Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cryptor/Heur Infection. Cannot remove. HELP!

Started by dshaw , Sep 09 2011 09:39 PM

  • This topic is locked This topic is locked

#1
dshaw
Posted 09 September 2011 - 09:39 PM

dshaw

    New Member

  • Member
  • Pip
  • 4 posts
Hi.
I'm new to this site, and stumbled across it while looking for a solution to the problem I will explain in a second. Hopefully someone can help me out.

Alright.
So some unknown time ago (around the 1 month range) I started getting popups from my AVG Internet Security warning me that it had blocked a threat. The notification window always referred to a "qvc.com/qic/wcs.exe" file, and either called the infection a "TrojanHorse.Win32/Heur" or, more recently a "Win32/Cryptor." To this point, I haven't been able to catch any suspicious processes running that would hint at an infection, and I haven't noticed any adverse effects on my computer, besides the notifications themselves. I have searched every inch of my computer and have not found any file by these names. Nor has a quick google search helped much. The first handful of times i was alerted of this "threat," I scanned my computer using AVG's scanner, which yielded no results. So I come to you guys, hoping someone can help me get rid of this annoying and possible extremely damaging (?) problem. The computer I'm running is a 2 month old Asus G53SW-A1, standard build, running Windows 7. If this infection (I have heard rumours of false positives), then it is most likely I picked up the virus during the time span where i didn't have any antivirus, while setting up my computer. I did some torrenting then so I wouldnt be too surprised...

The latest notification I received (from about 10 minutes ago) and my OTL results are attached.

Thanks ahead of time to anyone who replies to this.

OTL logfile created on: 9/9/2011 8:21:12 PM - Run 2
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Dylan's\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.98 Gb Total Physical Memory | 5.49 Gb Available Physical Memory | 68.78% Memory free
15.95 Gb Paging File | 13.07 Gb Available in Paging File | 81.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 174.66 Gb Total Space | 104.96 Gb Free Space | 60.10% Space Free | Partition Type: NTFS
Drive D: | 502.49 Gb Total Space | 347.53 Gb Free Space | 69.16% Space Free | Partition Type: NTFS
Drive F: | 6.32 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DYLANS-PC | User Name: Dylan's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/07 03:12:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/06 23:55:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Dylan's\Desktop\OTL.exe
PRC - [2011/09/06 12:39:23 | 008,250,368 | ---- | M] (MediaGet LLC) -- C:\Users\Dylan's\AppData\Local\MediaGet2\mediaget.exe
PRC - [2011/09/06 02:31:09 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/08/18 22:10:19 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011/08/03 05:39:53 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Games\Steam\Steam.exe
PRC - [2011/07/26 18:23:20 | 000,397,992 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011/04/15 21:36:03 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/04/15 20:58:57 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2011/04/14 11:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
PRC - [2011/03/21 11:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe
PRC - [2011/02/18 11:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgam.exe
PRC - [2011/01/20 02:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/12/26 18:34:24 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
PRC - [2010/10/07 14:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/10/07 09:43:00 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/20 18:47:50 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/17 14:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/08/12 17:54:04 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2010/05/24 15:44:48 | 000,151,552 | ---- | M] (Atheros) -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
PRC - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/02 14:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/05 16:06:02 | 001,152,288 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/12/19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
PRC - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/07 03:12:10 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/06 12:39:23 | 000,269,824 | ---- | M] () -- C:\Users\Dylan's\AppData\Local\MediaGet2\libtcmalloc_minimal.dll
MOD - [2011/09/06 12:39:22 | 008,173,568 | ---- | M] () -- C:\Users\Dylan's\AppData\Local\MediaGet2\QtGui4.dll
MOD - [2011/09/06 12:39:22 | 002,293,248 | ---- | M] () -- C:\Users\Dylan's\AppData\Local\MediaGet2\QtCore4.dll
MOD - [2011/09/06 12:39:22 | 000,971,776 | ---- | M] () -- C:\Users\Dylan's\AppData\Local\MediaGet2\QtNetwork4.dll
MOD - [2011/09/06 12:39:22 | 000,339,968 | ---- | M] () -- C:\Users\Dylan's\AppData\Local\MediaGet2\QtXml4.dll
MOD - [2011/09/06 12:39:22 | 000,266,752 | ---- | M] () -- C:\Users\Dylan's\AppData\Local\MediaGet2\phonon4.dll
MOD - [2011/09/06 12:39:22 | 000,220,672 | ---- | M] () -- C:\Users\Dylan's\AppData\Local\MediaGet2\imageformats\qmng4.dll
MOD - [2011/09/06 12:39:22 | 000,196,608 | ---- | M] () -- C:\Users\Dylan's\AppData\Local\MediaGet2\imageformats\qjpeg4.dll
MOD - [2011/09/06 12:39:22 | 000,026,624 | ---- | M] () -- C:\Users\Dylan's\AppData\Local\MediaGet2\imageformats\qgif4.dll
MOD - [2011/09/06 11:36:22 | 014,407,976 | ---- | M] () -- D:\Games\Steam\bin\libcef.dll
MOD - [2011/09/06 11:36:21 | 000,914,216 | ---- | M] () -- D:\Games\Steam\bin\avcodec-52.dll
MOD - [2011/09/06 11:36:21 | 000,190,248 | ---- | M] () -- D:\Games\Steam\bin\chromehtml.dll
MOD - [2011/09/06 11:36:21 | 000,155,432 | ---- | M] () -- D:\Games\Steam\bin\avformat-52.dll
MOD - [2011/09/06 11:36:21 | 000,091,432 | ---- | M] () -- D:\Games\Steam\bin\avutil-50.dll
MOD - [2011/08/18 22:10:19 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011/07/27 15:50:52 | 006,271,648 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/04/14 11:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
MOD - [2011/03/21 11:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
MOD - [2011/02/18 11:18:48 | 000,235,112 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010/12/26 18:34:24 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
MOD - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/12 17:54:04 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2009/11/02 14:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 14:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/30 13:19:52 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/16 16:07:42 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/09/06 02:31:09 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/08/12 10:51:34 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/04/15 21:33:34 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/04/15 21:33:30 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011/02/18 11:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/25 20:29:54 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/08/20 18:47:50 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/05/24 15:44:48 | 000,151,552 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/25 20:15:37 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/07/25 18:05:50 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/14 21:28:24 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/24 17:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/24 17:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/02/10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/02/01 12:13:38 | 000,173,160 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/12/28 12:45:53 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/25 20:30:12 | 000,275,616 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/11/25 20:30:12 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010/11/25 20:30:12 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010/11/25 20:30:12 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010/11/25 20:30:12 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010/11/25 20:30:12 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010/11/25 20:30:10 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010/11/05 08:45:47 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/01 00:16:34 | 000,013,312 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/21 09:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/08/12 06:13:29 | 001,388,080 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/08/03 03:43:13 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/07/12 04:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2010/07/08 01:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/16 16:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/03/23 16:37:34 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/11/18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/20 02:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2008/03/13 00:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2010/07/26 13:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...000f46d0425cc1c
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://search.babylo...ffID=101538&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/07/25 20:41:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/07 03:12:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/07/25 17:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan's\AppData\Roaming\Mozilla\Extensions
[2011/09/09 09:44:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan's\AppData\Roaming\Mozilla\Firefox\Profiles\b9tpncmg.default\extensions
[2011/09/08 09:21:00 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Dylan's\AppData\Roaming\Mozilla\Firefox\Profiles\b9tpncmg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/09/08 09:21:15 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Dylan's\AppData\Roaming\Mozilla\Firefox\Profiles\b9tpncmg.default\extensions\[email protected]
[2011/07/27 17:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/28 20:17:21 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/08/20 01:43:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\DYLAN'S\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B9TPNCMG.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
() (No name found) -- C:\USERS\DYLAN'S\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B9TPNCMG.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\DYLAN'S\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B9TPNCMG.DEFAULT\EXTENSIONS\[email protected]
[2011/09/07 03:12:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/06 12:39:16 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/08/21 17:33:36 | 000,006,611 | -HS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 74.208.73.101 qvc.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 103.67.101.13 trendmicro.com
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 177 more lines...
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SessionLogon] File not found
O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [MediaGet2] C:\Users\Dylan's\AppData\Local\MediaGet2\mediaget.exe (MediaGet LLC)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] D:\Games\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D0CCAF3-DCB6-4364-962D-D188714860CC}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E10DA65B-28ED-49D5-BABE-080BC28F8BFE}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/11 19:27:33 | 000,000,140 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{d1f8ae70-b735-11e0-aa73-e0b9a548f030}\Shell - "" = AutoRun
O33 - MountPoints2\{d1f8ae70-b735-11e0-aa73-e0b9a548f030}\Shell\AutoRun\command - "" = F:\Setup\rsrc\AUTORUN.EXE -- [2007/03/22 16:57:09 | 000,051,336 | R--- | M] ()
O33 - MountPoints2\{d1f8ae70-b735-11e0-aa73-e0b9a548f030}\Shell\dinstall\command - "" = F:\DirectX\DXSETUP.exe -- [2007/05/31 20:23:56 | 000,503,144 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/09 20:18:03 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\FLEXnet
[2011/09/09 20:18:02 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Nuance
[2011/09/09 20:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/09/09 20:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/09/07 01:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011/09/06 23:55:17 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Dylan's\Desktop\OTL.exe
[2011/09/06 17:20:55 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Media Get LLC
[2011/09/06 17:20:55 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\Media Get LLC
[2011/09/06 17:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
[2011/09/06 14:21:53 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\Documents\DeadIsland
[2011/09/06 14:19:10 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011/09/06 12:39:15 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\Babylon
[2011/09/06 12:39:11 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Babylon
[2011/09/06 12:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2011/09/06 12:38:58 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\MediaGet2
[2011/09/06 02:23:05 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\PunkBuster
[2011/09/06 00:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/09/06 00:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/09/06 00:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/09/06 00:45:07 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/09/05 01:05:22 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Audacity
[2011/09/05 01:05:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
[2011/09/04 01:27:41 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/09/03 17:59:42 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\PhotoScape
[2011/09/03 17:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2011/09/03 17:59:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2011/09/03 17:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/09/03 17:44:31 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\Downloaded Installations
[2011/09/03 17:44:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
[2011/09/03 17:44:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carbonite
[2011/09/03 17:44:21 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2011/09/03 17:41:32 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Leadertech
[2011/09/02 11:26:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/09/02 11:26:49 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\SystemRequirementsLab
[2011/09/01 21:24:20 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\.minecraft
[2011/08/31 00:10:16 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\Documents\LOLReplay
[2011/08/31 00:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay
[2011/08/30 22:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/08/30 22:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/30 22:41:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/08/30 22:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/08/30 22:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/30 22:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/08/28 20:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/28 02:33:11 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManyCam
[2011/08/28 02:33:05 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\ManyCam
[2011/08/28 02:33:04 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\ManyCam
[2011/08/28 02:32:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2011/08/28 02:32:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam
[2011/08/27 17:05:41 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\Documents\Games for Windows - LIVE Demos
[2011/08/27 17:04:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011/08/27 17:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011/08/27 17:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/08/27 13:24:48 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\Desktop\trololol
[2011/08/26 01:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/08/26 01:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/08/26 01:25:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/08/26 01:25:01 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/08/26 01:25:01 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/08/25 21:30:57 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Download Manager
[2011/08/25 15:51:33 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\iTunesKeys2
[2011/08/25 15:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunesKeys
[2011/08/25 15:49:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunesKeys
[2011/08/24 22:27:13 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\Mod_Manager
[2011/08/21 19:00:37 | 000,071,527 | -HS- | C] (SenseLog LLC) -- C:\Windows\digtss.exe
[2011/08/21 19:00:34 | 000,065,894 | -HS- | C] (SenseLog LLC) -- C:\Windows\pfbstar.exe
[2011/08/21 19:00:02 | 000,071,527 | -HS- | C] (SenseLog LLC) -- C:\Windows\cpdat.exe
[2011/08/21 19:00:00 | 000,071,526 | -HS- | C] (SenseLog LLC) -- C:\Windows\ptw32.exe
[2011/08/19 14:57:06 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\riotsGamesLogs
[2011/08/19 14:42:51 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\LolClient
[2011/08/19 10:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011/08/18 22:10:24 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\PMB Files
[2011/08/18 22:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/08/18 22:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011/08/13 23:57:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/08/11 20:03:12 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/08/11 03:07:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/09 20:20:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\At5.job
[2011/09/09 20:20:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\At15.job
[2011/09/09 20:20:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\At10.job
[2011/09/09 20:15:04 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\At9.job
[2011/09/09 20:15:04 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\At4.job
[2011/09/09 20:15:04 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\At14.job
[2011/09/09 20:14:00 | 000,081,388 | ---- | M] () -- C:\Users\Dylan's\Desktop\Untitled.png
[2011/09/09 20:14:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/09 20:10:37 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\At3.job
[2011/09/09 20:10:04 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\At8.job
[2011/09/09 20:10:00 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\At13.job
[2011/09/09 20:05:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\At7.job
[2011/09/09 20:05:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\At2.job
[2011/09/09 20:05:04 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\At12.job
[2011/09/09 19:04:12 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/09 19:04:12 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/09 19:04:12 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/09 19:01:34 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\At1.job
[2011/09/09 19:01:32 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\At11.job
[2011/09/09 19:01:31 | 000,071,527 | -HS- | M] (SenseLog LLC) -- C:\Windows\digtss.exe
[2011/09/09 19:01:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/09 19:01:31 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/09 19:01:29 | 000,065,894 | -HS- | M] (SenseLog LLC) -- C:\Windows\pfbstar.exe
[2011/09/09 19:01:28 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\At6.job
[2011/09/09 19:01:26 | 000,071,527 | -HS- | M] (SenseLog LLC) -- C:\Windows\cpdat.exe
[2011/09/09 19:01:24 | 000,071,526 | -HS- | M] (SenseLog LLC) -- C:\Windows\ptw32.exe
[2011/09/09 17:03:31 | 131,602,358 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/09/09 17:01:08 | 000,108,868 | ---- | M] () -- C:\Users\Dylan's\Desktop\4df16a2d2a581eec14f7956cfa833f7f_18885342.jpg
[2011/09/09 09:41:46 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/09/09 09:41:41 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/09 09:09:26 | 131,577,518 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm.old
[2011/09/09 09:05:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/09 09:05:22 | 2129,518,591 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/07 13:11:58 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/09/07 13:11:58 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/07 12:08:50 | 000,000,553 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty 4 - Modern Warfare Singleplayer.lnk
[2011/09/07 12:06:43 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/09/07 12:06:29 | 000,000,553 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty 4 - Modern Warfare Multiplayer.lnk
[2011/09/07 11:20:27 | 000,660,945 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2011/09/07 03:11:51 | 000,000,363 | ---- | M] () -- C:\Users\Dylan's\Documents\Recent Places - Shortcut.lnk
[2011/09/07 01:50:20 | 000,000,289 | ---- | M] () -- C:\Windows\game.ini
[2011/09/06 23:55:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Dylan's\Desktop\OTL.exe
[2011/09/06 17:21:05 | 000,002,286 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/09/06 14:19:10 | 000,000,207 | ---- | M] () -- C:\Users\Dylan's\Desktop\Dead Island.url
[2011/09/06 11:54:41 | 013,245,271 | ---- | M] () -- C:\Users\Dylan's\Desktop\Qtracker492.exe
[2011/09/06 02:31:09 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/06 02:02:01 | 005,977,911 | ---- | M] () -- C:\Users\Dylan's\Desktop\COD4MW_EPC_pack.rar
[2011/09/05 01:05:15 | 000,001,146 | ---- | M] () -- C:\Users\Dylan's\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/09/04 01:25:50 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2011/09/03 17:59:41 | 000,001,033 | ---- | M] () -- C:\Users\Dylan's\Desktop\PhotoScape.lnk
[2011/09/03 17:56:17 | 004,474,171 | ---- | M] () -- C:\Users\Dylan's\Documents\winmorph.zip
[2011/09/01 21:24:12 | 000,270,142 | ---- | M] () -- C:\Users\Dylan's\Desktop\Minecraft.exe
[2011/09/01 00:44:04 | 000,660,847 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm.old
[2011/08/30 22:42:02 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/30 03:30:44 | 000,254,764 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/08/28 20:17:14 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/28 02:33:11 | 000,001,135 | ---- | M] () -- C:\Users\Dylan's\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2011/08/28 02:33:11 | 000,001,111 | ---- | M] () -- C:\Users\Dylan's\Desktop\ManyCam.lnk
[2011/08/25 15:49:22 | 000,000,965 | ---- | M] () -- C:\Users\Dylan's\Desktop\iTunesKeys.lnk
[2011/08/24 22:53:57 | 000,001,232 | ---- | M] () -- C:\Users\Dylan's\Desktop\Dragon Age 2.lnk
[2011/08/22 17:22:40 | 000,109,784 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/08/21 20:15:06 | 000,048,902 | -HS- | M] () -- C:\ps121v2.exe
[2011/08/21 17:27:49 | 002,097,152 | ---- | M] () -- C:\Windows\sample5x.dat
[2011/08/21 01:01:40 | 000,001,415 | ---- | M] () -- C:\Windows\SysNative\678335 - Abu Aladdin Ariel Aurora Crossover Grimhilde Maleficent Mulan Peter_Pan Ray Sleeping_Beauty Snow_White Snow_White_and_the_Seven_Dwarfs The_Little_Mermaid The_Princess_and_the_frog Tinker_be.lnk
[2011/08/19 14:00:57 | 000,000,745 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends.lnk
[2011/08/18 20:46:04 | 000,001,370 | ---- | M] () -- C:\Windows\SysNative\218145 - Abigail_Lincoln Agent_K Ann_Possible Avatar_the_last_Airbender Codename _Kids_Next_Door Crossover Disney Jazz_Fenton Katara Kimiko_Tohomiko Maniacal_Carrot The_Replacements Xiaolin_Showdown.lnk
[2011/08/15 20:54:05 | 000,000,205 | ---- | M] () -- C:\Users\Dylan's\Desktop\Half-Life 2 Episode Two.url
[2011/08/13 23:57:18 | 000,002,241 | ---- | M] () -- C:\Users\Dylan's\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/08/12 00:33:56 | 000,000,205 | ---- | M] () -- C:\Users\Dylan's\Desktop\Team Fortress 2.url
[2011/08/11 02:48:13 | 000,000,218 | ---- | M] () -- C:\Users\Dylan's\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.url
[2011/08/11 02:48:01 | 000,000,184 | ---- | M] () -- C:\Users\Dylan's\Desktop\Prey.url
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/09 20:14:00 | 000,081,388 | ---- | C] () -- C:\Users\Dylan's\Desktop\Untitled.png
[2011/09/09 17:01:03 | 000,108,868 | ---- | C] () -- C:\Users\Dylan's\Desktop\4df16a2d2a581eec14f7956cfa833f7f_18885342.jpg
[2011/09/07 03:11:51 | 000,000,363 | ---- | C] () -- C:\Users\Dylan's\Documents\Recent Places - Shortcut.lnk
[2011/09/07 01:50:54 | 000,000,553 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty 4 - Modern Warfare Multiplayer.lnk
[2011/09/07 01:50:53 | 000,000,553 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty 4 - Modern Warfare Singleplayer.lnk
[2011/09/07 01:50:20 | 000,000,289 | ---- | C] () -- C:\Windows\game.ini
[2011/09/06 14:19:10 | 000,000,207 | ---- | C] () -- C:\Users\Dylan's\Desktop\Dead Island.url
[2011/09/06 11:54:15 | 013,245,271 | ---- | C] () -- C:\Users\Dylan's\Desktop\Qtracker492.exe
[2011/09/06 02:31:16 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/06 02:31:16 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/09/06 02:31:15 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/09/06 02:31:09 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/06 02:01:47 | 005,977,911 | ---- | C] () -- C:\Users\Dylan's\Desktop\COD4MW_EPC_pack.rar
[2011/09/05 01:05:15 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2011/09/05 01:05:15 | 000,001,146 | ---- | C] () -- C:\Users\Dylan's\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/09/03 17:59:41 | 000,001,033 | ---- | C] () -- C:\Users\Dylan's\Desktop\PhotoScape.lnk
[2011/09/03 17:56:20 | 004,474,171 | ---- | C] () -- C:\Users\Dylan's\Documents\winmorph.zip
[2011/09/01 21:24:11 | 000,270,142 | ---- | C] () -- C:\Users\Dylan's\Desktop\Minecraft.exe
[2011/08/31 00:10:16 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
[2011/08/30 22:42:02 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/28 02:33:11 | 000,001,135 | ---- | C] () -- C:\Users\Dylan's\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2011/08/28 02:33:11 | 000,001,111 | ---- | C] () -- C:\Users\Dylan's\Desktop\ManyCam.lnk
[2011/08/25 15:49:22 | 000,000,965 | ---- | C] () -- C:\Users\Dylan's\Desktop\iTunesKeys.lnk
[2011/08/22 17:22:40 | 000,109,784 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/08/21 20:15:00 | 000,048,902 | -HS- | C] () -- C:\ps121v2.exe
[2011/08/21 17:33:36 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\At15.job
[2011/08/21 17:33:35 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\At13.job
[2011/08/21 17:33:35 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\At14.job
[2011/08/21 17:33:35 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\At12.job
[2011/08/21 17:33:34 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\At11.job
[2011/08/21 17:27:49 | 002,097,152 | ---- | C] () -- C:\Windows\sample5x.dat
[2011/08/21 17:27:40 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\At10.job
[2011/08/21 17:27:39 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\At8.job
[2011/08/21 17:27:39 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\At9.job
[2011/08/21 17:27:38 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\At7.job
[2011/08/21 17:27:37 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\At6.job
[2011/08/21 16:29:43 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\At5.job
[2011/08/21 16:29:41 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\At3.job
[2011/08/21 16:29:41 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\At4.job
[2011/08/21 16:29:40 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\At2.job
[2011/08/21 16:29:37 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\At1.job
[2011/08/21 01:01:40 | 000,001,415 | ---- | C] () -- C:\Windows\SysNative\678335 - Abu Aladdin Ariel Aurora Crossover Grimhilde Maleficent Mulan Peter_Pan Ray Sleeping_Beauty Snow_White Snow_White_and_the_Seven_Dwarfs The_Little_Mermaid The_Princess_and_the_frog Tinker_be.lnk
[2011/08/19 10:48:46 | 000,000,745 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends.lnk
[2011/08/18 20:46:04 | 000,001,370 | ---- | C] () -- C:\Windows\SysNative\218145 - Abigail_Lincoln Agent_K Ann_Possible Avatar_the_last_Airbender Codename _Kids_Next_Door Crossover Disney Jazz_Fenton Katara Kimiko_Tohomiko Maniacal_Carrot The_Replacements Xiaolin_Showdown.lnk
[2011/08/15 20:54:05 | 000,000,205 | ---- | C] () -- C:\Users\Dylan's\Desktop\Half-Life 2 Episode Two.url
[2011/08/12 00:33:56 | 000,000,205 | ---- | C] () -- C:\Users\Dylan's\Desktop\Team Fortress 2.url
[2011/07/25 20:58:21 | 000,045,286 | ---- | C] () -- C:\Users\Dylan's\AppData\Roaming\room_v3.dat
[2011/06/24 11:51:18 | 000,036,352 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/04/15 21:33:37 | 000,001,200 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011/04/15 21:33:37 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011/04/15 21:33:37 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011/04/15 21:33:36 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/04/15 21:33:36 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/04/15 21:22:26 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2011/04/15 21:15:20 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/04/15 21:04:10 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/10/25 20:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/07/28 22:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/09/01 21:25:03 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\.minecraft
[2011/07/25 17:27:26 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Asus WebStorage
[2011/09/05 01:18:44 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Audacity
[2011/08/13 14:12:52 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\AVG
[2011/07/25 20:42:51 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\AVG10
[2011/09/06 12:39:11 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Babylon
[2011/07/25 18:08:04 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\DAEMON Tools Lite
[2011/09/07 01:45:17 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\IrfanView
[2011/09/03 17:41:32 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Leadertech
[2011/08/19 14:42:51 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\LolClient
[2011/08/28 02:34:20 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\ManyCam
[2011/09/06 17:20:55 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Media Get LLC
[2011/09/09 20:18:02 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Nuance
[2011/07/27 23:35:49 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Origin
[2011/09/08 09:49:28 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\PhotoScape
[2011/08/11 21:42:24 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Razer
[2011/09/02 11:26:49 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\SystemRequirementsLab
[2011/09/09 01:04:37 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\uTorrent
[2011/07/25 20:07:21 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Zeon
[2011/09/09 19:01:34 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/09/09 20:20:04 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2011/09/09 19:01:32 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2011/09/09 20:05:04 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2011/09/09 20:10:00 | 000,000,330 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2011/09/09 20:15:04 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\At14.job
[2011/09/09 20:20:04 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\At15.job
[2011/09/09 20:05:04 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2011/09/09 20:10:37 | 000,000,330 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2011/09/09 20:15:04 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2011/09/09 20:20:04 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2011/09/09 19:01:28 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2011/09/09 20:05:04 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2011/09/09 20:10:04 | 000,000,330 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2011/09/09 20:15:04 | 000,000,328 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2009/07/13 22:08:49 | 000,019,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:0B4227B4

< End of report >

Attached Thumbnails

  • Sept. 9, 820pm.png

  • 0

Advertisements

#2
Essexboy
Posted 10 September 2011 - 06:09 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi on completion of this run could you check to see if the alerts continue

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O4 - HKLM..\Run: [SessionLogon] File not found
    [2011/08/21 19:00:37 | 000,071,527 | -HS- | C] (SenseLog LLC) -- C:\Windows\digtss.exe
    [2011/08/21 19:00:34 | 000,065,894 | -HS- | C] (SenseLog LLC) -- C:\Windows\pfbstar.exe
    [2011/08/21 19:00:02 | 000,071,527 | -HS- | C] (SenseLog LLC) -- C:\Windows\cpdat.exe
    [2011/08/21 19:00:00 | 000,071,526 | -HS- | C] (SenseLog LLC) -- C:\Windows\ptw32.exe

    :Files
    ipconfig /flushdns /c
    C:\Windows\tasks\At*.job

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#3
dshaw
Posted 10 September 2011 - 08:45 PM

dshaw

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Ran the custom fix as instructed, OTL scans results (from after reboot) attached.

Up until this point, AVG hasnt given me any alerts, which is a good sign as I was usually notified of an infection some short time after each reboot.
I will keep you notified if the alerts persist.

Thanks so much for the quick reply, by the way :)

Attached Files

  • Attached File  OTL.Txt   117.06KB   89 downloads

  • 0

#4
dshaw
Posted 10 September 2011 - 08:55 PM

dshaw

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Ahhhhh sorry.
I think I might have attached my old OTL scan results to that last reply by accident.
Just to be sure, here is a fresh copy of the most recent scan:

OTL logfile created on: 9/10/2011 7:52:52 PM - Run 4
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Dylan's\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.98 Gb Total Physical Memory | 5.79 Gb Available Physical Memory | 72.63% Memory free
15.95 Gb Paging File | 13.61 Gb Available in Paging File | 85.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 174.66 Gb Total Space | 105.64 Gb Free Space | 60.49% Space Free | Partition Type: NTFS
Drive D: | 502.49 Gb Total Space | 346.95 Gb Free Space | 69.05% Space Free | Partition Type: NTFS
Drive F: | 6.32 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DYLANS-PC | User Name: Dylan's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/07 03:12:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/06 23:55:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Dylan's\Desktop\OTL.exe
PRC - [2011/09/06 02:31:09 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/08/18 22:10:19 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011/08/03 05:39:53 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Games\Steam\Steam.exe
PRC - [2011/07/26 18:23:20 | 000,397,992 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011/04/15 21:36:03 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/04/14 11:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
PRC - [2011/03/21 11:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe
PRC - [2011/02/18 11:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2011/02/08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgam.exe
PRC - [2011/01/20 02:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/12/26 18:34:24 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
PRC - [2010/10/07 14:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/10/07 09:43:00 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/20 18:47:50 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/17 14:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/08/12 17:54:04 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2010/05/24 15:44:48 | 000,151,552 | ---- | M] (Atheros) -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe
PRC - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/06/19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/13 21:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007/12/19 11:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
PRC - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/09 22:09:06 | 014,407,976 | ---- | M] () -- D:\Games\Steam\bin\libcef.dll
MOD - [2011/09/09 22:09:03 | 000,190,248 | ---- | M] () -- D:\Games\Steam\bin\chromehtml.dll
MOD - [2011/09/09 22:09:01 | 000,091,432 | ---- | M] () -- D:\Games\Steam\bin\avutil-50.dll
MOD - [2011/09/09 22:08:59 | 000,155,432 | ---- | M] () -- D:\Games\Steam\bin\avformat-52.dll
MOD - [2011/09/09 22:08:56 | 000,914,216 | ---- | M] () -- D:\Games\Steam\bin\avcodec-52.dll
MOD - [2011/09/07 03:12:10 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/08/18 22:10:19 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011/04/14 11:48:32 | 001,758,208 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
MOD - [2011/03/21 11:06:08 | 000,248,320 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
MOD - [2011/02/18 11:18:48 | 000,235,112 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010/12/26 18:34:24 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
MOD - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/12 17:54:04 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2007/11/30 11:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/30 13:19:52 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/16 16:07:42 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/09/06 02:31:09 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/08/12 10:51:34 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/04/15 21:33:34 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/04/15 21:33:30 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/03/09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011/02/18 11:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/25 20:29:54 | 000,052,896 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/08/20 18:47:50 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/05/24 15:44:48 | 000,151,552 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/25 20:15:37 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/07/25 18:05:50 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/14 21:28:24 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/24 17:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/24 17:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/02/10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/02/01 12:13:38 | 000,173,160 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/12/28 12:45:53 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/25 20:30:12 | 000,275,616 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/11/25 20:30:12 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010/11/25 20:30:12 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010/11/25 20:30:12 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010/11/25 20:30:12 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010/11/25 20:30:12 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010/11/25 20:30:10 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010/11/05 08:45:47 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/01 00:16:34 | 000,013,312 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VKbms.sys -- (VKbms)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/21 09:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/08/12 06:13:29 | 001,388,080 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/08/03 03:43:13 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/07/12 04:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2010/07/08 01:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/16 16:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/03/23 16:37:34 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/11/18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/20 02:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2008/03/13 00:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2010/07/26 13:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 17:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...000f46d0425cc1c
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "http://www.google.co...-8&oe=UTF-8&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/07/25 20:41:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/09/07 03:12:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/07/25 17:44:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan's\AppData\Roaming\Mozilla\Extensions
[2011/09/09 09:44:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan's\AppData\Roaming\Mozilla\Firefox\Profiles\b9tpncmg.default\extensions
[2011/09/08 09:21:00 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Dylan's\AppData\Roaming\Mozilla\Firefox\Profiles\b9tpncmg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/09/08 09:21:15 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\Dylan's\AppData\Roaming\Mozilla\Firefox\Profiles\b9tpncmg.default\extensions\[email protected]
[2011/07/27 17:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/28 20:17:21 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/08/20 01:43:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\DYLAN'S\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B9TPNCMG.DEFAULT\EXTENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}.XPI
() (No name found) -- C:\USERS\DYLAN'S\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B9TPNCMG.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\DYLAN'S\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\B9TPNCMG.DEFAULT\EXTENSIONS\[email protected]
[2011/09/07 03:12:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/06 12:39:16 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/09/10 19:24:08 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EA Core] File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] D:\Games\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D0CCAF3-DCB6-4364-962D-D188714860CC}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E10DA65B-28ED-49D5-BABE-080BC28F8BFE}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/06/11 19:27:33 | 000,000,140 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{d1f8ae70-b735-11e0-aa73-e0b9a548f030}\Shell - "" = AutoRun
O33 - MountPoints2\{d1f8ae70-b735-11e0-aa73-e0b9a548f030}\Shell\AutoRun\command - "" = F:\Setup\rsrc\AUTORUN.EXE -- [2007/03/22 16:57:09 | 000,051,336 | R--- | M] ()
O33 - MountPoints2\{d1f8ae70-b735-11e0-aa73-e0b9a548f030}\Shell\dinstall\command - "" = F:\DirectX\DXSETUP.exe -- [2007/05/31 20:23:56 | 000,503,144 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/10 19:24:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/09/09 20:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011/09/09 20:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/09/09 20:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/09/09 20:46:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/09/09 20:42:12 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\Adobe
[2011/09/09 20:18:03 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\FLEXnet
[2011/09/09 20:18:02 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Nuance
[2011/09/09 20:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/09/09 20:17:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/09/07 01:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011/09/06 23:55:17 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Dylan's\Desktop\OTL.exe
[2011/09/06 17:20:55 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Media Get LLC
[2011/09/06 17:20:55 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\Media Get LLC
[2011/09/06 17:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Get LLC
[2011/09/06 14:21:53 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\Documents\DeadIsland
[2011/09/06 14:19:10 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011/09/06 12:39:15 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\Babylon
[2011/09/06 12:39:11 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Babylon
[2011/09/06 12:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2011/09/06 12:38:58 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\MediaGet2
[2011/09/06 02:23:05 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\PunkBuster
[2011/09/06 00:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/09/06 00:49:42 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/09/06 00:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/09/06 00:45:07 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/09/05 01:05:22 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Audacity
[2011/09/05 01:05:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
[2011/09/04 01:27:41 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/09/03 17:59:42 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\PhotoScape
[2011/09/03 17:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2011/09/03 17:59:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2011/09/03 17:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/09/03 17:44:31 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\Downloaded Installations
[2011/09/03 17:44:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
[2011/09/03 17:44:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carbonite
[2011/09/03 17:44:21 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2011/09/03 17:41:32 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Leadertech
[2011/09/02 11:26:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/09/02 11:26:49 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\SystemRequirementsLab
[2011/09/01 21:24:20 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\.minecraft
[2011/08/31 00:10:16 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\Documents\LOLReplay
[2011/08/31 00:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay
[2011/08/30 22:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/08/30 22:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/30 22:41:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/08/30 22:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/08/30 22:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/30 22:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/08/28 20:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/28 02:33:11 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManyCam
[2011/08/28 02:33:05 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\ManyCam
[2011/08/28 02:33:04 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\ManyCam
[2011/08/28 02:32:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2011/08/28 02:32:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ManyCam
[2011/08/27 17:05:41 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\Documents\Games for Windows - LIVE Demos
[2011/08/27 17:04:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011/08/27 17:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011/08/27 17:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/08/27 13:24:48 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\Desktop\trololol
[2011/08/26 01:30:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/08/26 01:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/08/26 01:25:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/08/26 01:25:01 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/08/26 01:25:01 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/08/25 21:30:57 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\Download Manager
[2011/08/25 15:51:33 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\iTunesKeys2
[2011/08/25 15:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunesKeys
[2011/08/25 15:49:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunesKeys
[2011/08/24 22:27:13 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\Mod_Manager
[2011/08/19 14:57:06 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\riotsGamesLogs
[2011/08/19 14:42:51 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Roaming\LolClient
[2011/08/19 10:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011/08/18 22:10:24 | 000,000,000 | ---D | C] -- C:\Users\Dylan's\AppData\Local\PMB Files
[2011/08/18 22:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/08/18 22:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011/08/13 23:57:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/08/11 20:03:12 | 000,000,000 | ---D | C] -- C:\NVIDIA

========== Files - Modified Within 30 Days ==========

[2011/09/10 19:51:49 | 011,876,878 | ---- | M] () -- C:\Users\Dylan's\Desktop\Yin Yang.mp3
[2011/09/10 19:51:47 | 004,861,520 | ---- | M] () -- C:\Users\Dylan's\Desktop\Force (Bassnectar & Excision VIP).mp3
[2011/09/10 19:51:46 | 011,602,158 | ---- | M] () -- C:\Users\Dylan's\Desktop\Do It Now.mp3
[2011/09/10 19:51:44 | 013,797,406 | ---- | M] () -- C:\Users\Dylan's\Desktop\Serious Business.mp3
[2011/09/10 19:51:42 | 012,140,258 | ---- | M] () -- C:\Users\Dylan's\Desktop\Subsonic.mp3
[2011/09/10 19:51:40 | 011,170,513 | ---- | M] () -- C:\Users\Dylan's\Desktop\Wasted.mp3
[2011/09/10 19:51:39 | 012,373,100 | ---- | M] () -- C:\Users\Dylan's\Desktop\Whalestep ft Stickybuds.mp3
[2011/09/10 19:51:37 | 011,565,488 | ---- | M] () -- C:\Users\Dylan's\Desktop\Know You.mp3
[2011/09/10 19:51:35 | 014,802,580 | ---- | M] () -- C:\Users\Dylan's\Desktop\Obvious.mp3
[2011/09/10 19:51:33 | 013,373,230 | ---- | M] () -- C:\Users\Dylan's\Desktop\Round 2.mp3
[2011/09/10 19:36:36 | 000,002,400 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/09/10 19:36:32 | 000,001,434 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/09/10 19:36:20 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/09/10 19:36:20 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/10 19:34:53 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/10 19:34:53 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/10 19:28:43 | 004,827,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/09/10 19:27:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/10 19:26:45 | 2129,518,591 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/10 19:24:08 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/09/10 19:14:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/10 19:06:40 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/10 19:06:40 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/10 19:06:40 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/10 18:27:27 | 013,463,392 | ---- | M] () -- C:\Users\Dylan's\Desktop\Even Though (Oscillator Z Remix).mp3
[2011/09/10 18:05:42 | 131,800,934 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/09/10 11:43:53 | 131,720,957 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm.old
[2011/09/09 21:58:30 | 000,001,095 | ---- | M] () -- C:\Users\Dylan's\Desktop\Adobe Photoshop CS5.1 (64 Bit).lnk
[2011/09/07 13:11:58 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/09/07 13:11:58 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/07 12:08:50 | 000,000,553 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty 4 - Modern Warfare Singleplayer.lnk
[2011/09/07 12:06:43 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/09/07 12:06:29 | 000,000,553 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty 4 - Modern Warfare Multiplayer.lnk
[2011/09/07 11:20:27 | 000,660,945 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2011/09/07 03:11:51 | 000,000,363 | ---- | M] () -- C:\Users\Dylan's\Documents\Recent Places - Shortcut.lnk
[2011/09/07 01:50:20 | 000,000,289 | ---- | M] () -- C:\Windows\game.ini
[2011/09/06 23:55:18 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Dylan's\Desktop\OTL.exe
[2011/09/06 14:19:10 | 000,000,207 | ---- | M] () -- C:\Users\Dylan's\Desktop\Dead Island.url
[2011/09/06 11:54:41 | 013,245,271 | ---- | M] () -- C:\Users\Dylan's\Desktop\Qtracker492.exe
[2011/09/06 02:31:09 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/06 02:02:01 | 005,977,911 | ---- | M] () -- C:\Users\Dylan's\Desktop\COD4MW_EPC_pack.rar
[2011/09/05 01:05:15 | 000,001,146 | ---- | M] () -- C:\Users\Dylan's\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/09/04 01:25:50 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2011/09/03 17:59:41 | 000,001,033 | ---- | M] () -- C:\Users\Dylan's\Desktop\PhotoScape.lnk
[2011/09/03 17:56:17 | 004,474,171 | ---- | M] () -- C:\Users\Dylan's\Documents\winmorph.zip
[2011/09/01 21:24:12 | 000,270,142 | ---- | M] () -- C:\Users\Dylan's\Desktop\Minecraft.exe
[2011/09/01 00:44:04 | 000,660,847 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm.old
[2011/08/30 22:42:02 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/30 03:30:44 | 000,254,764 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/08/28 20:17:14 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/28 02:33:11 | 000,001,135 | ---- | M] () -- C:\Users\Dylan's\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2011/08/28 02:33:11 | 000,001,111 | ---- | M] () -- C:\Users\Dylan's\Desktop\ManyCam.lnk
[2011/08/25 15:49:22 | 000,000,965 | ---- | M] () -- C:\Users\Dylan's\Desktop\iTunesKeys.lnk
[2011/08/24 22:53:57 | 000,001,232 | ---- | M] () -- C:\Users\Dylan's\Desktop\Dragon Age 2.lnk
[2011/08/22 17:22:40 | 000,109,784 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/08/21 20:15:06 | 000,048,902 | -HS- | M] () -- C:\ps121v2.exe
[2011/08/21 17:27:49 | 002,097,152 | ---- | M] () -- C:\Windows\sample5x.dat
[2011/08/21 01:01:40 | 000,001,415 | ---- | M] () -- C:\Windows\SysNative\678335 - Abu Aladdin Ariel Aurora Crossover Grimhilde Maleficent Mulan Peter_Pan Ray Sleeping_Beauty Snow_White Snow_White_and_the_Seven_Dwarfs The_Little_Mermaid The_Princess_and_the_frog Tinker_be.lnk
[2011/08/19 14:00:57 | 000,000,745 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends.lnk
[2011/08/18 20:46:04 | 000,001,370 | ---- | M] () -- C:\Windows\SysNative\218145 - Abigail_Lincoln Agent_K Ann_Possible Avatar_the_last_Airbender Codename _Kids_Next_Door Crossover Disney Jazz_Fenton Katara Kimiko_Tohomiko Maniacal_Carrot The_Replacements Xiaolin_Showdown.lnk
[2011/08/15 20:54:05 | 000,000,205 | ---- | M] () -- C:\Users\Dylan's\Desktop\Half-Life 2 Episode Two.url
[2011/08/13 23:57:18 | 000,002,241 | ---- | M] () -- C:\Users\Dylan's\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/08/12 00:33:56 | 000,000,205 | ---- | M] () -- C:\Users\Dylan's\Desktop\Team Fortress 2.url

========== Files Created - No Company Name ==========

[2011/09/10 19:43:16 | 012,373,100 | ---- | C] () -- C:\Users\Dylan's\Desktop\Whalestep ft Stickybuds.mp3
[2011/09/10 19:43:16 | 011,876,878 | ---- | C] () -- C:\Users\Dylan's\Desktop\Yin Yang.mp3
[2011/09/10 19:43:16 | 011,170,513 | ---- | C] () -- C:\Users\Dylan's\Desktop\Wasted.mp3
[2011/09/10 19:43:15 | 013,797,406 | ---- | C] () -- C:\Users\Dylan's\Desktop\Serious Business.mp3
[2011/09/10 19:43:15 | 013,373,230 | ---- | C] () -- C:\Users\Dylan's\Desktop\Round 2.mp3
[2011/09/10 19:43:15 | 012,140,258 | ---- | C] () -- C:\Users\Dylan's\Desktop\Subsonic.mp3
[2011/09/10 19:43:14 | 014,802,580 | ---- | C] () -- C:\Users\Dylan's\Desktop\Obvious.mp3
[2011/09/10 19:43:14 | 011,602,158 | ---- | C] () -- C:\Users\Dylan's\Desktop\Do It Now.mp3
[2011/09/10 19:43:14 | 011,565,488 | ---- | C] () -- C:\Users\Dylan's\Desktop\Know You.mp3
[2011/09/10 19:43:14 | 004,861,520 | ---- | C] () -- C:\Users\Dylan's\Desktop\Force (Bassnectar & Excision VIP).mp3
[2011/09/10 18:25:52 | 013,463,392 | ---- | C] () -- C:\Users\Dylan's\Desktop\Even Though (Oscillator Z Remix).mp3
[2011/09/10 01:50:56 | 000,002,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
[2011/09/09 21:58:30 | 000,001,095 | ---- | C] () -- C:\Users\Dylan's\Desktop\Adobe Photoshop CS5.1 (64 Bit).lnk
[2011/09/09 20:51:57 | 000,001,095 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1 (64 Bit).lnk
[2011/09/09 20:49:29 | 000,001,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2011/09/09 20:49:04 | 000,001,280 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2011/09/09 20:47:40 | 000,001,381 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2011/09/09 20:47:25 | 000,001,553 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2011/09/09 20:46:53 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011/09/07 03:11:51 | 000,000,363 | ---- | C] () -- C:\Users\Dylan's\Documents\Recent Places - Shortcut.lnk
[2011/09/07 01:50:54 | 000,000,553 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty 4 - Modern Warfare Multiplayer.lnk
[2011/09/07 01:50:53 | 000,000,553 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty 4 - Modern Warfare Singleplayer.lnk
[2011/09/07 01:50:20 | 000,000,289 | ---- | C] () -- C:\Windows\game.ini
[2011/09/06 14:19:10 | 000,000,207 | ---- | C] () -- C:\Users\Dylan's\Desktop\Dead Island.url
[2011/09/06 11:54:15 | 013,245,271 | ---- | C] () -- C:\Users\Dylan's\Desktop\Qtracker492.exe
[2011/09/06 02:31:16 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/06 02:31:16 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/09/06 02:31:15 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/09/06 02:31:09 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/06 02:01:47 | 005,977,911 | ---- | C] () -- C:\Users\Dylan's\Desktop\COD4MW_EPC_pack.rar
[2011/09/05 01:05:15 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2011/09/05 01:05:15 | 000,001,146 | ---- | C] () -- C:\Users\Dylan's\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011/09/03 17:59:41 | 000,001,033 | ---- | C] () -- C:\Users\Dylan's\Desktop\PhotoScape.lnk
[2011/09/03 17:56:20 | 004,474,171 | ---- | C] () -- C:\Users\Dylan's\Documents\winmorph.zip
[2011/09/01 21:24:11 | 000,270,142 | ---- | C] () -- C:\Users\Dylan's\Desktop\Minecraft.exe
[2011/08/31 00:10:16 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk
[2011/08/30 22:42:02 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/08/28 02:33:11 | 000,001,135 | ---- | C] () -- C:\Users\Dylan's\Application Data\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk
[2011/08/28 02:33:11 | 000,001,111 | ---- | C] () -- C:\Users\Dylan's\Desktop\ManyCam.lnk
[2011/08/25 15:49:22 | 000,000,965 | ---- | C] () -- C:\Users\Dylan's\Desktop\iTunesKeys.lnk
[2011/08/22 17:22:40 | 000,109,784 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/08/21 20:15:00 | 000,048,902 | -HS- | C] () -- C:\ps121v2.exe
[2011/08/21 17:27:49 | 002,097,152 | ---- | C] () -- C:\Windows\sample5x.dat
[2011/08/21 01:01:40 | 000,001,415 | ---- | C] () -- C:\Windows\SysNative\678335 - Abu Aladdin Ariel Aurora Crossover Grimhilde Maleficent Mulan Peter_Pan Ray Sleeping_Beauty Snow_White Snow_White_and_the_Seven_Dwarfs The_Little_Mermaid The_Princess_and_the_frog Tinker_be.lnk
[2011/08/19 10:48:46 | 000,000,745 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends.lnk
[2011/08/18 20:46:04 | 000,001,370 | ---- | C] () -- C:\Windows\SysNative\218145 - Abigail_Lincoln Agent_K Ann_Possible Avatar_the_last_Airbender Codename _Kids_Next_Door Crossover Disney Jazz_Fenton Katara Kimiko_Tohomiko Maniacal_Carrot The_Replacements Xiaolin_Showdown.lnk
[2011/08/15 20:54:05 | 000,000,205 | ---- | C] () -- C:\Users\Dylan's\Desktop\Half-Life 2 Episode Two.url
[2011/08/12 00:33:56 | 000,000,205 | ---- | C] () -- C:\Users\Dylan's\Desktop\Team Fortress 2.url
[2011/07/25 20:58:21 | 000,045,286 | ---- | C] () -- C:\Users\Dylan's\AppData\Roaming\room_v3.dat
[2011/06/24 11:51:18 | 000,036,352 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/04/15 21:33:37 | 000,001,200 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011/04/15 21:33:37 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011/04/15 21:33:37 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011/04/15 21:33:36 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/04/15 21:33:36 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/04/15 21:22:26 | 000,154,240 | ---- | C] () -- C:\Windows\AsPatch10430001.exe
[2011/04/15 21:15:20 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/04/15 21:04:10 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/10/25 20:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/07/28 22:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/13 22:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 19:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 19:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 17:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 16:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 14:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 14:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/09/01 21:25:03 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\.minecraft
[2011/07/25 17:27:26 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Asus WebStorage
[2011/09/05 01:18:44 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Audacity
[2011/08/13 14:12:52 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\AVG
[2011/07/25 20:42:51 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\AVG10
[2011/09/06 12:39:11 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Babylon
[2011/07/25 18:08:04 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\DAEMON Tools Lite
[2011/09/07 01:45:17 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\IrfanView
[2011/09/03 17:41:32 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Leadertech
[2011/08/19 14:42:51 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\LolClient
[2011/08/28 02:34:20 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\ManyCam
[2011/09/06 17:20:55 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Media Get LLC
[2011/09/09 20:18:02 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Nuance
[2011/07/27 23:35:49 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Origin
[2011/09/08 09:49:28 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\PhotoScape
[2011/08/11 21:42:24 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Razer
[2011/09/02 11:26:49 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\SystemRequirementsLab
[2011/09/09 01:04:37 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\uTorrent
[2011/07/25 20:07:21 | 000,000,000 | ---D | M] -- C:\Users\Dylan's\AppData\Roaming\Zeon
[2009/07/13 22:08:49 | 000,019,762 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:0B4227B4

< End of report >

Attached Files

  • Attached File  OTL.Txt   117.03KB   89 downloads

  • 0

#5
Essexboy
Posted 11 September 2011 - 03:06 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets have a quick check for orphans :) What are your current problems ?

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#6
dshaw
Posted 11 September 2011 - 03:32 AM

dshaw

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Bam.
Scan done.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7694

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/09/2011 2:31:56 AM
mbam-log-2011-09-11 (02-31-56).txt

Scan type: Quick scan
Objects scanned: 177567
Time elapsed: 2 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\java_is1.exe (Trojan.Downloader.Gen) -> Quarantined and deleted successfully.
  • 0

#7
Essexboy
Posted 11 September 2011 - 04:45 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :yes:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :unsure:
  • 0

#8
Essexboy
Posted 13 September 2011 - 12:39 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP