 3776 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/27 10:56:30.0442 3776 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/27 10:56:30.0472 3776 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/08/27 10:56:30.0495 3776 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/27 10:56:30.0561 3776 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
2011/08/27 10:56:30.0622 3776 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
2011/08/27 10:56:30.0649 3776 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/08/27 10:56:30.0664 3776 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/08/27 10:56:30.0704 3776 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/08/27 10:56:30.0757 3776 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/27 10:56:30.0826 3776 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/08/27 10:56:30.0900 3776 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
2011/08/27 10:56:30.0935 3776 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/27 10:56:30.0957 3776 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
2011/08/27 10:56:31.0022 3776 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
2011/08/27 10:56:31.0057 3776 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/08/27 10:56:31.0158 3776 IntcAzAudAddService (f8f53c5449f15b23d4c61d51d2701da8) C:\Windows\system32\drivers\RTKVHDA.sys
2011/08/27 10:56:31.0213 3776 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/08/27 10:56:31.0242 3776 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/27 10:56:31.0295 3776 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/27 10:56:31.0322 3776 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
2011/08/27 10:56:31.0346 3776 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/08/27 10:56:31.0373 3776 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/08/27 10:56:31.0397 3776 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/08/27 10:56:31.0435 3776 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
2011/08/27 10:56:31.0482 3776 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/27 10:56:31.0530 3776 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/27 10:56:31.0619 3776 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/27 10:56:31.0652 3776 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/27 10:56:31.0743 3776 LHidFilt (05d6b85ecc3204931923ab7940b9596e) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/08/27 10:56:31.0834 3776 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/27 10:56:31.0891 3776 LMouFilt (053dbcc1082fdf74ab145a71917a6556) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/08/27 10:56:31.0939 3776 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/08/27 10:56:32.0073 3776 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/08/27 10:56:32.0158 3776 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/08/27 10:56:32.0195 3776 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/08/27 10:56:32.0216 3776 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/08/27 10:56:32.0253 3776 LUsbFilt (95dab70d56bbac7ddb7e6d0017d71369) C:\Windows\system32\Drivers\LUsbFilt.Sys
2011/08/27 10:56:32.0355 3776 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\Windows\system32\drivers\mbam.sys
2011/08/27 10:56:32.0401 3776 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/08/27 10:56:32.0445 3776 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/08/27 10:56:32.0480 3776 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/08/27 10:56:32.0522 3776 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/27 10:56:32.0567 3776 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/27 10:56:32.0599 3776 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/27 10:56:32.0634 3776 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
2011/08/27 10:56:32.0705 3776 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/08/27 10:56:32.0758 3776 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
2011/08/27 10:56:32.0890 3776 MpKsl3f645c5c (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB8652A4-05FF-44A8-957F-D3C6D9341628}\MpKsl3f645c5c.sys
2011/08/27 10:56:32.0962 3776 MpKsl8271470e (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB8652A4-05FF-44A8-957F-D3C6D9341628}\MpKsl8271470e.sys
2011/08/27 10:56:33.0022 3776 MpKsla29cf9df (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB8652A4-05FF-44A8-957F-D3C6D9341628}\MpKsla29cf9df.sys
2011/08/27 10:56:33.0060 3776 MpKslbe99e855 (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB8652A4-05FF-44A8-957F-D3C6D9341628}\MpKslbe99e855.sys
2011/08/27 10:56:33.0146 3776 MpKslf3843a20 (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB8652A4-05FF-44A8-957F-D3C6D9341628}\MpKslf3843a20.sys
2011/08/27 10:56:33.0187 3776 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/08/27 10:56:33.0240 3776 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/27 10:56:33.0315 3776 MRV6X32U (88cb1d492608b44faefd1f349353c7ad) C:\Windows\system32\DRIVERS\MRVW24B.sys
2011/08/27 10:56:33.0377 3776 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
2011/08/27 10:56:33.0441 3776 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/27 10:56:33.0605 3776 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/27 10:56:33.0668 3776 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/27 10:56:33.0722 3776 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
2011/08/27 10:56:33.0762 3776 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
2011/08/27 10:56:33.0849 3776 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/08/27 10:56:33.0907 3776 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/27 10:56:33.0953 3776 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/08/27 10:56:34.0015 3776 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/27 10:56:34.0080 3776 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/27 10:56:34.0100 3776 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/08/27 10:56:34.0136 3776 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/08/27 10:56:34.0185 3776 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
2011/08/27 10:56:34.0210 3776 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/08/27 10:56:34.0237 3776 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/08/27 10:56:34.0261 3776 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/08/27 10:56:34.0413 3776 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/27 10:56:34.0470 3776 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
2011/08/27 10:56:34.0504 3776 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/27 10:56:34.0550 3776 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/27 10:56:34.0617 3776 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/27 10:56:34.0662 3776 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/27 10:56:34.0708 3776 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
2011/08/27 10:56:34.0753 3776 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/27 10:56:34.0789 3776 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/27 10:56:34.0918 3776 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/08/27 10:56:34.0972 3776 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/08/27 10:56:35.0017 3776 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/08/27 10:56:35.0049 3776 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/27 10:56:35.0143 3776 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
2011/08/27 10:56:35.0199 3776 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/08/27 10:56:35.0241 3776 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
2011/08/27 10:56:35.0524 3776 nvlddmkm (377140a534d013bd661c69f1741de43c) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/08/27 10:56:35.0643 3776 NVNET (1de923088878b495cd4219e47ba34eb8) C:\Windows\system32\DRIVERS\nvmf6232.sys
2011/08/27 10:56:35.0681 3776 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
2011/08/27 10:56:35.0726 3776 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
2011/08/27 10:56:35.0777 3776 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/08/27 10:56:35.0816 3776 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/08/27 10:56:35.0868 3776 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/08/27 10:56:35.0909 3776 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
2011/08/27 10:56:35.0932 3776 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/08/27 10:56:35.0972 3776 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
2011/08/27 10:56:35.0995 3776 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/08/27 10:56:36.0025 3776 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/08/27 10:56:36.0052 3776 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/08/27 10:56:36.0098 3776 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/08/27 10:56:36.0233 3776 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/27 10:56:36.0259 3776 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/08/27 10:56:36.0315 3776 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/27 10:56:36.0386 3776 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/08/27 10:56:36.0452 3776 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/08/27 10:56:36.0504 3776 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/27 10:56:36.0560 3776 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/27 10:56:36.0591 3776 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/27 10:56:36.0628 3776 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/27 10:56:36.0668 3776 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/27 10:56:36.0694 3776 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/27 10:56:36.0733 3776 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/27 10:56:36.0758 3776 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/08/27 10:56:36.0810 3776 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/27 10:56:36.0866 3776 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
2011/08/27 10:56:36.0900 3776 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/27 10:56:36.0935 3776 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/27 10:56:36.0993 3776 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/08/27 10:56:37.0039 3776 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
2011/08/27 10:56:37.0111 3776 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
2011/08/27 10:56:37.0182 3776 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/27 10:56:37.0220 3776 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
2011/08/27 10:56:37.0277 3776 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
2011/08/27 10:56:37.0317 3776 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\Windows\system32\drivers\SCDEmu.sys
2011/08/27 10:56:37.0410 3776 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/27 10:56:37.0475 3776 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/08/27 10:56:37.0517 3776 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/08/27 10:56:37.0554 3776 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/08/27 10:56:37.0588 3776 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/08/27 10:56:37.0638 3776 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/08/27 10:56:37.0659 3776 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/27 10:56:37.0686 3776 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/27 10:56:37.0713 3776 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/08/27 10:56:37.0796 3776 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/08/27 10:56:37.0827 3776 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/08/27 10:56:37.0852 3776 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/08/27 10:56:37.0880 3776 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/08/27 10:56:37.0924 3776 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/08/27 10:56:37.0977 3776 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
2011/08/27 10:56:38.0019 3776 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/27 10:56:38.0062 3776 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/27 10:56:38.0112 3776 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys
2011/08/27 10:56:38.0149 3776 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/08/27 10:56:38.0187 3776 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
2011/08/27 10:56:38.0233 3776 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
2011/08/27 10:56:38.0264 3776 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
2011/08/27 10:56:38.0392 3776 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys
2011/08/27 10:56:38.0488 3776 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/27 10:56:38.0549 3776 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/27 10:56:38.0594 3776 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
2011/08/27 10:56:38.0619 3776 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
2011/08/27 10:56:38.0661 3776 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/27 10:56:38.0686 3776 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
2011/08/27 10:56:38.0754 3776 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/27 10:56:38.0788 3776 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
2011/08/27 10:56:38.0896 3776 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) D:\Programs\TuneUp Utilities 2009\TuneUpUtilitiesDriver32.sys
2011/08/27 10:56:38.0961 3776 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/27 10:56:38.0993 3776 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/08/27 10:56:39.0044 3776 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/27 10:56:39.0089 3776 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/27 10:56:39.0133 3776 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/27 10:56:39.0159 3776 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/08/27 10:56:39.0238 3776 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/27 10:56:39.0274 3776 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/08/27 10:56:39.0316 3776 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/08/27 10:56:39.0340 3776 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/27 10:56:39.0365 3776 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
2011/08/27 10:56:39.0406 3776 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/27 10:56:39.0448 3776 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/08/27 10:56:39.0471 3776 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
2011/08/27 10:56:39.0510 3776 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
2011/08/27 10:56:39.0563 3776 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/08/27 10:56:39.0605 3776 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/27 10:56:39.0636 3776 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/08/27 10:56:39.0697 3776 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
2011/08/27 10:56:39.0729 3776 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/08/27 10:56:39.0760 3776 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/08/27 10:56:39.0810 3776 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/08/27 10:56:39.0834 3776 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
2011/08/27 10:56:39.0866 3776 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
2011/08/27 10:56:39.0892 3776 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
2011/08/27 10:56:39.0924 3776 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/08/27 10:56:39.0952 3776 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
2011/08/27 10:56:40.0012 3776 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/08/27 10:56:40.0061 3776 VSTHWBS2 (682fcf7d2eb5158cd30408e976562408) C:\Windows\system32\DRIVERS\VSTBS23.SYS
2011/08/27 10:56:40.0105 3776 VST_DPV (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2011/08/27 10:56:40.0146 3776 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/08/27 10:56:40.0190 3776 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/08/27 10:56:40.0247 3776 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/27 10:56:40.0264 3776 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/27 10:56:40.0356 3776 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/08/27 10:56:40.0399 3776 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/27 10:56:40.0473 3776 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/27 10:56:40.0498 3776 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/08/27 10:56:40.0552 3776 winachsf (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2011/08/27 10:56:40.0653 3776 WmBEnum (84a90f13eebf4380345ef9474d30f10e) C:\Windows\system32\drivers\WmBEnum.sys
2011/08/27 10:56:40.0704 3776 WmFilter (eb0034ac02a44dc784a3174d2b81e764) C:\Windows\system32\drivers\WmFilter.sys
2011/08/27 10:56:40.0740 3776 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
2011/08/27 10:56:40.0849 3776 WmVirHid (72c4f5a748c74d8d4016ccfa7367210f) C:\Windows\system32\drivers\WmVirHid.sys
2011/08/27 10:56:40.0879 3776 WmXlCore (eacdcced934a185e61ce0684f71c2dec) C:\Windows\system32\drivers\WmXlCore.sys
2011/08/27 10:56:40.0921 3776 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/27 10:56:40.0984 3776 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
2011/08/27 10:56:41.0073 3776 MBR (0x1B8) (de1996b5390bac8242e23168f828c750) \Device\Harddisk0\DR0
2011/08/27 10:56:41.0084 3776 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/08/27 10:56:41.0097 3776 Boot (0x1200) (1fb00eb92f0066e2953f06693957ed5d) \Device\Harddisk0\DR0\Partition0
2011/08/27 10:56:41.0124 3776 Boot (0x1200) (f2ede564467fa26cea84d19ca5e54430) \Device\Harddisk0\DR0\Partition1
2011/08/27 10:56:41.0148 3776 Boot (0x1200) (307a80a13422bb3313e54224b31bbf4d) \Device\Harddisk0\DR0\Partition2
2011/08/27 10:56:41.0153 3776 ================================================================================
2011/08/27 10:56:41.0153 3776 Scan finished
2011/08/27 10:56:41.0153 3776 ================================================================================
2011/08/27 10:56:41.0169 1484 Detected object count: 1
2011/08/27 10:56:41.0169 1484 Actual detected object count: 1
2011/08/27 10:56:52.0755 1484 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/08/27 10:56:52.0756 1484 \Device\Harddisk0\DR0 - ok
2011/08/27 10:56:52.0757 1484 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure





OTL logfile created on: 8/27/2011 11:04:49 AM - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = E:\Geeks To Go\Geeks To Go
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.44 Gb Total Physical Memory | 2.57 Gb Available Physical Memory | 74.82% Memory free
13.74 Gb Paging File | 12.75 Gb Available in Paging File | 92.80% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 45.20 Gb Total Space | 12.46 Gb Free Space | 27.55% Space Free | Partition Type: NTFS
Drive D: | 243.87 Gb Total Space | 32.56 Gb Free Space | 13.35% Space Free | Partition Type: NTFS
Drive E: | 176.69 Gb Total Space | 49.19 Gb Free Space | 27.84% Space Free | Partition Type: NTFS

Computer Name: FONTANA | User Name: Dominick J. Fontana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/27 11:03:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- E:\Geeks To Go\Geeks To Go\OTL.exe
PRC - [2011/07/27 07:06:44 | 000,267,488 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- D:\Programs\Malwarebytes Anti-Malware Pro\mbamgui.exe
PRC - [2011/06/23 19:44:22 | 001,386,776 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011/06/17 03:35:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- D:\Programs\Advanced SystemCare 4\ASCService.exe
PRC - [2011/05/20 14:00:34 | 000,671,552 | ---- | M] (TuneUp Software) -- D:\Programs\TuneUp Utilities 2009\TuneUpUtilitiesApp32.exe
PRC - [2011/05/20 13:58:28 | 001,523,008 | ---- | M] (TuneUp Software) -- D:\Programs\TuneUp Utilities 2009\TuneUpUtilitiesService32.exe
PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/23 22:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- D:\Programs\Seagate Manager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- D:\Programs\Seagate Manager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/09/16 21:14:48 | 000,153,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe
PRC - [2009/08/28 01:40:50 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008/11/02 04:38:58 | 000,167,936 | ---- | M] (PowerISO Computing, Inc.) -- D:\Programs\PowerISO\PWRISOVM.EXE
PRC - [2008/01/17 07:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/06/23 19:44:34 | 000,877,848 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2011/05/28 14:47:00 | 000,127,376 | ---- | M] () -- D:\Programs\Advanced SystemCare 4\ASCv4ExtMenu.dll
MOD - [2009/08/28 01:40:50 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2005/10/07 15:05:32 | 000,125,440 | ---- | M] () -- D:\Programs\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/07/29 07:28:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/07/27 07:06:44 | 000,267,488 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Programs\Malwarebytes Anti-Malware Pro\mbamservice.exe -- (MBAMService)
SRV - [2011/06/17 03:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- D:\Programs\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/05/20 13:58:28 | 001,523,008 | ---- | M] (TuneUp Software) [Auto | Running] -- D:\Programs\TuneUp Utilities 2009\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/05/20 13:55:28 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/23 22:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe -- (NSL)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- D:\Programs\Seagate Manager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/09/24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - [2011/08/27 10:59:23 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB8652A4-05FF-44A8-957F-D3C6D9341628}\MpKsl7516d935.sys -- (MpKsl7516d935)
DRV - [2011/08/27 09:09:50 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB8652A4-05FF-44A8-957F-D3C6D9341628}\MpKslf3843a20.sys -- (MpKslf3843a20)
DRV - [2011/07/28 10:39:24 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/30 08:00:20 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011/04/30 08:00:18 | 000,039,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/04/30 08:00:06 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/26 15:30:20 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- D:\Programs\TuneUp Utilities 2009\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/08/12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010/07/10 05:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/11 12:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/09/11 12:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/09/11 12:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/09/11 12:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2009/07/13 18:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/04/22 14:32:20 | 000,042,552 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2009/02/25 20:22:12 | 000,009,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2009/02/25 20:22:12 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2008/11/02 04:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/03/19 08:10:54 | 000,310,016 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MRVW24B.sys -- (MRV6X32U) Marvell TOPDOG 802.11n WLAN Driver for Vista x86 (USB8x)
DRV - [2007/08/12 22:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.mc28.mail.....jsrand=5992681
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 35 21 12 73 4C CC 01 [binary data]
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://us.mc12.mail....rand=1133327982
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:61737

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?..._date=20110828"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.2.20080910
FF - prefs.js..extensions.enabledItems: {766fca73-0742-b02b-8971-c78fe158c4ba}:4.6.7.7
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1390
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 61737
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..keyword.URL: "http://www.bing.com/...te=20110828&q="


FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ [2011/08/19 09:03:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: D:\Programs\Firefox\components [2011/07/28 09:44:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: D:\Programs\Firefox\plugins [2011/07/28 09:44:21 | 000,000,000 | ---D | M]

[2011/07/28 09:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Extensions
[2011/08/27 06:52:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Firefox\Profiles\8ixxrqmh.default\extensions
[2011/08/27 06:52:24 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Firefox\Profiles\8ixxrqmh.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/07/28 09:42:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Firefox\Profiles\8ixxrqmh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/27 06:52:20 | 000,001,945 | ---- | M] () -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Firefox\Profiles\8ixxrqmh.default\searchplugins\bing-zugo.xml
[2011/07/28 09:43:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/28 09:43:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/07 06:14:34 | 000,000,000 | ---D | M] (No name found) -- D:\PROGRAMS\AVG10\FIREFOX
[2011/07/28 09:44:21 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{766FCA73-0742-B02B-8971-C78FE158C4BA}
[2010/06/01 03:29:02 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/11/01 20:40:52 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/06/10 05:24:57 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2010/06/01 03:38:54 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/12 21:09:42 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/14 08:00:20 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/13 05:05:41 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/13 05:57:48 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/05/08 12:05:24 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

Hosts file not found
O2 - BHO: (Windows Live ID Sign-in Helper) - {07B0072D-738F-5709-0AB6-3DB75BBA3B64} - Reg Error: Value error. File not found
O2 - BHO: (Adobe PDF Link Helper) - {5D677C6A-5DF8-1A13-778F-6D1862067DB6} - Reg Error: Value error. File not found
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programs\Malwarebytes Anti-Malware Pro\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] D:\Programs\Seagate Manager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] D:\Programs\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartNowToolbarHelper] File not found
O4 - HKLM..\Run: [Windows Mobile Device Center] File not found
O4 - HKU\.DEFAULT..\Run: [lpc] C:\Users\Dominick J. Fontana\AppData\Roaming\Remote\kyste93.dll ()
O4 - HKU\S-1-5-18..\Run: [lpc] C:\Users\Dominick J. Fontana\AppData\Roaming\Remote\kyste93.dll ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Programs\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programs\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000 Winlogon: Shell - (C:\Users\Dominick J. Fontana\AppData\Roaming\dwm.exe) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O27 - HKLM IFEO\dtagent.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\dtimgeditor.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\dtpro.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\sptdinst-x86.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/05/03 09:38:31 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/10/18 21:32:16 | 000,200,524 | ---- | M] () - D:\AUTO.pat -- [ NTFS ]
O32 - AutoRun File - [2010/10/18 21:32:16 | 000,019,488 | ---- | M] () - D:\AUTO.pst -- [ NTFS ]
O32 - AutoRun File - [2009/04/25 08:05:20 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/23 09:54:29 | 000,000,000 | R--D | M] - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/08/27 12:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Awakening 3 - The Goblin Kingdom CE
[2011/08/27 07:45:59 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Malwarebytes
[2011/08/27 07:45:19 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/27 07:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/27 07:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/27 07:45:14 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/27 06:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2011/08/27 05:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/08/27 05:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\HitPoint Studios
[2011/08/27 05:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Secrets of Arcelia Island
[2011/08/26 13:54:56 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Remote
[2011/08/26 11:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/08/26 06:54:59 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\FrostWire
[2011/08/26 06:54:40 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\.frostwire5
[2011/08/25 08:38:32 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Casual Box
[2011/08/21 23:28:23 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Twilight Games
[2011/08/21 11:15:15 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\CrashDumps
[2011/08/21 10:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/08/20 10:58:56 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar Stargaze
[2011/08/20 10:25:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/20 05:38:38 | 000,000,000 | --SD | C] -- C:\Users\Dominick J. Fontana\Documents\Passwords Database
[2011/08/20 05:06:19 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2011/08/20 05:06:19 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2011/08/19 09:18:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011/08/19 09:03:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST
[2011/08/19 09:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Safe Web Lite
[2011/08/19 09:03:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST\0102000.006
[2011/08/18 12:19:23 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Artifex Mundi
[2011/08/18 12:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Time Mysteries - Inheritance
[2011/08/18 12:06:46 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ReelDealSlotQuest_TheMuseumEscape
[2011/08/18 11:26:33 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ReelDealSlotQuest_Alice
[2011/08/18 05:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/08/18 05:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/08/18 05:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011/08/15 13:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Floodlight Games
[2011/08/13 09:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SpinTop Games
[2011/08/12 08:18:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\Documents\CoM
[2011/08/12 07:47:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2011/08/12 07:47:10 | 000,000,000 | ---D | C] -- C:\DirectX 9
[2011/08/11 12:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard
[2011/08/11 12:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2011/08/09 05:26:00 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Total Eclipse
[2011/08/08 06:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/08/08 06:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/08 06:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/08/08 06:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/08/07 07:31:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/08/07 07:31:56 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/08/07 07:30:34 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\Sunbelt Software
[2011/08/07 07:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/08/07 07:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/08/07 07:24:47 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\PackageAware
[2011/08/07 05:34:00 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GetRightToGo
[2011/08/06 06:38:08 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\2monkeys
[2011/08/06 06:15:24 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Die Saeule der Maya
[2011/08/06 06:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Die Saeule der Maya
[2011/08/05 23:07:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\1085
[2011/08/05 09:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Elephant Games
[2011/08/05 07:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011/08/05 06:53:53 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Leadertech
[2011/08/05 06:53:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2011/08/05 06:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2011/08/05 06:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2011/08/05 06:50:49 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Logitech
[2011/08/05 06:50:49 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Logishrd
[2011/08/05 06:50:31 | 000,000,000 | ---D | C] -- C:\SetPoint
[2011/08/04 23:07:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\Documents\Jade Rousseau S01E01
[2011/08/04 23:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2011/08/03 06:13:13 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar Entertainment
[2011/08/03 05:54:51 | 000,000,000 | ---D | C] -- C:\Windows\Nightmare Realm Collector's Edition
[2011/08/03 05:21:36 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ParetoLogic
[2011/08/03 05:21:36 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DriverCure
[2011/08/03 05:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2011/08/01 06:44:17 | 000,000,000 | ---D | C] -- C:\Logitech Mouse Connection Utility
[2011/07/31 13:25:56 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/07/31 11:57:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\BrablGames
[2011/07/31 11:57:22 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\ElevatedDiagnostics
[2011/07/31 11:12:18 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011/07/30 12:45:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2011/07/29 23:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/07/29 23:16:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\2064
[2011/07/29 23:15:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\3051
[2011/07/29 08:57:17 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2011/07/29 08:50:23 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\Apple
[2011/07/29 08:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/07/29 08:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/07/29 07:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/07/29 07:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/07/29 07:50:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/07/29 07:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/07/29 07:42:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/07/29 07:41:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/07/29 07:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/07/29 07:28:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2011/07/29 07:23:05 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011/07/28 12:49:30 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Nero
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\WhiteBirdsProductions
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Vogat Interactive
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\VendelGAMES
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Vast Studios
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\VampireSagaHL
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ValuSoft
[2011/07/28 12:44:14 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TOMI2.THE GATES OF FATE
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TrickySoftware
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Top Evidence
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TOMI3
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Ten Heavens
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SunRay Games
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SulusGames
[2011/07/28 12:43:06 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SpinTop Games
[2011/07/28 12:43:05 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Specialbit
[2011/07/28 12:42:45 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Skunk Studios
[2011/07/28 12:42:45 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Silverback Productions
[2011/07/28 12:42:27 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SerpentOfIsis
[2011/07/28 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Princess Isabella
[2011/07/28 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PlayPond
[2011/07/28 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Phantasmat_bf_ce1
[2011/07/28 12:42:02 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PlayFirst
[2011/07/28 12:40:11 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Namco
[2011/07/28 12:40:11 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mystery of Mortlake Mansion
[2011/07/28 12:40:11 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\My Games
[2011/07/28 12:39:30 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\MumboJumbo
[2011/07/28 12:39:30 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Monkey Barrel Games
[2011/07/28 12:39:02 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Millennium Secrets - Roxannes Necklace Strategy Guide
[2011/07/28 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\margrave3_full
[2011/07/28 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\MagicIndie
[2011/07/28 12:38:30 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Maximize Games
[2011/07/28 12:37:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LittleGamesCompany
[2011/07/28 12:37:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Lionhead Studios
[2011/07/28 12:37:24 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Jetdogs Studios
[2011/07/28 12:37:22 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LestaStudio
[2011/07/28 12:37:22 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LegacyInteractive
[2011/07/28 12:37:22 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Lazy Turtle Games
[2011/07/28 12:37:16 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\JoyBits
[2011/07/28 12:35:32 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\iWin
[2011/07/28 12:35:32 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Islands
[2011/07/28 12:34:58 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\IntrigueIncRavensFlightStrategyGuide
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\HitPoint Studios
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GarageGames
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Games
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gamers Digital
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GameMill Entertainment
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GameInvest
[2011/07/28 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\HdO Adventure
[2011/07/28 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Happy Muffin Top
[2011/07/28 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gogii
[2011/07/28 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Ghost Ship Studios
[2011/07/28 12:34:40 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gestalt Games
[2011/07/28 12:33:28 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Funswitch
[2011/07/28 12:33:28 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\funkitron
[2011/07/28 12:33:27 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Fuzzy Bug Interactive
[2011/07/28 12:33:27 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Fugazo
[2011/07/28 12:32:39 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dying for Daylight Shared
[2011/07/28 12:32:39 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dying for Daylight
[2011/07/28 12:32:39 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DragonsEye Studios
[2011/07/28 12:32:38 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ForgottenRiddles
[2011/07/28 12:32:38 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dragon Altar Games
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\FlyWheelGames
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\FloodLightGames
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Floodlight Games
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Flood Light Games
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\fallenShadowsStrategyGuide
[2011/07/28 12:32:36 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ERS G-Studio
[2011/07/28 12:32:35 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ERS Game Studios
[2011/07/28 12:32:15 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Enlightenus2_BFG
[2011/07/28 12:32:14 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Enki Games
[2011/07/28 12:32:14 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Elephant Games
[2011/07/28 12:32:13 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\EleFun Games
[2011/07/28 12:31:12 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DarkParablesBriarRose_BFG
[2011/07/28 12:31:12 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DailyMagic
[2011/07/28 12:31:11 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DivoGames
[2011/07/28 12:30:34 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\CursedOnboard
[2011/07/28 12:30:34 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\CattaleGames
[2011/07/28 12:30:34 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Camel101
[2011/07/28 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Boomzap
[2011/07/28 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Boolat Games
[2011/07/28 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Blue Tea Games
[2011/07/28 12:29:49 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Big Fish Games
[2011/07/28 12:29:49 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Az-Art
[2011/07/28 12:28:29 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Awem
[2011/07/28 12:28:29 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Artogon
[2011/07/28 12:28:01 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar
[2011/07/28 12:28:01 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\A Gypsy's Tale - The Tower of Secrets
[2011/07/28 12:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\iWin
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TheFallTrilogyEp3-BF
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TheFallTrilogyEp2-BF
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TheFallTrilogy
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SulusGames
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2011/07/28 12:22:15 | 000,000,000 | ---D | C] -- C:\ProgramData\JoyBits
[2011/07/28 12:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Cateia Games
[2011/07/28 12:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Deep Shadows
[2011/07/28 12:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Alawar Stargaze
[2011/07/28 12:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AdventureChronicles1
[2011/07/28 12:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2011/07/28 12:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/07/28 12:04:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011/07/28 11:56:56 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\acccore
[2011/07/28 11:56:55 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\AOL
[2011/07/28 11:56:55 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\AIM
[2011/07/28 11:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/07/28 11:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/07/28 11:56:35 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2011/07/28 11:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2011/07/28 11:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2011/07/28 11:46:05 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PandoraRecovery
[2011/07/28 11:43:00 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuva
[2011/07/28 11:25:30 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\BitTorrent

========== Files - Modified Within 30 Days ==========

[2011/08/27 12:30:48 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\The Goblin Kingdom CE.lnk
[2011/08/27 11:07:28 | 000,018,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/27 11:07:28 | 000,018,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/27 10:59:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/27 10:59:13 | 2767,052,800 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/27 08:09:19 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2011/08/27 05:21:56 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\The Secrets of Arcelia Island.lnk
[2011/08/23 07:54:48 | 000,012,800 | ---- | M] () -- C:\Users\Dominick J. Fontana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/21 10:55:22 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/08/21 10:55:13 | 000,628,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/21 10:55:13 | 000,108,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/21 10:14:02 | 000,118,259 | ---- | M] () -- C:\Users\Dominick J. Fontana\Documents\Settings.cfg
[2011/08/20 10:06:51 | 000,017,408 | ---- | M] () -- C:\Users\Dominick J. Fontana\AppData\Local\WebpageIcons.db
[2011/08/20 05:49:48 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/08/11 16:36:10 | 000,356,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/08/08 08:13:17 | 000,001,152 | ---- | M] () -- C:\Windows\System32\windrv.sys
[2011/08/07 07:32:43 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/08/07 07:32:43 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/08/07 07:31:56 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/08/07 07:24:41 | 000,000,164 | ---- | M] () -- C:\Windows\install.dat
[2011/07/31 11:25:52 | 000,001,416 | ---- | M] () -- C:\Users\Dominick J. Fontana\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/30 04:57:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2011/07/28 12:08:31 | 000,000,224 | ---- | M] () -- C:\Windows\System32\9B13A86D.plf
[2011/07/28 11:56:47 | 000,001,108 | -H-- | M] () -- C:\IPH.PH
[2011/07/28 11:56:40 | 000,001,888 | ---- | M] () -- C:\Users\Dominick J. Fontana\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk

========== Files Created - No Company Name ==========

[2011/08/27 12:30:48 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\The Goblin Kingdom CE.lnk
[2011/08/27 08:09:19 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2011/08/27 05:21:56 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\The Secrets of Arcelia Island.lnk
[2011/08/21 10:55:09 | 000,001,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/08/21 10:14:02 | 000,118,259 | ---- | C] () -- C:\Users\Dominick J. Fontana\Documents\Settings.cfg
[2011/08/20 10:06:49 | 000,017,408 | ---- | C] () -- C:\Users\Dominick J. Fontana\AppData\Local\WebpageIcons.db
[2011/08/19 09:03:52 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NST\0102000.006\isolate.ini
[2011/08/08 08:13:17 | 000,001,152 | ---- | C] () -- C:\Windows\System32\windrv.sys
[2011/08/07 07:32:43 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/08/07 07:32:43 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/08/07 07:24:41 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2011/07/31 11:25:52 | 000,001,422 | ---- | C] () -- C:\Users\Dominick J. Fontana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/07/31 11:25:52 | 000,001,416 | ---- | C] () -- C:\Users\Dominick J. Fontana\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/30 04:57:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2011/07/29 09:52:57 | 000,012,800 | ---- | C] () -- C:\Users\Dominick J. Fontana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/29 09:09:05 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2011/07/29 08:50:21 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/07/29 07:56:46 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011/07/29 07:24:11 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/07/29 07:23:58 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/07/29 07:22:47 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/07/29 07:22:41 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011/07/29 07:22:34 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011/07/28 11:56:40 | 000,001,888 | ---- | C] () -- C:\Users\Dominick J. Fontana\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/07/28 11:41:19 | 000,000,224 | ---- | C] () -- C:\Windows\System32\9B13A86D.plf
[2011/07/28 09:42:00 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/07/28 09:38:21 | 001,907,712 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011/07/28 09:38:21 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011/07/28 09:38:21 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011/07/28 09:38:21 | 000,009,728 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011/07/28 09:38:21 | 000,003,072 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011/07/27 13:13:17 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/07/27 12:11:43 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2011/07/27 12:10:15 | 000,022,723 | ---- | C] () -- C:\Windows\System32\cl31cl3.dll
[2011/07/27 11:31:50 | 000,001,044 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,356,504 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,628,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,108,160 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/08/06 06:38:08 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\2monkeys
[2011/07/28 12:28:01 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\A Gypsy's Tale - The Tower of Secrets
[2011/07/28 11:57:44 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\acccore
[2011/07/28 12:28:01 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar
[2011/08/03 06:13:13 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar Entertainment
[2011/08/20 10:58:56 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar Stargaze
[2011/07/27 13:34:31 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\AnvSoft
[2011/08/18 12:19:23 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Artifex Mundi
[2011/07/28 12:28:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Artogon
[2011/07/27 14:53:34 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\AVG10
[2011/07/28 12:28:29 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Awem
[2011/07/28 12:29:49 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Az-Art
[2011/07/28 12:29:53 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Big Fish Games
[2011/08/27 07:36:13 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\BitTorrent
[2011/08/01 13:29:17 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Blue Tea Games
[2011/07/28 12:29:53 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Boolat Games
[2011/08/27 12:32:59 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Boomzap
[2011/07/31 11:57:41 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\BrablGames
[2011/07/28 12:30:34 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Camel101
[2011/08/25 08:38:32 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Casual Box
[2011/07/28 12:30:34 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\CattaleGames
[2011/07/28 12:30:34 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\CursedOnboard
[2011/07/28 10:53:13 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DAEMON Tools Pro
[2011/07/28 12:31:12 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DailyMagic
[2011/07/28 12:31:12 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DarkParablesBriarRose_BFG
[2011/08/06 06:15:24 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Die Saeule der Maya
[2011/07/28 12:31:11 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DivoGames
[2011/07/28 12:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dragon Altar Games
[2011/07/28 12:32:39 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DragonsEye Studios
[2011/08/03 05:21:36 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DriverCure
[2011/07/28 12:32:39 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dying for Daylight
[2011/07/28 12:32:39 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dying for Daylight Shared
[2011/07/28 12:32:13 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\EleFun Games
[2011/08/10 06:54:47 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Elephant Games
[2011/07/28 12:32:15 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Enki Games
[2011/07/28 12:32:15 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Enlightenus2_BFG
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ERS G-Studio
[2011/08/14 07:02:45 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ERS Game Studios
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\fallenShadowsStrategyGuide
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Flood Light Games
[2011/08/15 13:49:22 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Floodlight Games
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\FloodLightGames
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\FlyWheelGames
[2011/07/28 12:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ForgottenRiddles
[2011/07/28 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Fugazo
[2011/07/28 12:33:28 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\funkitron
[2011/07/28 12:33:28 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Funswitch
[2011/07/28 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Fuzzy Bug Interactive
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GameInvest
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GameMill Entertainment
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gamers Digital
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Games
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GarageGames
[2011/07/28 12:34:40 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gestalt Games
[2011/08/08 08:12:32 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GetRightToGo
[2011/07/28 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Ghost Ship Studios
[2011/07/28 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gogii
[2011/07/28 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Happy Muffin Top
[2011/08/25 08:28:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\HdO Adventure
[2011/08/27 05:36:18 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\HitPoint Studios
[2011/07/28 12:34:58 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\IntrigueIncRavensFlightStrategyGuide
[2011/08/26 13:50:57 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\IObit
[2011/07/28 12:35:32 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Islands
[2011/07/28 12:35:32 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\iWin
[2011/07/30 23:51:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Jetdogs Studios
[2011/07/28 12:37:16 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\JoyBits
[2011/07/28 12:37:22 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Lazy Turtle Games
[2011/08/05 06:53:53 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Leadertech
[2011/07/28 12:37:22 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LegacyInteractive
[2011/07/28 12:37:22 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LestaStudio
[2011/07/28 12:37:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Lionhead Studios
[2011/07/28 12:37:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LittleGamesCompany
[2011/08/06 09:13:56 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\MagicIndie
[2011/07/28 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\margrave3_full
[2011/07/28 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Maximize Games
[2011/07/28 12:39:02 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Millennium Secrets - Roxannes Necklace Strategy Guide
[2011/07/28 12:39:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Monkey Barrel Games
[2011/07/28 12:39:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\MumboJumbo
[2011/07/28 12:40:11 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\My Games
[2011/07/28 12:40:11 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mystery of Mortlake Mansion
[2011/07/28 12:40:11 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Namco
[2011/07/28 11:46:06 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PandoraRecovery
[2011/08/03 05:21:36 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ParetoLogic
[2011/07/28 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Phantasmat_bf_ce1
[2011/07/28 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PlayFirst
[2011/07/28 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PlayPond
[2011/07/28 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Princess Isabella
[2011/08/18 11:28:06 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ReelDealSlotQuest_Alice
[2011/08/18 12:08:02 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ReelDealSlotQuest_TheMuseumEscape
[2011/08/26 13:54:57 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Remote
[2011/07/28 12:42:27 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SerpentOfIsis
[2011/07/28 12:42:45 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Silverback Productions
[2011/07/28 12:42:45 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Skunk Studios
[2011/08/22 23:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Specialbit
[2011/07/28 12:43:06 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SpinTop Games
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SulusGames
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Ten Heavens
[2011/07/28 12:44:14 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TOMI2.THE GATES OF FATE
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TOMI3
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Top Evidence
[2011/08/17 12:36:50 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Total Eclipse
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TrickySoftware
[2011/07/28 10:24:00 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TuneUp Software
[2011/08/21 23:28:23 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Twilight Games
[2011/07/28 12:45:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ValuSoft
[2011/07/28 12:45:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\VampireSagaHL
[2011/08/09 05:45:23 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Vast Studios
[2011/07/28 12:45:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\VendelGAMES
[2011/08/06 07:11:50 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Vogat Interactive
[2011/07/28 12:45:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\WhiteBirdsProductions
[2011/08/27 07:04:07 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2009/04/25 07:59:16 | 000,132,597 | ---- | M] () -- C:\Flash_Disinfector (1).exe
[2009/04/25 07:59:16 | 000,132,597 | ---- | M] () -- C:\Flash_Disinfector.exe


< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\win7windows\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\win7windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\win7windows\System32\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\win7windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\win7windows\System32\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\win7windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 02:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 01:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 21:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\win7windows\System32\winlogon.exe
[2009/07/13 21:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\win7windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2009/07/13 21:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 194 bytes -> C:\ProgramData\TEMP:8E5EA40F
@Alternate Data Stream - 189 bytes -> C:\ProgramData\TEMP:EE198B1F
@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:87A3A233
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:E0888117
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:DE875C30
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:6EE8565A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2C86E2AD
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E5496666
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:012BC84F
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:16F4BC64
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:9195103F
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:4C3D5A8B
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D999FFD5
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:F89F2593
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:E6708F08
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:48D3CC24
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:13FB6DB8

< End of report >





OTL Extras logfile created on: 8/27/2011 11:04:49 AM - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = E:\Geeks To Go\Geeks To Go
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.44 Gb Total Physical Memory | 2.57 Gb Available Physical Memory | 74.82% Memory free
13.74 Gb Paging File | 12.75 Gb Available in Paging File | 92.80% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 45.20 Gb Total Space | 12.46 Gb Free Space | 27.55% Space Free | Partition Type: NTFS
Drive D: | 243.87 Gb Total Space | 32.56 Gb Free Space | 13.35% Space Free | Partition Type: NTFS
Drive E: | 176.69 Gb Total Space | 49.19 Gb Free Space | 27.84% Space Free | Partition Type: NTFS

Computer Name: FONTANA | User Name: Dominick J. Fontana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "D:\Programs\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "D:\Programs\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1a61e85f-83db-4986-b42f-4b4eb1942643}" = Nero 9
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 26
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{33BC9D7E-E790-495E-A4EA-CFB160C17A91}" = Logitech Gaming Software 5.08
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C5F82A1-F792-48F9-99BE-8AFE123A23D5}" = DISC TITLE PRINTER
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AB445D0-CD91-47CC-B1A9-A654B4B261E4}" = AMD CPUInfo
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9BD2DD45-8763-4F12-BDC6-958FCFEF0FCB}" = Microsoft IntelliType Pro 8.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DCD3471D-4DDA-4DC2-8B9F-A662D0C362AC}" = Linksys Wireless-N USB Network Adapter Driver - WUSB300N
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"AIM_7" = AIM 7
"Any Audio Converter_is1" = Any Audio Converter 3.1.7
"Any Video Converter_is1" = Any Video Converter 3.1.8
"Audacity_is1" = Audacity 1.2.6
"Awakening 3 - The Goblin Kingdom CE1.0" = Awakening 3 - The Goblin Kingdom CE
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"DAEMON Tools Pro" = DAEMON Tools Pro
"Disk Heal" = Disk Heal
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 3.5 Home Edition
"FrostWire 5" = FrostWire 5.0.8
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"NST" = Norton Safe Web Lite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PandoraRecovery" = PandoraRecovery (Remove Only)
"PowerISO" = PowerISO
"Recuva" = Recuva
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"sp6" = Logitech SetPoint 6.30
"StartNow Toolbar" = StartNow Toolbar
"The Secrets of Arcelia Island1.0" = The Secrets of Arcelia Island
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinRAR archiver" = WinRAR archiver
"Yahoo! SiteBuilder" = Yahoo! SiteBuilder

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/27/2011 7:45:59 AM | Computer Name = Fontana | Source = VSS | ID = 8194
Description =

Error - 8/27/2011 7:46:00 AM | Computer Name = Fontana | Source = VSS | ID = 8193
Description =

Error - 8/27/2011 7:46:37 AM | Computer Name = Fontana | Source = VSS | ID = 8193
Description =

Error - 8/27/2011 7:50:31 AM | Computer Name = Fontana | Source = Application Hang | ID = 1002
Description = The program msseces.exe version 2.1.1116.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 774 Start
Time: 01cc64a60b0d8d40 Termination Time: 14 Application Path: C:\Program Files\Microsoft
Security Client\msseces.exe Report Id:

Error - 8/27/2011 9:06:39 AM | Computer Name = Fontana | Source = Application Hang | ID = 1002
Description = The program avscan.exe version 10.3.0.7 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 16d8 Start Time:
01cc64b9c4cf5840 Termination Time: 51452 Application Path: D:\Programs\Avira AntiVir
Personal\Avira\AntiVir Desktop\avscan.exe Report Id: 31fa74e1-d0ad-11e0-8366-d22b408aa434


Error - 8/27/2011 6:30:20 AM | Computer Name = Fontana | Source = VSS | ID = 8194
Description =

Error - 8/27/2011 6:30:20 AM | Computer Name = Fontana | Source = VSS | ID = 8193
Description =

Error - 8/27/2011 6:30:21 AM | Computer Name = Fontana | Source = VSS | ID = 8193
Description =

Error - 8/27/2011 8:25:59 AM | Computer Name = Fontana | Source = Application Error | ID = 1000
Description = Faulting application name: TheSecretsofArceliaIsland.exe, version:
1.0.1.10, time stamp: 0x4e571cad Faulting module name: ntdll.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7b96e Exception code: 0x80000003 Fault offset: 0x000a1827 Faulting
process id: 0x83c Faulting application start time: 0x01cc64b332961550 Faulting application
path: D:\Games\The Secrets of Arcelia Island\TheSecretsofArceliaIsland.exe Faulting
module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: b7e2c1d0-d0a7-11e0-9317-ca50910628ad

Error - 8/27/2011 8:26:47 AM | Computer Name = Fontana | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce79912 Faulting module name: msxml3.dll, version: 8.110.7601.17514,
time stamp: 0x4ce7b8e9 Exception code: 0xc0000005 Fault offset: 0x0002e64f Faulting
process id: 0x14f0 Faulting application start time: 0x01cc64b493886470 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\System32\msxml3.dll
Report
Id: d47f6f00-d0a7-11e0-9317-ca50910628ad

[ System Events ]
Error - 8/27/2011 11:11:18 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 8/27/2011 11:11:21 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 8/27/2011 11:11:24 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 8/27/2011 11:11:32 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 8/27/2011 11:11:36 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 8/27/2011 11:11:39 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 8/27/2011 11:11:43 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 8/27/2011 11:11:46 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 8/27/2011 11:11:49 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 8/27/2011 11:11:52 AM | Computer Name = Fontana | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.


< End of report >
  • 0

#7
Essexboy
Posted 28 August 2011 - 09:23 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A few more bits to go, I will also speed up FF a bit by removing redundant Java

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:61737
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 61737
    [2010/06/01 03:29:02 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
    [2009/11/01 20:40:52 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
    [2009/06/10 05:24:57 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    [2010/06/01 03:38:54 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/09/12 21:09:42 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/10/14 08:00:20 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    [2011/01/13 05:05:41 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    [2011/04/13 05:57:48 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    O4 - HKU\.DEFAULT..\Run: [lpc] C:\Users\Dominick J. Fontana\AppData\Roaming\Remote\kyste93.dll ()
    O4 - HKU\S-1-5-18..\Run: [lpc] C:\Users\Dominick J. Fontana\AppData\Roaming\Remote\kyste93.dll ()
    O20 - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000 Winlogon: Shell - (C:\Users\Dominick J. Fontana\AppData\Roaming\dwm.exe) - File not found

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


Once done could you check the following please and ensure they function normally :

Safe Mode
System Restore
Windows updates
  • 0

#8
Dom Fontana
Posted 28 August 2011 - 09:44 AM

Dom Fontana

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Here's the log OTL produced after I rebooted

All processes killed
========== OTL ==========
HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 61737 removed from network.proxy.http_port
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome\content folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\chrome folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome\content folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\chrome folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome\content folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\chrome folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome\content folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\chrome folder moved successfully.
D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} folder moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\lpc deleted successfully.
C:\Users\Dominick J. Fontana\AppData\Roaming\Remote\kyste93.dll moved successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\lpc not found.
File C:\Users\Dominick J. Fontana\AppData\Roaming\Remote\kyste93.dll not found.
Registry value HKEY_USERS\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Dominick J. Fontana\AppData\Roaming\dwm.exe deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
E:\Geeks To Go\Geeks To Go\cmd.bat deleted successfully.
E:\Geeks To Go\Geeks To Go\cmd.txt deleted successfully.
========== COMMANDS ==========
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Dominick J. Fontana
->Temp folder emptied: 105249620 bytes
->Temporary Internet Files folder emptied: 35713775 bytes
->Java cache emptied: 10238 bytes
->FireFox cache emptied: 18294492 bytes
->Flash cache emptied: 2178 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13816885 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 165.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Dominick J. Fontana
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb



OTL by OldTimer - Version 3.2.26.6 log created on 08272011_113438

Files\Folders moved on Reboot...
C:\Users\Dominick J. Fontana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KCKAXDQX\fc[2].htm moved successfully.
C:\Users\Dominick J. Fontana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JHPBSPWH\welcome[2].htm moved successfully.
File\Folder C:\Users\Dominick J. Fontana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GI611E8\fastbutton[1].htm not found!
File\Folder C:\Users\Dominick J. Fontana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GI611E8\like[1].htm not found!
C:\Users\Dominick J. Fontana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GI611E8\login_status[4].htm moved successfully.
C:\Users\Dominick J. Fontana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4GI611E8\page__gopid__2054502[1].txt moved successfully.
C:\Users\Dominick J. Fontana\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...



Here is the log after the Quick Scan:

OTL logfile created on: 8/27/2011 11:39:56 AM - Run 2
OTL by OldTimer - Version 3.2.26.6 Folder = E:\Geeks To Go\Geeks To Go
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.44 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 74.00% Memory free
13.74 Gb Paging File | 12.76 Gb Available in Paging File | 92.84% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 45.20 Gb Total Space | 12.57 Gb Free Space | 27.80% Space Free | Partition Type: NTFS
Drive D: | 243.87 Gb Total Space | 32.56 Gb Free Space | 13.35% Space Free | Partition Type: NTFS
Drive E: | 176.69 Gb Total Space | 49.19 Gb Free Space | 27.84% Space Free | Partition Type: NTFS

Computer Name: FONTANA | User Name: Dominick J. Fontana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/27 11:03:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- E:\Geeks To Go\Geeks To Go\OTL.exe
PRC - [2011/07/27 07:06:44 | 000,267,488 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- D:\Programs\Malwarebytes Anti-Malware Pro\mbamgui.exe
PRC - [2011/06/23 19:44:22 | 001,386,776 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011/06/17 03:35:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
PRC - [2011/06/15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- D:\Programs\Advanced SystemCare 4\ASCService.exe
PRC - [2011/05/20 14:00:34 | 000,671,552 | ---- | M] (TuneUp Software) -- D:\Programs\TuneUp Utilities 2009\TuneUpUtilitiesApp32.exe
PRC - [2011/05/20 13:58:28 | 001,523,008 | ---- | M] (TuneUp Software) -- D:\Programs\TuneUp Utilities 2009\TuneUpUtilitiesService32.exe
PRC - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/23 22:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- D:\Programs\Seagate Manager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- D:\Programs\Seagate Manager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/09/16 21:14:48 | 000,153,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe
PRC - [2009/08/28 01:40:50 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008/11/02 04:38:58 | 000,167,936 | ---- | M] (PowerISO Computing, Inc.) -- D:\Programs\PowerISO\PWRISOVM.EXE
PRC - [2008/01/17 07:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/06/23 19:44:34 | 000,877,848 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2009/08/28 01:40:50 | 000,606,208 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/07/29 07:28:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/07/27 07:06:44 | 000,267,488 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Programs\Malwarebytes Anti-Malware Pro\mbamservice.exe -- (MBAMService)
SRV - [2011/06/17 03:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- D:\Programs\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/05/20 13:58:28 | 001,523,008 | ---- | M] (TuneUp Software) [Auto | Running] -- D:\Programs\TuneUp Utilities 2009\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/05/20 13:55:28 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/23 22:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe -- (NSL)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- D:\Programs\Seagate Manager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/09/24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV - [2011/08/27 11:36:59 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB8652A4-05FF-44A8-957F-D3C6D9341628}\MpKsl97432332.sys -- (MpKsl97432332)
DRV - [2011/08/27 09:09:50 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB8652A4-05FF-44A8-957F-D3C6D9341628}\MpKslf3843a20.sys -- (MpKslf3843a20)
DRV - [2011/07/28 10:39:24 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/30 08:00:20 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011/04/30 08:00:18 | 000,039,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011/04/30 08:00:06 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/26 15:30:20 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- D:\Programs\TuneUp Utilities 2009\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/08/12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010/07/10 05:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/09/11 12:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009/09/11 12:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009/09/11 12:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009/09/11 12:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2009/07/13 18:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/04/22 14:32:20 | 000,042,552 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2009/02/25 20:22:12 | 000,009,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2009/02/25 20:22:12 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2008/11/02 04:44:10 | 000,056,572 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/03/19 08:10:54 | 000,310,016 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MRVW24B.sys -- (MRV6X32U) Marvell TOPDOG 802.11n WLAN Driver for Vista x86 (USB8x)
DRV - [2007/08/12 22:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.mc28.mail.....jsrand=5992681
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 35 21 12 73 4C CC 01 [binary data]
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://us.mc12.mail....rand=1133327982
IE - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?..._date=20110828"
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.2.20080910
FF - prefs.js..extensions.enabledItems: {766fca73-0742-b02b-8971-c78fe158c4ba}:4.6.7.7
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1390
FF - prefs.js..network.proxy.http: ""
FF - prefs.js..network.proxy.http_port: ""
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..keyword.URL: "http://www.bing.com/...te=20110828&q="


FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ [2011/08/19 09:03:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: D:\Programs\Firefox\components [2011/07/28 09:44:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: D:\Programs\Firefox\plugins [2011/07/28 09:44:21 | 000,000,000 | ---D | M]

[2011/07/28 09:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Extensions
[2011/08/27 06:52:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Firefox\Profiles\8ixxrqmh.default\extensions
[2011/08/27 06:52:24 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Firefox\Profiles\8ixxrqmh.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/07/28 09:42:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Firefox\Profiles\8ixxrqmh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/27 06:52:20 | 000,001,945 | ---- | M] () -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mozilla\Firefox\Profiles\8ixxrqmh.default\searchplugins\bing-zugo.xml
[2011/07/28 09:43:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/28 09:43:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/07 06:14:34 | 000,000,000 | ---D | M] (No name found) -- D:\PROGRAMS\AVG10\FIREFOX
[2011/07/28 09:44:21 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{635ABD67-4FE9-1B23-4F01-E679FA7484C1}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{766FCA73-0742-B02B-8971-C78FE158C4BA}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/05/08 12:05:24 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAMS\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

O1 HOSTS File: ([2011/08/27 11:34:42 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Windows Live ID Sign-in Helper) - {07B0072D-738F-5709-0AB6-3DB75BBA3B64} - Reg Error: Value error. File not found
O2 - BHO: (Adobe PDF Link Helper) - {5D677C6A-5DF8-1A13-778F-6D1862067DB6} - Reg Error: Value error. File not found
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programs\Malwarebytes Anti-Malware Pro\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] D:\Programs\Seagate Manager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] D:\Programs\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartNowToolbarHelper] File not found
O4 - HKLM..\Run: [Windows Mobile Device Center] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Programs\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programs\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-4097588345-1287629508-3253405396-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O27 - HKLM IFEO\dtagent.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\dtimgeditor.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\dtpro.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\sptdinst-x86.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - "D:\Programs\TuneUp Utilities 2009\TUAutoReactivator32.exe" (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/05/03 09:38:31 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/10/18 21:32:16 | 000,200,524 | ---- | M] () - D:\AUTO.pat -- [ NTFS ]
O32 - AutoRun File - [2010/10/18 21:32:16 | 000,019,488 | ---- | M] () - D:\AUTO.pst -- [ NTFS ]
O32 - AutoRun File - [2009/04/25 08:05:20 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/23 09:54:29 | 000,000,000 | R--D | M] - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/27 12:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Awakening 3 - The Goblin Kingdom CE
[2011/08/27 07:45:59 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Malwarebytes
[2011/08/27 07:45:19 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/08/27 07:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/27 07:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/27 07:45:14 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/08/27 06:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2011/08/27 05:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/08/27 05:36:18 | 000,000,000 | ---D | C] -- C:\ProgramData\HitPoint Studios
[2011/08/27 05:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Secrets of Arcelia Island
[2011/08/26 13:54:56 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Remote
[2011/08/26 11:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/08/26 06:54:59 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\FrostWire
[2011/08/26 06:54:40 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\.frostwire5
[2011/08/25 08:38:32 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Casual Box
[2011/08/21 23:28:23 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Twilight Games
[2011/08/21 11:15:15 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\CrashDumps
[2011/08/21 10:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/08/20 10:58:56 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar Stargaze
[2011/08/20 10:25:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/20 05:38:38 | 000,000,000 | --SD | C] -- C:\Users\Dominick J. Fontana\Documents\Passwords Database
[2011/08/20 05:06:19 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2011/08/20 05:06:19 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2011/08/19 09:18:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011/08/19 09:03:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST
[2011/08/19 09:03:52 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Safe Web Lite
[2011/08/19 09:03:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST\0102000.006
[2011/08/18 12:19:23 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Artifex Mundi
[2011/08/18 12:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Time Mysteries - Inheritance
[2011/08/18 12:06:46 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ReelDealSlotQuest_TheMuseumEscape
[2011/08/18 11:26:33 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ReelDealSlotQuest_Alice
[2011/08/18 05:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/08/18 05:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/08/18 05:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011/08/15 13:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Floodlight Games
[2011/08/13 09:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\SpinTop Games
[2011/08/12 08:18:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\Documents\CoM
[2011/08/12 07:47:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2011/08/12 07:47:10 | 000,000,000 | ---D | C] -- C:\DirectX 9
[2011/08/11 12:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard
[2011/08/11 12:55:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2011/08/09 05:26:00 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Total Eclipse
[2011/08/08 06:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/08/08 06:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/08 06:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/08/08 06:51:18 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/08/07 07:31:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011/08/07 07:31:56 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/08/07 07:30:34 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\Sunbelt Software
[2011/08/07 07:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011/08/07 07:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/08/07 07:24:47 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\PackageAware
[2011/08/07 05:34:00 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GetRightToGo
[2011/08/06 06:38:08 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\2monkeys
[2011/08/06 06:15:24 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Die Saeule der Maya
[2011/08/06 06:15:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Die Saeule der Maya
[2011/08/05 23:07:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\1085
[2011/08/05 09:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Elephant Games
[2011/08/05 07:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011/08/05 06:53:53 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Leadertech
[2011/08/05 06:53:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2011/08/05 06:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2011/08/05 06:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2011/08/05 06:50:49 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Logitech
[2011/08/05 06:50:49 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Logishrd
[2011/08/05 06:50:31 | 000,000,000 | ---D | C] -- C:\SetPoint
[2011/08/04 23:07:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\Documents\Jade Rousseau S01E01
[2011/08/04 23:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2011/08/03 06:13:13 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar Entertainment
[2011/08/03 05:54:51 | 000,000,000 | ---D | C] -- C:\Windows\Nightmare Realm Collector's Edition
[2011/08/03 05:21:36 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ParetoLogic
[2011/08/03 05:21:36 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DriverCure
[2011/08/03 05:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2011/08/01 06:44:17 | 000,000,000 | ---D | C] -- C:\Logitech Mouse Connection Utility
[2011/07/31 13:25:56 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/07/31 11:57:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\BrablGames
[2011/07/31 11:57:22 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\ElevatedDiagnostics
[2011/07/31 11:12:18 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011/07/30 12:45:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2011/07/29 23:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/07/29 23:16:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\2064
[2011/07/29 23:15:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\3051
[2011/07/29 08:57:17 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2011/07/29 08:50:23 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\Apple
[2011/07/29 08:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/07/29 08:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/07/29 07:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/07/29 07:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/07/29 07:50:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/07/29 07:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011/07/29 07:42:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011/07/29 07:41:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/07/29 07:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/07/29 07:28:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2011/07/29 07:23:05 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011/07/28 12:49:30 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Nero
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\WhiteBirdsProductions
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Vogat Interactive
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\VendelGAMES
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Vast Studios
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\VampireSagaHL
[2011/07/28 12:45:48 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ValuSoft
[2011/07/28 12:44:14 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TOMI2.THE GATES OF FATE
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TrickySoftware
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Top Evidence
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TOMI3
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Ten Heavens
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SunRay Games
[2011/07/28 12:44:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SulusGames
[2011/07/28 12:43:06 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SpinTop Games
[2011/07/28 12:43:05 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Specialbit
[2011/07/28 12:42:45 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Skunk Studios
[2011/07/28 12:42:45 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Silverback Productions
[2011/07/28 12:42:27 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SerpentOfIsis
[2011/07/28 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Princess Isabella
[2011/07/28 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PlayPond
[2011/07/28 12:42:03 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Phantasmat_bf_ce1
[2011/07/28 12:42:02 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PlayFirst
[2011/07/28 12:40:11 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Namco
[2011/07/28 12:40:11 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mystery of Mortlake Mansion
[2011/07/28 12:40:11 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\My Games
[2011/07/28 12:39:30 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\MumboJumbo
[2011/07/28 12:39:30 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Monkey Barrel Games
[2011/07/28 12:39:02 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Millennium Secrets - Roxannes Necklace Strategy Guide
[2011/07/28 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\margrave3_full
[2011/07/28 12:38:31 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\MagicIndie
[2011/07/28 12:38:30 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Maximize Games
[2011/07/28 12:37:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LittleGamesCompany
[2011/07/28 12:37:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Lionhead Studios
[2011/07/28 12:37:24 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Jetdogs Studios
[2011/07/28 12:37:22 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LestaStudio
[2011/07/28 12:37:22 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LegacyInteractive
[2011/07/28 12:37:22 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Lazy Turtle Games
[2011/07/28 12:37:16 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\JoyBits
[2011/07/28 12:35:32 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\iWin
[2011/07/28 12:35:32 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Islands
[2011/07/28 12:34:58 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\IntrigueIncRavensFlightStrategyGuide
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\HitPoint Studios
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GarageGames
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Games
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gamers Digital
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GameMill Entertainment
[2011/07/28 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GameInvest
[2011/07/28 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\HdO Adventure
[2011/07/28 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Happy Muffin Top
[2011/07/28 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gogii
[2011/07/28 12:34:41 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Ghost Ship Studios
[2011/07/28 12:34:40 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gestalt Games
[2011/07/28 12:33:28 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Funswitch
[2011/07/28 12:33:28 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\funkitron
[2011/07/28 12:33:27 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Fuzzy Bug Interactive
[2011/07/28 12:33:27 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Fugazo
[2011/07/28 12:32:39 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dying for Daylight Shared
[2011/07/28 12:32:39 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dying for Daylight
[2011/07/28 12:32:39 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DragonsEye Studios
[2011/07/28 12:32:38 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ForgottenRiddles
[2011/07/28 12:32:38 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dragon Altar Games
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\FlyWheelGames
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\FloodLightGames
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Floodlight Games
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Flood Light Games
[2011/07/28 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\fallenShadowsStrategyGuide
[2011/07/28 12:32:36 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ERS G-Studio
[2011/07/28 12:32:35 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ERS Game Studios
[2011/07/28 12:32:15 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Enlightenus2_BFG
[2011/07/28 12:32:14 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Enki Games
[2011/07/28 12:32:14 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Elephant Games
[2011/07/28 12:32:13 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\EleFun Games
[2011/07/28 12:31:12 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DarkParablesBriarRose_BFG
[2011/07/28 12:31:12 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DailyMagic
[2011/07/28 12:31:11 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DivoGames
[2011/07/28 12:30:34 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\CursedOnboard
[2011/07/28 12:30:34 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\CattaleGames
[2011/07/28 12:30:34 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Camel101
[2011/07/28 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Boomzap
[2011/07/28 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Boolat Games
[2011/07/28 12:29:53 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Blue Tea Games
[2011/07/28 12:29:49 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Big Fish Games
[2011/07/28 12:29:49 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Az-Art
[2011/07/28 12:28:29 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Awem
[2011/07/28 12:28:29 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Artogon
[2011/07/28 12:28:01 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar
[2011/07/28 12:28:01 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\A Gypsy's Tale - The Tower of Secrets
[2011/07/28 12:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\iWin
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TheFallTrilogyEp3-BF
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TheFallTrilogyEp2-BF
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TheFallTrilogy
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SulusGames
[2011/07/28 12:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2011/07/28 12:22:15 | 000,000,000 | ---D | C] -- C:\ProgramData\JoyBits
[2011/07/28 12:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Cateia Games
[2011/07/28 12:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Deep Shadows
[2011/07/28 12:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Alawar Stargaze
[2011/07/28 12:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AdventureChronicles1
[2011/07/28 12:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2011/07/28 12:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2011/07/28 12:04:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2011/07/28 11:56:56 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\acccore
[2011/07/28 11:56:55 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\AOL
[2011/07/28 11:56:55 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Local\AIM
[2011/07/28 11:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\AIM
[2011/07/28 11:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2011/07/28 11:56:35 | 000,000,000 | ---D | C] -- C:\Program Files\AIM
[2011/07/28 11:56:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2011/07/28 11:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AOL
[2011/07/28 11:46:05 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PandoraRecovery
[2011/07/28 11:43:00 | 000,000,000 | ---D | C] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuva

========== Files - Modified Within 30 Days ==========

[2011/08/27 12:30:48 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\The Goblin Kingdom CE.lnk
[2011/08/27 11:36:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/27 11:36:51 | 2767,052,800 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/27 11:34:42 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/08/27 11:07:28 | 000,018,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/27 11:07:28 | 000,018,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/27 08:09:19 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2011/08/27 05:21:56 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\The Secrets of Arcelia Island.lnk
[2011/08/23 07:54:48 | 000,012,800 | ---- | M] () -- C:\Users\Dominick J. Fontana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/21 10:55:22 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/08/21 10:55:13 | 000,628,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/21 10:55:13 | 000,108,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/21 10:14:02 | 000,118,259 | ---- | M] () -- C:\Users\Dominick J. Fontana\Documents\Settings.cfg
[2011/08/20 10:06:51 | 000,017,408 | ---- | M] () -- C:\Users\Dominick J. Fontana\AppData\Local\WebpageIcons.db
[2011/08/20 05:49:48 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/08/11 16:36:10 | 000,356,504 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/08/08 08:13:17 | 000,001,152 | ---- | M] () -- C:\Windows\System32\windrv.sys
[2011/08/07 07:32:43 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/08/07 07:32:43 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/08/07 07:31:56 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2011/08/07 07:24:41 | 000,000,164 | ---- | M] () -- C:\Windows\install.dat
[2011/07/31 11:25:52 | 000,001,416 | ---- | M] () -- C:\Users\Dominick J. Fontana\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/30 04:57:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2011/07/28 12:08:31 | 000,000,224 | ---- | M] () -- C:\Windows\System32\9B13A86D.plf
[2011/07/28 11:56:47 | 000,001,108 | -H-- | M] () -- C:\IPH.PH
[2011/07/28 11:56:40 | 000,001,888 | ---- | M] () -- C:\Users\Dominick J. Fontana\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk

========== Files Created - No Company Name ==========

[2011/08/27 12:30:48 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\The Goblin Kingdom CE.lnk
[2011/08/27 08:09:19 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2011/08/27 05:21:56 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\The Secrets of Arcelia Island.lnk
[2011/08/21 10:55:09 | 000,001,902 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/08/21 10:14:02 | 000,118,259 | ---- | C] () -- C:\Users\Dominick J. Fontana\Documents\Settings.cfg
[2011/08/20 10:06:49 | 000,017,408 | ---- | C] () -- C:\Users\Dominick J. Fontana\AppData\Local\WebpageIcons.db
[2011/08/19 09:03:52 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NST\0102000.006\isolate.ini
[2011/08/08 08:13:17 | 000,001,152 | ---- | C] () -- C:\Windows\System32\windrv.sys
[2011/08/07 07:32:43 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/08/07 07:32:43 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/08/07 07:24:41 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2011/07/31 11:25:52 | 000,001,422 | ---- | C] () -- C:\Users\Dominick J. Fontana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/07/31 11:25:52 | 000,001,416 | ---- | C] () -- C:\Users\Dominick J. Fontana\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/30 04:57:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2011/07/29 09:52:57 | 000,012,800 | ---- | C] () -- C:\Users\Dominick J. Fontana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/29 09:09:05 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2011/07/29 08:50:21 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/07/29 07:56:46 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011/07/29 07:24:11 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/07/29 07:23:58 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011/07/29 07:22:47 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/07/29 07:22:41 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011/07/29 07:22:34 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011/07/28 11:56:40 | 000,001,888 | ---- | C] () -- C:\Users\Dominick J. Fontana\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2011/07/28 11:41:19 | 000,000,224 | ---- | C] () -- C:\Windows\System32\9B13A86D.plf
[2011/07/28 09:42:00 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/07/28 09:38:21 | 001,907,712 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011/07/28 09:38:21 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011/07/28 09:38:21 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011/07/28 09:38:21 | 000,009,728 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011/07/28 09:38:21 | 000,003,072 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011/07/27 13:13:17 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/07/27 12:11:43 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2011/07/27 12:10:15 | 000,022,723 | ---- | C] () -- C:\Windows\System32\cl31cl3.dll
[2011/07/27 11:31:50 | 000,001,044 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,356,504 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,628,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,108,160 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/08/06 06:38:08 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\2monkeys
[2011/07/28 12:28:01 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\A Gypsy's Tale - The Tower of Secrets
[2011/07/28 11:57:44 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\acccore
[2011/07/28 12:28:01 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar
[2011/08/03 06:13:13 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar Entertainment
[2011/08/20 10:58:56 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Alawar Stargaze
[2011/07/27 13:34:31 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\AnvSoft
[2011/08/18 12:19:23 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Artifex Mundi
[2011/07/28 12:28:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Artogon
[2011/07/27 14:53:34 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\AVG10
[2011/07/28 12:28:29 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Awem
[2011/07/28 12:29:49 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Az-Art
[2011/07/28 12:29:53 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Big Fish Games
[2011/08/27 07:36:13 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\BitTorrent
[2011/08/01 13:29:17 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Blue Tea Games
[2011/07/28 12:29:53 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Boolat Games
[2011/08/27 12:32:59 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Boomzap
[2011/07/31 11:57:41 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\BrablGames
[2011/07/28 12:30:34 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Camel101
[2011/08/25 08:38:32 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Casual Box
[2011/07/28 12:30:34 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\CattaleGames
[2011/07/28 12:30:34 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\CursedOnboard
[2011/07/28 10:53:13 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DAEMON Tools Pro
[2011/07/28 12:31:12 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DailyMagic
[2011/07/28 12:31:12 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DarkParablesBriarRose_BFG
[2011/08/06 06:15:24 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Die Saeule der Maya
[2011/07/28 12:31:11 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DivoGames
[2011/07/28 12:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dragon Altar Games
[2011/07/28 12:32:39 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DragonsEye Studios
[2011/08/03 05:21:36 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\DriverCure
[2011/07/28 12:32:39 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dying for Daylight
[2011/07/28 12:32:39 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Dying for Daylight Shared
[2011/07/28 12:32:13 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\EleFun Games
[2011/08/10 06:54:47 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Elephant Games
[2011/07/28 12:32:15 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Enki Games
[2011/07/28 12:32:15 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Enlightenus2_BFG
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ERS G-Studio
[2011/08/14 07:02:45 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ERS Game Studios
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\fallenShadowsStrategyGuide
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Flood Light Games
[2011/08/15 13:49:22 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Floodlight Games
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\FloodLightGames
[2011/07/28 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\FlyWheelGames
[2011/07/28 12:32:38 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ForgottenRiddles
[2011/07/28 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Fugazo
[2011/07/28 12:33:28 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\funkitron
[2011/07/28 12:33:28 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Funswitch
[2011/07/28 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Fuzzy Bug Interactive
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GameInvest
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GameMill Entertainment
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gamers Digital
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Games
[2011/07/28 12:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GarageGames
[2011/07/28 12:34:40 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gestalt Games
[2011/08/08 08:12:32 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\GetRightToGo
[2011/07/28 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Ghost Ship Studios
[2011/07/28 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Gogii
[2011/07/28 12:34:41 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Happy Muffin Top
[2011/08/25 08:28:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\HdO Adventure
[2011/08/27 05:36:18 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\HitPoint Studios
[2011/07/28 12:34:58 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\IntrigueIncRavensFlightStrategyGuide
[2011/08/26 13:50:57 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\IObit
[2011/07/28 12:35:32 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Islands
[2011/07/28 12:35:32 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\iWin
[2011/07/30 23:51:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Jetdogs Studios
[2011/07/28 12:37:16 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\JoyBits
[2011/07/28 12:37:22 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Lazy Turtle Games
[2011/08/05 06:53:53 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Leadertech
[2011/07/28 12:37:22 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LegacyInteractive
[2011/07/28 12:37:22 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LestaStudio
[2011/07/28 12:37:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Lionhead Studios
[2011/07/28 12:37:42 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\LittleGamesCompany
[2011/08/06 09:13:56 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\MagicIndie
[2011/07/28 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\margrave3_full
[2011/07/28 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Maximize Games
[2011/07/28 12:39:02 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Millennium Secrets - Roxannes Necklace Strategy Guide
[2011/07/28 12:39:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Monkey Barrel Games
[2011/07/28 12:39:30 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\MumboJumbo
[2011/07/28 12:40:11 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\My Games
[2011/07/28 12:40:11 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Mystery of Mortlake Mansion
[2011/07/28 12:40:11 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Namco
[2011/07/28 11:46:06 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PandoraRecovery
[2011/08/03 05:21:36 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ParetoLogic
[2011/07/28 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Phantasmat_bf_ce1
[2011/07/28 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PlayFirst
[2011/07/28 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\PlayPond
[2011/07/28 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Princess Isabella
[2011/08/18 11:28:06 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ReelDealSlotQuest_Alice
[2011/08/18 12:08:02 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ReelDealSlotQuest_TheMuseumEscape
[2011/08/27 11:34:41 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Remote
[2011/07/28 12:42:27 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SerpentOfIsis
[2011/07/28 12:42:45 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Silverback Productions
[2011/07/28 12:42:45 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Skunk Studios
[2011/08/22 23:38:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Specialbit
[2011/07/28 12:43:06 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SpinTop Games
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\SulusGames
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Ten Heavens
[2011/07/28 12:44:14 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TOMI2.THE GATES OF FATE
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TOMI3
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Top Evidence
[2011/08/17 12:36:50 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Total Eclipse
[2011/07/28 12:44:03 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TrickySoftware
[2011/07/28 10:24:00 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\TuneUp Software
[2011/08/21 23:28:23 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Twilight Games
[2011/07/28 12:45:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\ValuSoft
[2011/07/28 12:45:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\VampireSagaHL
[2011/08/09 05:45:23 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Vast Studios
[2011/07/28 12:45:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\VendelGAMES
[2011/08/06 07:11:50 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\Vogat Interactive
[2011/07/28 12:45:48 | 000,000,000 | ---D | M] -- C:\Users\Dominick J. Fontana\AppData\Roaming\WhiteBirdsProductions
[2011/08/27 07:04:07 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 194 bytes -> C:\ProgramData\TEMP:8E5EA40F
@Alternate Data Stream - 189 bytes -> C:\ProgramData\TEMP:EE198B1F
@Alternate Data Stream - 179 bytes -> C:\ProgramData\TEMP:87A3A233
@Alternate Data Stream - 158 bytes -> C:\ProgramData\TEMP:E0888117
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:DE875C30
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:6EE8565A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2C86E2AD
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:E5496666
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:012BC84F
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:16F4BC64
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:9195103F
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:4C3D5A8B
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D999FFD5
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:F89F2593
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:E6708F08
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:48D3CC24
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:13FB6DB8

< End of report >
  • 0

#9
Essexboy
Posted 28 August 2011 - 09:47 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is it running now ?
  • 0

#10
Dom Fontana
Posted 28 August 2011 - 09:55 AM

Dom Fontana

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Okay, I just finished.

I checked System Restore and it had the OTL Restore point and another one from MS Security Essentials. So that seems to work.

Then I checked Windows Update and there was a MS Security Esentials update so I downloaded that, so that works.

Then I rebooted in Safe Mode and that works.

I will surf around a bit now to se if I get redirected.

BTW, what anti-virus and anti-malware programs do you use on your computer?
  • 0

Advertisements

#11
Essexboy
Posted 28 August 2011 - 09:57 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I use Avast Internet Security ( a freeebie :) ) and Malwarebytes. Thats it
  • 0

#12
Dom Fontana
Posted 28 August 2011 - 10:01 AM

Dom Fontana

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Yippee-Yahoo! :) I'm pretty sure we got it. Before, in Yahoo Search, it always redirected immediately. Now I just tried about a dozen links from the search page and they were all fine. Plus, the computer seems snappy again and my HD is not making a whirring noise and working in the background like before.

This is great and you fixed it very fast, too.

I can't thank you enough, Essexboy. You are very good at what you do and thanks so much for helping me. I truly appreciate it.

Just let me know what you recommend I should use on my computer for virus and malware/spyware protection.

Thanks again.

Edited by Dom Fontana, 28 August 2011 - 10:07 AM.

  • 0

#13
Dom Fontana
Posted 28 August 2011 - 10:05 AM

Dom Fontana

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Okay, would your programs have prevented the rootkit virus or have been able to fix it?

With Malwarebytes, do you have the Pro version? The free version doesn't provide real-time protection.

The bottom line is, is that what you suggest I should use?

Edited by Dom Fontana, 28 August 2011 - 10:08 AM.

  • 0

#14
Essexboy
Posted 28 August 2011 - 10:09 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Just let me know what you recommend I should use on my computer for virus and malware/spyware protection.

This is a very subjective question as no antivirus is 100% at detection or removal. I always say go with the one that you are comfortable with and run a weekly scan with Malwarebytes, and being a heretic, I also recommend IE9. As when I need to download malware it will not let me and I have to use Firefox with a disabled antivirus... Smart filter on IE9 is good


Subject to no further problems :yes:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :unsure:
  • 0

#15
Dom Fontana
Posted 28 August 2011 - 10:14 AM

Dom Fontana

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 170 posts
Okay, I'll do all of that right now. I used to use AVG Free for a few years, but I was never crazy about it. Way too many false positives, very intrusive, and it won't let you turn the program off for more than 15 minutes. So I don't use that anymore.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP