My system appears to be Malware infected, though a number of security softwares have failed me.
The system as a whole, sporadically, runs slowly. Not always, sometimes after booting up, sometimes for a few minutes while running, sometimes after an hour of use the computer will become bogged down and require a restart. Some of the most mundane actions, such as opening a new tab, playing a YouTube video, trying to type a message, opening up notepad, will have either the program locked up, or cause the system to get stuck thinking for any amount of time, on occasion up to about a minute.
Installing new software seems to cause my computer particular grief, the unpacking of files at the start taking ten times as long as it should.
I believe that the problem comes from my secondary hard disk, the D:/ drive (C:/ is an SSD mostly just for windows), as I've formatted the C:/ and reinstalled windows a number of times, but within a week or two the system is back to it's old ways.
I am running Windows 7 64bit, and the security software that I've scanned with are G-Data and Norton 360; neither of which came up with anything seemingly relevant (Norton gave me a few tracking cookies). On previous installs of Windows, I've tried Avast!, AVG free, SuperAntiSpyware and Spybot a go, but none of them helped. On this install I also ran combofix, but uninstalled afterwards when realising that it was completely above my head.
If you were to help me, you'd have my eternal gratitude... OTL scan pasted below.
Many thanks,
Alex
OTL logfile created on: 20/06/2012 23:54:02 - Run 2
OTL by OldTimer - Version 3.2.50.0 Folder = D:\Users\Alex Harvey\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
8.00 Gb Total Physical Memory | 6.42 Gb Available Physical Memory | 80.24% Memory free
15.99 Gb Paging File | 14.19 Gb Available in Paging File | 88.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55.80 Gb Total Space | 20.29 Gb Free Space | 36.36% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 850.30 Gb Free Space | 91.28% Space Free | Partition Type: NTFS
Drive E: | 4.72 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 3.73 Gb Total Space | 3.63 Gb Free Space | 97.31% Space Free | Partition Type: FAT32
Computer Name: ALEXHARVEY-PC | User Name: Alex Harvey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/06/20 23:50:06 | 000,596,992 | ---- | M] (OldTimer Tools) -- D:\Users\Alex Harvey\Downloads\OTL(1).exe
PRC - [2012/06/19 15:54:13 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
PRC - [2012/06/17 16:26:43 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/06/12 23:45:13 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Users\Alex Harvey\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012/04/04 06:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/19 15:54:12 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2012/06/17 16:26:43 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/07/29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/04/06 03:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/04/05 21:57:34 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/06/19 15:54:13 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/17 16:26:43 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/20 17:37:29 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/04/04 06:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/04/06 06:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/06 02:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/23 13:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/01/18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam C210(UVC)
DRV:64bit: - [2011/11/29 03:28:28 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/07 15:39:32 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MAudioFastTrackPro.sys -- (MAUSBFASTTRACKPRO)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/01/07 09:20:00 | 000,676,864 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 A7 ED A6 E1 48 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: [email protected]:0.1.2008d
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alex Harvey\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alex Harvey\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/06/13 00:59:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/20 18:57:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/20 18:57:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/20 18:57:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/20 18:57:09 | 000,000,000 | ---D | M]
[2012/06/11 19:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex Harvey\AppData\Roaming\Mozilla\Extensions
[2012/06/11 19:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex Harvey\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/06/11 20:51:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\er66w0qp.default\extensions
[2012/06/20 19:36:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/11 19:59:16 | 000,000,000 | ---D | M] (Art Pack 1: Popular - Top Downs) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:16 | 000,000,000 | ---D | M] (Art Pack 10: Exterior) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:16 | 000,000,000 | ---D | M] (Art Pack 11: Sci-Fi and Horror Pack) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:16 | 000,000,000 | ---D | M] (Art Pack 12: Characters, Animals, Exterior Pack) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:16 | 000,000,000 | ---D | M] (Art Pack 2: Popular - Fronts and Sides) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:16 | 000,000,000 | ---D | M] (Art Pack 3: Sound FX & Speech Bubbles) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:16 | 000,000,000 | ---D | M] (Art Pack 4: Equipment) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:16 | 000,000,000 | ---D | M] (Art Pack 5: Arrows) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:16 | 000,000,000 | ---D | M] (Art Pack 6: Kitchen) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:15 | 000,000,000 | ---D | M] (Art Pack 7: Bedroom and Bathroom) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:15 | 000,000,000 | ---D | M] (Art Pack 8: Living Room) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:15 | 000,000,000 | ---D | M] (Art Pack 9: Office) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:15 | 000,000,000 | ---D | M] (Full Screen Mode) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:15 | 000,000,000 | ---D | M] (Plot View) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/11 19:59:15 | 000,000,000 | ---D | M] (Performance Tracker) -- C:\USERS\ALEX HARVEY\APPDATA\ROAMING\GREYFIRST\CELTX\PROFILES\FU9IHFQO.DEFAULT\EXTENSIONS\[email protected]
[2012/06/10 21:22:44 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- D:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2012/06/10 21:22:44 | 000,000,000 | ---D | M] (Default Shot Palette) -- D:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2012/06/10 21:22:44 | 000,000,000 | ---D | M] (DOM Inspector) -- D:\PROGRAM FILES (X86)\CELTX\EXTENSIONS\[email protected]
[2012/06/17 16:26:43 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2005/09/01 11:34:42 | 001,312,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\NPSWF32.dll
[2012/06/01 16:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/01 16:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Alex Harvey\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Alex Harvey\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Alex Harvey\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Alex Harvey\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Alex Harvey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Alex Harvey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Calendar = C:\Users\Alex Harvey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Alex Harvey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Alex Harvey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/06/20 22:37:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Spotify] C:\Users\Alex Harvey\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Alex Harvey\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Alex Harvey\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D5D45E5-ECA3-4819-89DC-A623FC981394}: DhcpNameServer = 192.168.1.254
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/22 14:08:16 | 000,000,110 | -H-- | M] () - J:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/06/20 23:14:24 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Native Instruments
[2012/06/20 23:12:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\{544A9B13-F375-4543-8198-54A1542E6015}
[2012/06/20 22:48:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/06/20 22:38:05 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/06/20 22:02:40 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/06/20 20:20:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/06/20 19:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/06/20 19:48:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/06/20 19:18:45 | 096,035,168 | ---- | C] (Native Instruments ) -- C:\Users\Alex Harvey\Desktop\Battery 3 3.2.3 Setup PC.exe
[2012/06/20 19:06:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
[2012/06/20 19:06:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments
[2012/06/20 19:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2012/06/20 19:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2012/06/20 19:06:11 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments
[2012/06/20 18:57:01 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NI Service Center
[2012/06/20 18:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NI Service Center
[2012/06/20 18:41:34 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\REAPER
[2012/06/19 19:29:53 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012/06/19 19:07:21 | 000,059,768 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2012/06/19 19:06:01 | 000,122,744 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2012/06/19 19:05:29 | 000,054,136 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2012/06/19 19:04:59 | 000,065,912 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2012/06/19 19:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2012/06/19 19:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data
[2012/06/19 19:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2012/06/19 18:59:36 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Downloaded Installations
[2012/06/19 16:00:22 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Macromedia
[2012/06/19 15:54:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/06/13 12:25:39 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Apple Computer
[2012/06/13 01:07:11 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/06/13 00:59:19 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\DivX
[2012/06/13 00:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012/06/13 00:58:33 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2012/06/13 00:58:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2012/06/13 00:55:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2012/06/13 00:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2012/06/13 00:49:32 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\LibreOffice
[2012/06/13 00:12:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.5
[2012/06/12 23:49:54 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/12 23:45:17 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Google
[2012/06/12 22:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/06/12 22:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/06/12 22:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/06/12 22:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/06/12 22:42:52 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Apple
[2012/06/12 22:42:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/06/12 22:42:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/06/12 21:58:44 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\PACE Anti-Piracy
[2012/06/12 21:58:44 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\PACE Anti-Piracy
[2012/06/12 21:58:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2012/06/12 21:58:42 | 000,000,000 | ---D | C] -- D:\Users\Alex Harvey\Documents\Adobe
[2012/06/12 21:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/06/12 21:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/06/12 21:46:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
[2012/06/12 21:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2012/06/12 21:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2012/06/12 21:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2012/06/12 21:41:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/06/12 21:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012/06/12 21:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2012/06/12 21:34:02 | 000,000,000 | ---D | C] -- C:\Adobe
[2012/06/12 21:31:34 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Adobe
[2012/06/12 21:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/06/12 21:25:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/06/12 21:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/06/12 21:06:53 | 000,000,000 | ---D | C] -- D:\Users\Alex Harvey\Documents\Film stuff
[2012/06/12 20:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments Battery 3
[2012/06/12 20:27:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012/06/12 20:24:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Native Instruments
[2012/06/12 20:24:17 | 001,870,336 | ---- | C] (Native Instruments Software Synthesis GmbH) -- C:\Windows\SysWow64\bconvert.dll
[2012/06/12 20:24:17 | 000,393,216 | ---- | C] (Native Instruments Software GmbH) -- C:\Windows\SysWow64\NI_IRC_1_2.dll
[2012/06/12 20:24:17 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2012/06/12 20:24:17 | 000,061,440 | ---- | C] (Native Instruments Software GmbH) -- C:\Windows\SysWow64\NI_DFD_1_5.dll
[2012/06/12 18:58:50 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\BitTorrent
[2012/06/12 18:58:50 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\BitTorrent
[2012/06/12 18:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER
[2012/06/12 18:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Propellerhead Software
[2012/06/12 17:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/06/12 17:20:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/06/12 17:20:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/06/11 21:42:15 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Macromedia
[2012/06/11 21:42:15 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Adobe
[2012/06/11 21:40:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/06/11 20:37:47 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\.thumbnails
[2012/06/11 20:36:23 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\fontconfig
[2012/06/11 20:36:14 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\.gimp-2.8
[2012/06/11 20:36:12 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\gegl-0.2
[2012/06/11 20:35:42 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\Dropbox
[2012/06/11 20:28:52 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012/06/11 20:28:29 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Dropbox
[2012/06/11 19:58:53 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Greyfirst
[2012/06/11 19:58:53 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Greyfirst
[2012/06/11 05:26:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/06/10 21:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Celtx
[2012/06/10 21:17:08 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\AMD
[2012/06/10 21:16:43 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\ATI
[2012/06/10 21:16:43 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\ATI
[2012/06/10 21:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/06/10 21:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012/06/10 21:03:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012/06/10 21:03:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/06/10 21:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012/06/10 21:03:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012/06/10 21:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/06/10 21:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012/06/10 20:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/06/10 20:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012/06/10 20:58:42 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Spotify
[2012/06/10 20:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012/06/10 20:58:04 | 000,000,000 | ---D | C] -- C:\AMD
[2012/06/10 20:56:01 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Spotify
[2012/06/10 20:55:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
[2012/06/10 20:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\M-Audio
[2012/06/10 20:50:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2012/06/10 20:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2012/06/10 20:48:58 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Mozilla
[2012/06/10 20:48:58 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Mozilla
[2012/06/10 20:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/06/10 20:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/06/10 20:48:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/06/10 20:42:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/06/10 20:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belkin
[2012/06/10 20:42:22 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/06/10 20:42:21 | 000,000,000 | ---D | C] -- C:\Windows\{4626E3EA-85B3-464E-B296-F3F5488D8B08}
[2012/06/10 20:40:42 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/06/10 20:40:42 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\Searches
[2012/06/10 20:40:42 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/06/10 20:40:42 | 000,000,000 | -H-D | C] -- C:\Users\Alex Harvey\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/06/10 20:40:35 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Identities
[2012/06/10 20:40:33 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\Contacts
[2012/06/10 20:40:32 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\VirtualStore
[2012/06/10 20:40:28 | 000,000,000 | --SD | C] -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft
[2012/06/10 20:40:28 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\Saved Games
[2012/06/10 20:40:28 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/06/10 20:40:28 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\Links
[2012/06/10 20:40:28 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\Favorites
[2012/06/10 20:40:28 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\Desktop
[2012/06/10 20:40:28 | 000,000,000 | R--D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\AppData\Local\Temporary Internet Files
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\Templates
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\Start Menu
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\SendTo
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\Recent
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\PrintHood
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\NetHood
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\My Documents
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\Local Settings
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\AppData\Local\History
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\Cookies
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\Application Data
[2012/06/10 20:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Alex Harvey\AppData\Local\Application Data
[2012/06/10 20:40:28 | 000,000,000 | -H-D | C] -- C:\Users\Alex Harvey\AppData
[2012/06/10 20:40:28 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Temp
[2012/06/10 20:40:28 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Local\Microsoft
[2012/06/10 20:40:28 | 000,000,000 | ---D | C] -- C:\Users\Alex Harvey\AppData\Roaming\Media Center Programs
[2012/06/10 20:40:20 | 000,000,000 | ---D | C] -- C:\Recovery
[2012/06/10 20:40:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/06/10 20:27:21 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/06/10 20:27:03 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2012/06/20 23:50:12 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2090271790-766607625-3301924082-1000Core.job
[2012/06/20 23:50:09 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2090271790-766607625-3301924082-1000UA.job
[2012/06/20 23:16:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/20 23:12:03 | 000,000,783 | ---- | M] () -- C:\Users\Public\Desktop\Battery 3.lnk
[2012/06/20 23:02:31 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/20 23:02:12 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/20 22:54:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/20 22:54:36 | 2145,394,687 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/20 22:37:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/06/20 19:18:45 | 096,035,168 | ---- | M] (Native Instruments ) -- C:\Users\Alex Harvey\Desktop\Battery 3 3.2.3 Setup PC.exe
[2012/06/20 19:14:30 | 011,583,006 | ---- | M] () -- C:\Users\Alex Harvey\Desktop\Battery3ArtistKits_Win.zip.incomplete
[2012/06/20 19:06:13 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Service Center.lnk
[2012/06/20 17:10:32 | 000,684,629 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2012/06/20 17:10:32 | 000,040,874 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2012/06/19 19:29:53 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2012/06/19 19:07:21 | 000,059,768 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2012/06/19 19:06:01 | 000,122,744 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2012/06/19 19:05:29 | 000,054,136 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2012/06/19 19:04:59 | 000,065,912 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2012/06/19 18:00:41 | 000,004,110 | ---- | M] () -- C:\Users\Alex Harvey\AppData\Local\recently-used.xbel
[2012/06/16 03:44:57 | 000,731,650 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/16 03:44:57 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/16 03:44:57 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/13 23:59:34 | 000,080,092 | ---- | M] () -- D:\Users\Alex Harvey\Documents\knowle west eddy.jpg
[2012/06/13 23:32:18 | 004,927,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/13 00:59:51 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/06/13 00:59:51 | 000,001,818 | ---- | M] () -- C:\Users\Alex Harvey\Desktop\DivX Movies.lnk
[2012/06/13 00:58:55 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/06/13 00:12:59 | 000,000,885 | ---- | M] () -- C:\Users\Public\Desktop\LibreOffice 3.5.lnk
[2012/06/12 22:28:22 | 000,000,956 | ---- | M] () -- C:\Users\Alex Harvey\Dropbox - Shortcut.lnk
[2012/06/12 21:25:34 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/06/12 18:59:48 | 000,000,664 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/06/12 18:59:48 | 000,000,664 | ---- | M] () -- C:\Users\Alex Harvey\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/06/12 18:58:37 | 000,000,696 | ---- | M] () -- C:\Users\Public\Desktop\REAPER.lnk
[2012/06/12 17:24:29 | 000,001,437 | ---- | M] () -- C:\Users\Alex Harvey\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/11 22:48:53 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/06/11 22:48:51 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/06/11 20:35:42 | 000,001,007 | ---- | M] () -- C:\Users\Alex Harvey\Desktop\Dropbox.lnk
[2012/06/11 20:29:03 | 000,001,017 | ---- | M] () -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/10 21:22:47 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\Celtx.lnk
[2012/06/10 21:22:47 | 000,000,762 | ---- | M] () -- C:\Users\Alex Harvey\Application Data\Microsoft\Internet Explorer\Quick Launch\Celtx.lnk
[2012/06/10 21:08:43 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012/06/10 20:58:41 | 000,001,797 | ---- | M] () -- C:\Users\Alex Harvey\Desktop\Spotify.lnk
[2012/06/10 20:48:54 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/10 20:30:21 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/06/10 20:30:21 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/06/10 20:27:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
========== Files Created - No Company Name ==========
[2012/06/20 23:12:03 | 000,000,783 | ---- | C] () -- C:\Users\Public\Desktop\Battery 3.lnk
[2012/06/20 19:13:45 | 011,583,006 | ---- | C] () -- C:\Users\Alex Harvey\Desktop\Battery3ArtistKits_Win.zip.incomplete
[2012/06/20 19:06:13 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Service Center.lnk
[2012/06/19 22:18:35 | 000,684,629 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012/06/19 22:18:35 | 000,040,874 | ---- | C] () -- C:\Windows\SysWow64\nmp.map
[2012/06/19 18:00:41 | 000,004,110 | ---- | C] () -- C:\Users\Alex Harvey\AppData\Local\recently-used.xbel
[2012/06/13 23:59:33 | 000,080,092 | ---- | C] () -- D:\Users\Alex Harvey\Documents\knowle west eddy.jpg
[2012/06/13 00:59:51 | 000,001,818 | ---- | C] () -- C:\Users\Alex Harvey\Desktop\DivX Movies.lnk
[2012/06/13 00:58:55 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012/06/13 00:58:37 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2012/06/13 00:12:59 | 000,000,885 | ---- | C] () -- C:\Users\Public\Desktop\LibreOffice 3.5.lnk
[2012/06/12 23:45:44 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2090271790-766607625-3301924082-1000UA.job
[2012/06/12 23:45:21 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2090271790-766607625-3301924082-1000Core.job
[2012/06/12 22:42:48 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/06/12 22:28:22 | 000,000,956 | ---- | C] () -- C:\Users\Alex Harvey\Dropbox - Shortcut.lnk
[2012/06/12 21:25:34 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/06/12 18:59:16 | 000,000,664 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012/06/12 18:59:16 | 000,000,664 | ---- | C] () -- C:\Users\Alex Harvey\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2012/06/12 18:58:37 | 000,000,696 | ---- | C] () -- C:\Users\Public\Desktop\REAPER.lnk
[2012/06/11 22:48:53 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/06/11 22:48:51 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/06/11 21:40:52 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/11 20:35:42 | 000,001,007 | ---- | C] () -- C:\Users\Alex Harvey\Desktop\Dropbox.lnk
[2012/06/11 20:29:03 | 000,001,017 | ---- | C] () -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/10 21:22:47 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\Celtx.lnk
[2012/06/10 21:22:47 | 000,000,762 | ---- | C] () -- C:\Users\Alex Harvey\Application Data\Microsoft\Internet Explorer\Quick Launch\Celtx.lnk
[2012/06/10 21:08:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/06/10 21:05:15 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012/06/10 20:58:41 | 000,001,797 | ---- | C] () -- C:\Users\Alex Harvey\Desktop\Spotify.lnk
[2012/06/10 20:58:41 | 000,001,783 | ---- | C] () -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012/06/10 20:48:54 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/10 20:48:53 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/06/10 20:47:09 | 000,001,437 | ---- | C] () -- C:\Users\Alex Harvey\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/06/10 20:40:48 | 000,001,409 | ---- | C] () -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/06/10 20:40:43 | 000,001,443 | ---- | C] () -- C:\Users\Alex Harvey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/06/10 20:40:28 | 000,000,290 | ---- | C] () -- C:\Users\Alex Harvey\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/06/10 20:40:28 | 000,000,272 | ---- | C] () -- C:\Users\Alex Harvey\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/06/10 20:30:12 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/06/10 20:30:09 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/06/10 20:27:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/06/10 20:27:03 | 2145,394,687 | -HS- | C] () -- C:\hiberfil.sys
[2012/04/06 02:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/04/06 02:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/01/18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2012/06/13 01:31:30 | 000,000,000 | ---D | M] -- C:\Users\Alex Harvey\AppData\Roaming\BitTorrent
[2012/06/20 22:55:55 | 000,000,000 | ---D | M] -- C:\Users\Alex Harvey\AppData\Roaming\Dropbox
[2012/06/11 19:58:53 | 000,000,000 | ---D | M] -- C:\Users\Alex Harvey\AppData\Roaming\Greyfirst
[2012/06/13 00:49:32 | 000,000,000 | ---D | M] -- C:\Users\Alex Harvey\AppData\Roaming\LibreOffice
[2012/06/12 21:58:44 | 000,000,000 | ---D | M] -- C:\Users\Alex Harvey\AppData\Roaming\PACE Anti-Piracy
[2012/06/20 23:48:07 | 000,000,000 | ---D | M] -- C:\Users\Alex Harvey\AppData\Roaming\REAPER
[2012/06/20 23:00:02 | 000,000,000 | ---D | M] -- C:\Users\Alex Harvey\AppData\Roaming\Spotify
[2012/06/13 01:07:11 | 000,000,000 | ---D | M] -- C:\Users\Alex Harvey\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2009/07/14 06:08:49 | 000,007,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >