System Drive is full three weeks after a system reinstall [Closed]

OTL logfile created on: 02/08/2012 20:16:33 - Run 2
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Fahro\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 65.31% Memory free
4.00 Gb Paging File | 3.01 Gb Available in Paging File | 75.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = G:\Program Files
Drive C: | 26.37 Gb Total Space | 0.33 Gb Free Space | 1.26% Space Free | Partition Type: NTFS
Drive D: | 39.06 Gb Total Space | 3.85 Gb Free Space | 9.86% Space Free | Partition Type: NTFS
Drive E: | 48.83 Gb Total Space | 0.53 Gb Free Space | 1.09% Space Free | Partition Type: NTFS
Drive F: | 39.29 Gb Total Space | 5.16 Gb Free Space | 13.14% Space Free | Partition Type: NTFS
Drive G: | 109.98 Gb Total Space | 21.99 Gb Free Space | 20.00% Space Free | Partition Type: NTFS

Computer Name: FAHRO-PC | User Name: Fahro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/01 20:07:50 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Fahro\Desktop\OTL.exe
PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/07/04 08:21:18 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012/07/04 01:34:42 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012/06/11 11:33:26 | 000,724,376 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012/06/11 11:33:14 | 000,174,488 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012/06/11 11:33:06 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/09 21:39:22 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011/08/09 21:39:16 | 003,076,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012/07/10 06:09:00 | 000,438,296 | ---- | M] () -- C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppgooglenaclpluginchrome.dll
MOD - [2012/07/10 06:08:59 | 003,972,120 | ---- | M] () -- C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012/07/10 06:07:39 | 000,554,520 | ---- | M] () -- C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012/07/10 06:07:37 | 000,117,784 | ---- | M] () -- C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012/07/10 06:07:22 | 000,140,328 | ---- | M] () -- C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012/07/10 06:07:21 | 000,262,184 | ---- | M] () -- C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012/07/10 06:07:19 | 002,386,984 | ---- | M] () -- C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012/07/10 04:17:27 | 009,255,112 | ---- | M] () -- C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - File not found [Auto | Stopped] -- %ProgramFiles%\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/07/28 20:49:06 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/18 21:38:53 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/04 08:20:42 | 000,217,088 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/07/04 01:34:42 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012/06/11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/09 21:39:22 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011/06/17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2003/07/28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Fahro\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/07/04 08:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012/07/04 08:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012/07/04 07:10:30 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012/07/03 16:19:17 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2012/07/03 16:16:27 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2012/06/11 11:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/03/05 16:04:30 | 000,045,184 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012/02/23 14:31:58 | 000,086,544 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2012/01/09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012/01/09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012/01/09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012/01/09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/08/09 13:57:10 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011/08/04 09:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011/08/04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/02/18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009/07/14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009/07/14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009/07/14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2007/04/09 14:27:07 | 000,031,548 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9C AB 61 0C 42 6B CD 01 [binary data]
IE - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: G:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Fahro\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Fahro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Fahro\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/18 21:38:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/07/02 22:07:04 | 000,000,000 | ---D | M]

[2012/07/23 10:49:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fahro\AppData\Roaming\Mozilla\Extensions
[2012/07/25 19:16:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fahro\AppData\Roaming\Mozilla\Firefox\Profiles\s7ey41lv.default\extensions

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Fahro\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.160.1 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U16 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Fahro\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

O1 HOSTS File: ([2012/08/01 23:55:24 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Search Results Toolbar) - {ad146b57-67a2-4c82-8b1c-51f6316b20d2} - C:\Program Files\searchresults9\searchresultsDX.dll (Ask.com)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Search Results Toolbar) - {ad146b57-67a2-4c82-8b1c-51f6316b20d2} - C:\Program Files\searchresults9\searchresultsDX.dll (Ask.com)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001..\Run: [Akamai NetSession Interface] C:\Users\Fahro\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001..\Run: [PC Suite Tray] F:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1350697212-3610436638-3386948606-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B5F07C4-BE94-4E36-895E-72C06CA14B0C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/04/09 23:26:32 | 000,000,000 | ---D | M] - F:\autoskola -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/02 20:13:33 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Fahro\Desktop\TFC.exe
[2012/08/02 11:32:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/08/02 00:01:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/01 23:43:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/01 23:43:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/01 23:43:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/01 23:43:21 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/08/01 23:43:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/01 23:43:11 | 000,000,000 | R--D | C] -- C:\Users\Fahro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/08/01 23:43:11 | 000,000,000 | R--D | C] -- C:\Users\Fahro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/08/01 23:42:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/01 23:42:47 | 004,722,680 | R--- | C] (Swearware) -- C:\Users\Fahro\Desktop\ComboFix.exe
[2012/08/01 23:13:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/01 20:08:29 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Fahro\Desktop\OTL.exe
[2012/08/01 11:10:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012/08/01 11:10:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2012/08/01 11:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012/07/30 22:31:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/30 22:23:20 | 000,000,000 | ---D | C] -- G:\Program Files\Oracle
[2012/07/30 22:23:00 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/07/30 22:22:41 | 000,000,000 | ---D | C] -- G:\Program Files\Java
[2012/07/30 16:24:43 | 000,000,000 | ---D | C] -- C:\Users\Fahro\Desktop\Originals
[2012/07/30 16:23:38 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\PhotoScape
[2012/07/29 17:51:41 | 000,000,000 | ---D | C] -- G:\Program Files\STALKER
[2012/07/29 16:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012/07/29 16:25:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012/07/29 16:25:47 | 000,000,000 | ---D | C] -- G:\Program Files\GreenTree Applications
[2012/07/29 16:03:12 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2012/07/29 03:14:03 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\WinRAR
[2012/07/29 02:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eGenesis
[2012/07/29 01:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stainless Steel
[2012/07/29 00:09:56 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\MilkShape 3D 1.x.x
[2012/07/29 00:05:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\stalker-shoc
[2012/07/28 21:57:26 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\vlc
[2012/07/28 21:54:53 | 000,000,000 | ---D | C] -- C:\VLC
[2012/07/28 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012/07/28 14:57:11 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\Ashampoo
[2012/07/28 14:57:10 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\Ashampoo
[2012/07/28 14:10:27 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\SCE
[2012/07/28 14:10:19 | 000,000,000 | ---D | C] -- C:\Crash
[2012/07/28 14:00:08 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012/07/28 14:00:08 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012/07/28 14:00:08 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012/07/28 14:00:08 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012/07/28 14:00:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012/07/28 14:00:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012/07/28 14:00:07 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012/07/28 14:00:07 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012/07/28 14:00:06 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012/07/28 14:00:06 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012/07/28 14:00:05 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012/07/28 14:00:05 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012/07/26 17:39:14 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\Adobe
[2012/07/26 17:19:22 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\PC Suite
[2012/07/26 17:19:22 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\Nokia
[2012/07/26 17:19:21 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012/07/26 17:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
[2012/07/26 17:18:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PCSuite
[2012/07/26 17:17:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2012/07/26 17:17:43 | 000,019,072 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2012/07/26 17:17:17 | 000,075,264 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2012/07/26 17:15:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2012/07/26 15:04:03 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\fizzy
[2012/07/25 01:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/07/25 01:47:55 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\Babylon
[2012/07/25 01:47:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo!
[2012/07/24 21:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/07/24 15:29:53 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\Apple
[2012/07/23 18:18:02 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\Need for Speed World
[2012/07/23 18:17:01 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\Electronic_Arts_Inc
[2012/07/23 10:50:51 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\Macromedia
[2012/07/23 10:50:51 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\Macromedia
[2012/07/23 10:49:43 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\Mozilla
[2012/07/23 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\ATI
[2012/07/23 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\ATI
[2012/07/23 10:32:50 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\Apple Computer
[2012/07/23 10:30:49 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\ESET
[2012/07/23 10:24:00 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\Adobe
[2012/07/23 04:13:46 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/07/22 23:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fizzy
[2012/07/22 23:07:42 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2012/07/21 22:06:28 | 000,000,000 | ---D | C] -- C:\Users\Fahro\Documents\The Lord of the Rings Online
[2012/07/21 01:20:17 | 000,000,000 | ---D | C] -- C:\Users\Fahro\Documents\Need for Speed World
[2012/07/21 00:36:33 | 000,000,000 | R--D | C] -- C:\Users\Fahro\Documents
[2012/07/20 19:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/07/20 17:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Allmyapps
[2012/07/18 19:32:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageShack Uploader
[2012/07/15 15:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2012/07/15 12:27:45 | 000,000,000 | ---D | C] -- C:\Users\Fahro\.thumbnails
[2012/07/15 01:05:08 | 000,000,000 | ---D | C] -- C:\Users\Fahro\.gimp-2.8
[2012/07/14 16:31:35 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\AMD
[2012/07/14 16:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/07/14 16:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012/07/14 16:30:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/07/14 16:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012/07/14 16:29:19 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys
[2012/07/14 16:24:12 | 000,000,000 | ---D | C] -- C:\AMD
[2012/07/13 01:05:48 | 000,094,208 | ---- | C] (Neil 'Jed' Jedrzejewski) -- C:\Windows\System32\vtfthumbext.dll
[2012/07/13 01:05:48 | 000,041,984 | ---- | C] (Neil 'Jed' Jedrzejewski) -- C:\Windows\System32\vtfcolumnext.dll
[2012/07/13 01:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CSM SourceSDK
[2012/07/11 23:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
[2012/07/11 22:57:44 | 000,266,293 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.001
[2012/07/11 22:56:45 | 000,266,293 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000
[2012/07/11 21:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/07/11 15:47:41 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2012/07/11 14:41:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012/07/11 12:03:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
[2012/07/10 16:02:49 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Local\Akamai
[2012/07/10 11:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Ray SDK
[2012/07/09 04:51:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/09 04:51:34 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2012/07/09 04:47:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012/07/09 04:23:45 | 000,000,000 | ---D | C] -- C:\Users\Fahro\AppData\Roaming\Apple Computer
[2012/07/09 04:23:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/07/09 04:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/07/09 04:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/07/09 04:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/07/09 04:20:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/07/09 03:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2012/07/04 19:07:22 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012/07/04 19:07:22 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012/07/04 19:07:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012/07/04 19:07:21 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012/07/04 19:07:21 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012/07/04 19:07:21 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012/07/04 19:07:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012/07/04 19:07:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012/07/04 19:07:21 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012/07/04 19:07:20 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012/07/04 19:07:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012/07/04 19:07:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012/07/04 19:07:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012/07/04 19:07:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012/07/04 19:07:20 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012/07/04 19:07:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012/07/04 19:07:19 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012/07/04 19:07:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012/07/04 19:07:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012/07/04 19:07:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012/07/04 19:07:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012/07/04 18:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2012/07/04 18:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/07/04 18:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/07/04 18:55:00 | 000,000,000 | ---D | C] -- G:\Program Files\bitComposer Games
[2012/07/04 08:58:12 | 010,070,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2012/07/04 08:35:46 | 019,586,048 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2012/07/04 08:27:18 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2012/07/04 08:27:08 | 000,918,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2012/07/04 08:21:46 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2012/07/04 08:21:18 | 000,453,632 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012/07/04 08:20:42 | 000,217,088 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012/07/04 08:19:24 | 000,163,840 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012/07/04 08:19:14 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012/07/04 08:19:06 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2012/07/04 07:36:22 | 000,058,368 | ---- | C] (AMD) -- C:\Windows\System32\coinst_8.97.100.3.dll
[2012/07/04 07:36:14 | 001,960,960 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2012/07/04 07:11:38 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2012/07/04 07:11:38 | 000,056,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2012/07/04 07:11:28 | 000,364,544 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2012/07/04 07:11:16 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2012/07/04 07:11:04 | 000,033,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2012/07/04 07:10:30 | 000,290,304 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2012/07/04 07:09:56 | 000,042,496 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2012/07/04 07:09:42 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2012/07/04 07:09:10 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2012/07/04 07:04:28 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2012/07/04 07:04:18 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2012/07/04 06:59:40 | 013,402,112 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2012/07/04 02:32:02 | 000,065,024 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OpenVideo.dll
[2012/07/04 02:31:52 | 000,056,320 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OVDecode.dll
[2012/07/04 02:30:58 | 013,008,384 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\amdocl.dll
[2012/07/04 02:30:08 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

========== Files - Modified Within 30 Days ==========

[2012/08/02 20:13:27 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Fahro\Desktop\TFC.exe
[2012/08/02 19:52:32 | 000,697,184 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012/08/02 19:52:32 | 000,683,828 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2012/08/02 19:52:32 | 000,641,466 | ---- | M] () -- C:\Windows\System32\perfh00E.dat
[2012/08/02 19:52:32 | 000,623,890 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/02 19:52:32 | 000,150,268 | ---- | M] () -- C:\Windows\System32\perfc00E.dat
[2012/08/02 19:52:32 | 000,136,674 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012/08/02 19:52:32 | 000,133,600 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2012/08/02 19:52:32 | 000,107,522 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/02 19:52:31 | 000,631,138 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012/08/02 19:52:31 | 000,123,564 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012/08/02 19:52:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/02 12:22:19 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/02 12:22:19 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/02 12:14:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/02 12:14:30 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/01 23:55:24 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/08/01 23:42:36 | 004,722,680 | R--- | M] (Swearware) -- C:\Users\Fahro\Desktop\ComboFix.exe
[2012/08/01 20:07:50 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Fahro\Desktop\OTL.exe
[2012/08/01 11:18:48 | 000,000,081 | ---- | M] () -- C:\Users\Fahro\Desktop\realmlist.What the...
[2012/08/01 01:20:48 | 000,000,359 | ---- | M] () -- C:\Users\Fahro\Desktop\Recycle Bin - Shortcut.lnk
[2012/07/31 23:42:15 | 000,588,691 | ---- | M] () -- C:\Users\Fahro\Desktop\Faxxx.png
[2012/07/31 18:07:29 | 002,577,323 | ---- | M] () -- C:\Users\Fahro\Desktop\DSC_7712.JPG
[2012/07/31 17:50:04 | 001,253,490 | ---- | M] () -- C:\Users\Fahro\Desktop\DSC_7713.JPG
[2012/07/30 22:22:43 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/07/30 22:22:43 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/07/30 16:24:44 | 000,272,446 | ---- | M] () -- C:\Users\Fahro\Desktop\487817_330577513698568_2111877652_n.jpg
[2012/07/30 15:39:10 | 000,028,458 | ---- | M] () -- C:\Users\Fahro\Desktop\Faxx.jpg
[2012/07/29 16:25:48 | 000,001,061 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012/07/29 15:14:00 | 000,150,485 | ---- | M] () -- C:\Users\Fahro\Desktop\faxxy.png
[2012/07/29 02:21:25 | 000,297,714 | ---- | M] () -- C:\Windows\A Tale in the Desert Uninstaller.exe
[2012/07/29 02:21:25 | 000,000,599 | ---- | M] () -- C:\Users\Fahro\Desktop\A Tale in the Desert.lnk
[2012/07/29 01:49:21 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\Stainless Steel 6.3.lnk
[2012/07/28 20:49:05 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/07/28 20:49:05 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/07/28 19:16:13 | 000,001,204 | ---- | M] () -- C:\Users\Fahro\Desktop\EverQuest.lnk
[2012/07/26 17:20:03 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012/07/26 17:18:01 | 000,001,759 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2012/07/25 02:27:47 | 000,117,542 | ---- | M] () -- C:\Users\Fahro\Desktop\558411_4391651479633_301986235_n modified.jpg
[2012/07/25 01:47:27 | 008,161,357 | ---- | M] ( ) -- C:\Users\Fahro\Desktop\peditor11inst.exe
[2012/07/25 01:00:07 | 000,080,724 | ---- | M] () -- C:\Users\Fahro\Desktop\558411_4391651479633_301986235_n.jpg
[2012/07/24 21:14:19 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/23 17:28:47 | 000,002,316 | ---- | M] () -- C:\Users\Fahro\Desktop\Google Chrome.lnk
[2012/07/23 08:49:41 | 000,109,638 | ---- | M] () -- C:\Users\Fahro\Desktop\steve-jobs-facebook-cover.jpg
[2012/07/22 01:00:53 | 000,194,867 | ---- | M] () -- C:\Users\Fahro\Desktop\ff.png
[2012/07/21 22:29:40 | 000,325,331 | ---- | M] () -- C:\Users\Fahro\Desktop\Untitled.png
[2012/07/21 22:15:16 | 000,132,356 | ---- | M] () -- C:\Users\Fahro\Desktop\earth.jpg
[2012/07/20 23:43:13 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2012/07/16 17:20:07 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012/07/16 17:20:07 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/07/16 11:11:34 | 000,287,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/15 15:26:15 | 000,014,336 | -H-- | M] () -- C:\Users\Fahro\Desktop\photothumb.db
[2012/07/15 00:22:45 | 000,515,451 | ---- | M] () -- C:\Users\Fahro\Desktop\merit1.jpg
[2012/07/12 13:38:53 | 000,000,628 | ---- | M] () -- C:\Users\Fahro\Desktop\Call of Duty 2 SinglePlayer.lnk
[2012/07/12 00:17:34 | 000,000,988 | ---- | M] () -- C:\Windows\level.ini
[2012/07/12 00:08:44 | 000,001,041 | ---- | M] () -- C:\Windows\particle.ini
[2012/07/11 23:00:16 | 000,000,810 | ---- | M] () -- C:\Windows\Rtcw.INI
[2012/07/11 15:47:41 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2012/07/11 12:03:37 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Medieval II Total War.lnk
[2012/07/09 04:25:57 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/07/09 03:54:28 | 000,002,040 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012/07/04 08:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2012/07/04 08:35:46 | 019,586,048 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2012/07/04 08:28:20 | 000,246,000 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2012/07/04 08:27:18 | 000,159,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2012/07/04 08:27:08 | 000,918,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2012/07/04 08:21:46 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2012/07/04 08:21:18 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012/07/04 08:20:42 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012/07/04 08:19:24 | 000,163,840 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012/07/04 08:19:14 | 000,020,992 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012/07/04 08:19:06 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2012/07/04 08:18:18 | 006,811,648 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2012/07/04 07:36:22 | 000,058,368 | ---- | M] (AMD) -- C:\Windows\System32\coinst_8.97.100.3.dll
[2012/07/04 07:36:14 | 001,960,960 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2012/07/04 07:35:14 | 006,245,888 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2012/07/04 07:28:52 | 004,749,312 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2012/07/04 07:27:30 | 002,852,480 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2012/07/04 07:27:30 | 000,204,952 | ---- | M] () -- C:\Windows\System32\ativvsvl.dat
[2012/07/04 07:27:30 | 000,157,144 | ---- | M] () -- C:\Windows\System32\ativvsva.dat
[2012/07/04 07:11:38 | 000,056,832 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2012/07/04 07:11:38 | 000,056,832 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2012/07/04 07:11:28 | 000,364,544 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2012/07/04 07:11:16 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2012/07/04 07:11:04 | 000,033,280 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2012/07/04 07:10:30 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2012/07/04 07:09:56 | 000,042,496 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2012/07/04 07:09:42 | 000,032,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2012/07/04 07:09:10 | 000,053,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2012/07/04 07:04:28 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2012/07/04 07:04:18 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2012/07/04 06:59:40 | 013,402,112 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2012/07/04 02:32:18 | 000,159,232 | ---- | M] () -- C:\Windows\System32\clinfo.exe
[2012/07/04 02:32:02 | 000,065,024 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OpenVideo.dll
[2012/07/04 02:31:52 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OVDecode.dll
[2012/07/04 02:30:58 | 013,008,384 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\amdocl.dll
[2012/07/04 02:30:08 | 000,050,176 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

========== Files Created - No Company Name ==========

[2012/08/01 23:43:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/01 23:43:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/01 23:43:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/01 23:43:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/01 23:43:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/01 11:18:53 | 000,000,081 | ---- | C] () -- C:\Users\Fahro\Desktop\realmlist.What the...
[2012/08/01 01:20:48 | 000,000,359 | ---- | C] () -- C:\Users\Fahro\Desktop\Recycle Bin - Shortcut.lnk
[2012/07/31 23:42:14 | 000,588,691 | ---- | C] () -- C:\Users\Fahro\Desktop\Faxxx.png
[2012/07/31 18:02:33 | 001,253,490 | ---- | C] () -- C:\Users\Fahro\Desktop\DSC_7713.JPG
[2012/07/31 18:02:31 | 002,577,323 | ---- | C] () -- C:\Users\Fahro\Desktop\DSC_7712.JPG
[2012/07/30 16:23:04 | 000,272,446 | ---- | C] () -- C:\Users\Fahro\Desktop\487817_330577513698568_2111877652_n.jpg
[2012/07/30 15:39:15 | 000,028,458 | ---- | C] () -- C:\Users\Fahro\Desktop\Faxx.jpg
[2012/07/29 16:25:48 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012/07/29 15:14:00 | 000,150,485 | ---- | C] () -- C:\Users\Fahro\Desktop\faxxy.png
[2012/07/29 02:21:25 | 000,297,714 | ---- | C] () -- C:\Windows\A Tale in the Desert Uninstaller.exe
[2012/07/29 02:21:25 | 000,000,599 | ---- | C] () -- C:\Users\Fahro\Desktop\A Tale in the Desert.lnk
[2012/07/29 01:49:21 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\Stainless Steel 6.3.lnk
[2012/07/28 13:53:08 | 000,001,204 | ---- | C] () -- C:\Users\Fahro\Desktop\EverQuest.lnk
[2012/07/28 13:53:08 | 000,001,132 | ---- | C] () -- C:\Users\Fahro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EverQuest.lnk
[2012/07/26 17:20:03 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2012/07/26 17:18:01 | 000,001,759 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2012/07/25 02:27:47 | 000,117,542 | ---- | C] () -- C:\Users\Fahro\Desktop\558411_4391651479633_301986235_n modified.jpg
[2012/07/25 01:47:09 | 008,161,357 | ---- | C] ( ) -- C:\Users\Fahro\Desktop\peditor11inst.exe
[2012/07/25 01:00:12 | 000,080,724 | ---- | C] () -- C:\Users\Fahro\Desktop\558411_4391651479633_301986235_n.jpg
[2012/07/24 21:14:19 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/23 08:49:44 | 000,109,638 | ---- | C] () -- C:\Users\Fahro\Desktop\steve-jobs-facebook-cover.jpg
[2012/07/22 01:00:52 | 000,194,867 | ---- | C] () -- C:\Users\Fahro\Desktop\ff.png
[2012/07/21 22:29:40 | 000,325,331 | ---- | C] () -- C:\Users\Fahro\Desktop\Untitled.png
[2012/07/21 22:15:01 | 000,132,356 | ---- | C] () -- C:\Users\Fahro\Desktop\earth.jpg
[2012/07/20 23:43:13 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2012/07/16 17:20:07 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012/07/16 17:20:07 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012/07/15 15:25:36 | 000,014,336 | -H-- | C] () -- C:\Users\Fahro\Desktop\photothumb.db
[2012/07/15 00:57:17 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012/07/15 00:22:40 | 000,515,451 | ---- | C] () -- C:\Users\Fahro\Desktop\merit1.jpg
[2012/07/13 01:05:48 | 000,516,096 | ---- | C] () -- C:\Windows\System32\VTFLib.dll
[2012/07/12 13:38:53 | 000,000,628 | ---- | C] () -- C:\Users\Fahro\Desktop\Call of Duty 2 SinglePlayer.lnk
[2012/07/12 00:17:33 | 000,000,988 | ---- | C] () -- C:\Windows\level.ini
[2012/07/12 00:08:44 | 000,001,041 | ---- | C] () -- C:\Windows\particle.ini
[2012/07/11 22:56:37 | 000,000,810 | ---- | C] () -- C:\Windows\Rtcw.INI
[2012/07/11 12:03:37 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Medieval II Total War.lnk
[2012/07/09 04:25:57 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/07/09 04:20:54 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/07/04 18:58:46 | 000,002,040 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2012/07/04 18:58:19 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/07/04 08:28:20 | 000,246,000 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012/07/04 07:27:30 | 002,852,480 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012/07/04 07:27:30 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012/07/04 07:27:30 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012/07/04 02:32:18 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012/07/03 16:16:27 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2012/07/03 16:16:27 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2012/07/03 06:48:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/07/02 22:14:52 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/07/02 22:03:23 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/07/02 22:03:23 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2012/07/02 22:03:21 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2012/07/02 22:03:21 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012/07/02 22:03:21 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012/07/02 22:03:19 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012/04/18 19:39:06 | 000,028,672 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012/03/06 19:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat

========== LOP Check ==========

[2012/07/28 14:57:28 | 000,000,000 | ---D | M] -- C:\Users\Fahro\AppData\Roaming\Ashampoo
[2012/07/25 01:47:55 | 000,000,000 | ---D | M] -- C:\Users\Fahro\AppData\Roaming\Babylon
[2012/08/02 20:14:29 | 000,000,000 | ---D | M] -- C:\Users\Fahro\AppData\Roaming\BitTorrent
[2012/07/26 15:04:03 | 000,000,000 | ---D | M] -- C:\Users\Fahro\AppData\Roaming\fizzy
[2012/07/29 00:10:06 | 000,000,000 | ---D | M] -- C:\Users\Fahro\AppData\Roaming\MilkShape 3D 1.x.x
[2012/07/23 18:18:02 | 000,000,000 | ---D | M] -- C:\Users\Fahro\AppData\Roaming\Need for Speed World
[2012/07/29 17:35:50 | 000,000,000 | ---D | M] -- C:\Users\Fahro\AppData\Roaming\Nokia
[2012/07/26 17:20:18 | 000,000,000 | ---D | M] -- C:\Users\Fahro\AppData\Roaming\PC Suite
[2012/07/30 16:24:21 | 000,000,000 | ---D | M] -- C:\Users\Fahro\AppData\Roaming\PhotoScape
[2009/07/14 06:53:46 | 000,013,398 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\erdnt\cache\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\erdnt\cache\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/18 21:38:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/18 21:38:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/18 21:38:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/07/18 21:38:54 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/07/18 21:38:54 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/07/18 21:38:54 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Fahro\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/07/10 06:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Fahro\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/07/10 06:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Fahro\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/07/10 06:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Fahro\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/07/10 06:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 03:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 03:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 03:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "G:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe"

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/18 21:38:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/18 21:38:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/18 21:38:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/07/18 21:38:54 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/07/18 21:38:54 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/07/18 21:38:54 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Fahro\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/07/10 06:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Fahro\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/07/10 06:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Fahro\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/07/10 06:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Fahro\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/07/10 06:09:02 | 001,250,328 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/14 03:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/14 03:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/14 03:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/07/14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "G:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe"

< End of report >

#16
Render

Posted 02 August 2012 - 08:09 AM

Advertisements

#17
Faxxy

Posted 02 August 2012 - 12:26 PM

#18
Render

Posted 02 August 2012 - 01:18 PM

#19
Faxxy

Posted 02 August 2012 - 01:58 PM

#20
Render

Posted 02 August 2012 - 02:22 PM

#21
Faxxy

Posted 02 August 2012 - 02:26 PM

#22
Render

Posted 02 August 2012 - 02:32 PM

#23
Render

Posted 02 August 2012 - 02:56 PM

#24
Render

Posted 02 August 2012 - 03:01 PM

#25
Faxxy

Posted 02 August 2012 - 05:50 PM

Advertisements

#26
Render

Posted 02 August 2012 - 05:53 PM

#27
Faxxy

Posted 02 August 2012 - 07:03 PM

#28
Render

Posted 03 August 2012 - 08:43 AM

#29
Faxxy

Posted 03 August 2012 - 04:32 PM

#30
Faxxy

Posted 03 August 2012 - 04:43 PM

Attached Files

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

System Drive is full three weeks after a system reinstall [Closed]

#16 Render Posted 02 August 2012 - 08:09 AM

Advertisements

#17 Faxxy Posted 02 August 2012 - 12:26 PM

#18 Render Posted 02 August 2012 - 01:18 PM

#19 Faxxy Posted 02 August 2012 - 01:58 PM

#20 Render Posted 02 August 2012 - 02:22 PM

#21 Faxxy Posted 02 August 2012 - 02:26 PM

#22 Render Posted 02 August 2012 - 02:32 PM

#23 Render Posted 02 August 2012 - 02:56 PM

#24 Render Posted 02 August 2012 - 03:01 PM

#25 Faxxy Posted 02 August 2012 - 05:50 PM

Advertisements

#26 Render Posted 02 August 2012 - 05:53 PM

#27 Faxxy Posted 02 August 2012 - 07:03 PM

#28 Render Posted 03 August 2012 - 08:43 AM

#29 Faxxy Posted 03 August 2012 - 04:32 PM

#30 Faxxy Posted 03 August 2012 - 04:43 PM

Attached Files

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#16
Render

Posted 02 August 2012 - 08:09 AM

#17
Faxxy

Posted 02 August 2012 - 12:26 PM

#18
Render

Posted 02 August 2012 - 01:18 PM

#19
Faxxy

Posted 02 August 2012 - 01:58 PM

#20
Render

Posted 02 August 2012 - 02:22 PM

#21
Faxxy

Posted 02 August 2012 - 02:26 PM

#22
Render

Posted 02 August 2012 - 02:32 PM

#23
Render

Posted 02 August 2012 - 02:56 PM

#24
Render

Posted 02 August 2012 - 03:01 PM

#25
Faxxy

Posted 02 August 2012 - 05:50 PM

#26
Render

Posted 02 August 2012 - 05:53 PM

#27
Faxxy

Posted 02 August 2012 - 07:03 PM

#28
Render

Posted 03 August 2012 - 08:43 AM

#29
Faxxy

Posted 03 August 2012 - 04:32 PM

#30
Faxxy

Posted 03 August 2012 - 04:43 PM