Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Browser not working DDS Logs


  • This topic is locked This topic is locked
29 replies to this topic

#1 davidog

davidog

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 20 August 2010 - 04:45 PM

Referred from here: http://www.bleepingcomputer.com/forums/topic339681.html ~ OB

Hi BC Community these are my DDS Logs:



DDS (Ver_10-03-17.01) - NTFSX64
Run by Admin at 17:18:28.62 on Fri 20/08/2010
Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_20
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.61.1033.18.6142.4395 [GMT 10:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k regsvc
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RAVCpl64.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\ehome\ehsched.exe
C:\Windows\ehome\ehRecvr.exe
C:\Users\Admin\AppData\Local\Apps\2.0\VXQH895O.BK5\E0G13Z6Z.E7L\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe
C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Admin\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.au/
mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: DeviceVM Url Search Hook: {0063bf63-bfff-4b8f-9d26-4267df7f17dd} - c:\windows\syswow64\dvmurl.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files (x86)\norton 360\engine\4.2.0.12\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files (x86)\norton 360\engine\4.2.0.12\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files (x86)\norton 360\engine\4.2.0.12\coIEPlg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [PC Suite Tray] "c:\program files (x86)\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [JMB36X IDE Setup] c:\windows\raidtool\xInsIDE.exe
StartupFolder: c:\users\admin\appdata\roaming\microsoft\windows\start menu\programs\startup\CurseClientStartup.ccip
uPolicies-explorer: MaxRecentDocs = 10 (0xa)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to AMV/AVI Video Converter... - c:\program files (x86)\media player utilities 4.21\amvconverter\grab.html
IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg64.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [Skytel] Skytel.exe
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

================= FIREFOX ===================

FF - ProfilePath - c:\users\admin\appdata\roaming\mozilla\firefox\profiles\6dflw320.default\
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files (x86)\byond\bin\npbyond.dll
FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npOGPPlugin.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\admin\appdata\roaming\mozilla\firefox\profiles\6dflw320.default\extensions\battlefieldheroespatcher@ea.com\platform\winnt_x86-msvc\plugins\npBFHUpdater.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360x64\0402000.00c\symds64.sys [2010-8-14 433200]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360x64\0402000.00c\symefa64.sys [2010-8-14 221232]
R1 BHDrvx64;BHDrvx64;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\bashdefs\20100810.004\BHDrvx64.sys [2010-8-10 945200]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360x64\0402000.00c\cchpx64.sys [2010-8-14 615040]
R1 IDSVia64;IDSVia64;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.0.0.127\definitions\ipsdefs\20100818.002\IDSviA64.sys [2010-8-20 463408]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360x64\0402000.00c\ironx64.sys [2010-8-14 150064]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360x64\0402000.00c\symtdiv.sys [2010-8-14 451120]
R2 N360;Norton 360;c:\program files (x86)\norton 360\engine\4.2.0.12\ccsvchst.exe [2010-8-14 126392]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-6-7 240232]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-8-14 132656]
R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\drivers\RTL85n64.sys [2009-9-2 420648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 GEST Service;GEST Service for program management.;c:\program files (x86)\gigabyte\energysaver\GSvr.exe [2009-9-2 68136]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]
S3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2009-10-6 25088]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2009-10-6 172544]
S3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2009-10-6 18944]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2010-6-28 19544]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-21 19968]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\drivers\RTL2832U_IRHID.sys [2009-12-25 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2009-12-25 116640]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [2009-12-25 38944]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-8-28 49152]
S3 vcd9bus;Virtual CD v9 Bus Enumerator;c:\windows\system32\drivers\vcd9bus.sys [2009-12-31 40216]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-9-10 89920]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-10 369688]

============== File Associations ===============

JSEFile=c:\windows\syswow64\WScript.exe "%1" %*

=============== Created Last 30 ================

2010-08-20 07:11:30 20 ----a-w- c:\users\admin\defogger_reenable
2010-08-14 22:54:30 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-08-14 02:54:20 34152 ----a-r- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-08-14 02:54:20 126312 ----a-r- c:\windows\system32\GEARAspi64.dll
2010-08-14 02:54:20 107368 ----a-r- c:\windows\syswow64\GEARAspi.dll
2010-08-14 02:54:19 854 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.INF
2010-08-14 02:54:19 7440 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.CAT
2010-08-14 02:54:19 173104 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2010-08-14 02:54:07 0 d-----w- c:\program files\Symantec
2010-08-14 02:54:07 0 d-----w- c:\program files\common files\Symantec Shared
2010-08-14 02:53:29 0 d-----w- c:\windows\system32\drivers\N360x64
2010-08-14 02:53:26 0 d-----w- c:\program files (x86)\Norton 360
2010-08-14 02:52:55 0 d-----w- c:\program files (x86)\NortonInstaller
2010-08-13 10:51:16 0 d-----w- c:\users\admin\appdata\roaming\Malwarebytes
2010-08-13 10:51:07 0 d-----w- c:\programdata\Malwarebytes
2010-08-13 10:51:06 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-12 07:00:59 1426816 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-12 07:00:55 453120 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-12 07:00:55 175104 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-12 07:00:54 2752000 ----a-w- c:\windows\system32\win32k.sys
2010-08-12 07:00:53 50688 ----a-w- c:\windows\system32\rtutils.dll
2010-08-12 07:00:52 36864 ----a-w- c:\windows\syswow64\rtutils.dll
2010-08-12 07:00:16 81920 ----a-w- c:\windows\syswow64\iccvid.dll
2010-08-12 07:00:14 4697992 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-08-12 06:58:36 1869824 ----a-w- c:\windows\system32\msxml3.dll
2010-08-12 06:58:36 1248768 ----a-w- c:\windows\syswow64\msxml3.dll
2010-08-12 06:58:33 343040 ----a-w- c:\windows\system32\schannel.dll
2010-08-12 06:58:33 274944 ----a-w- c:\windows\syswow64\schannel.dll
2010-08-08 05:20:10 0 d-----w- c:\program files (x86)\Counter Strike Source
2010-08-07 04:49:30 0 d-----w- c:\program files (x86)\CAPCOM
2010-08-06 11:34:11 0 d-----w- c:\program files (x86)\Free Download Manager
2010-08-02 21:35:11 11584512 ----a-w- c:\windows\syswow64\shell32.dll
2010-07-27 11:14:07 0 d-----w- c:\program files (x86)\Free M4a to MP3 Converter
2010-07-27 11:06:38 0 d-----w- c:\users\admin\appdata\roaming\Smart FLV Converter Pro

==================== Find3M ====================

2010-08-20 07:13:47 69801 ----a-w- c:\programdata\nvModes.dat
2010-08-20 07:13:21 24072 ----a-w- c:\windows\gdrv.sys
2010-08-20 07:11:45 2140 ----a-w- c:\windows\bthservsdp.dat
2010-08-14 02:42:45 86016 ----a-w- c:\windows\inf\infstor.dat
2010-08-14 02:42:45 51200 ----a-w- c:\windows\inf\infpub.dat
2010-08-14 02:42:45 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-07-31 00:21:50 107832 ----a-w- c:\windows\syswow64\PnkBstrB.exe
2010-07-31 00:21:39 66872 ----a-w- c:\windows\syswow64\PnkBstrA.exe
2010-07-31 00:21:39 2250024 ----a-w- c:\windows\syswow64\pbsvc.exe
2010-07-13 04:59:00 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-13 04:59:00 444952 ----a-w- c:\windows\syswow64\wrap_oal.dll
2010-07-13 04:59:00 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-13 04:59:00 109080 ----a-w- c:\windows\syswow64\OpenAL32.dll
2010-07-01 09:22:40 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-30 09:54:26 43680 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-06-30 09:54:26 314016 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-06-26 06:30:12 1147904 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:25:54 77312 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 06:25:54 132096 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 06:05:49 916480 ----a-w- c:\windows\syswow64\wininet.dll
2010-06-26 06:05:41 1210368 ----a-w- c:\windows\syswow64\urlmon.dll
2010-06-26 06:04:40 206848 ----a-w- c:\windows\syswow64\occache.dll
2010-06-26 06:03:22 611840 ----a-w- c:\windows\syswow64\mstime.dll
2010-06-26 06:03:04 5951488 ----a-w- c:\windows\syswow64\mshtml.dll
2010-06-26 06:03:02 599040 ----a-w- c:\windows\syswow64\msfeeds.dll
2010-06-26 06:03:02 55296 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2010-06-26 06:02:31 25600 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-06-26 06:02:15 71680 ----a-w- c:\windows\syswow64\iesetup.dll
2010-06-26 06:02:15 1986560 ----a-w- c:\windows\syswow64\iertutil.dll
2010-06-26 06:02:15 164352 ----a-w- c:\windows\syswow64\ieui.dll
2010-06-26 06:02:15 109056 ----a-w- c:\windows\syswow64\iesysprep.dll
2010-06-26 06:02:14 55808 ----a-w- c:\windows\syswow64\iernonce.dll
2010-06-26 06:02:14 184320 ----a-w- c:\windows\syswow64\iepeers.dll
2010-06-26 06:02:14 11077120 ----a-w- c:\windows\syswow64\ieframe.dll
2010-06-26 06:02:09 387584 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-06-26 04:47:47 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-26 04:25:02 133632 ----a-w- c:\windows\syswow64\ieUnatt.exe
2010-06-26 04:24:51 173056 ----a-w- c:\windows\syswow64\ie4uinit.exe
2010-06-26 04:24:17 13312 ----a-w- c:\windows\syswow64\msfeedssync.exe
2010-06-09 05:51:23 2427248 ----a-w- c:\windows\syswow64\pbsvc_heroes.exe
2010-06-07 07:21:02 1691752 ----a-w- c:\windows\system32\nvsvcr.dll
2010-06-07 07:21:02 159336 ----a-w- c:\windows\system32\nvvsvc.exe
2010-06-07 07:21:02 15282280 ----a-w- c:\windows\system32\nvcpl.dll
2010-06-07 07:21:02 1448040 ----a-w- c:\windows\system32\nvsvc64.dll
2010-06-07 07:21:02 116328 ----a-w- c:\windows\system32\nvmctray.dll
2010-06-01 18:55:30 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-01 18:55:30 74072 ----a-w- c:\windows\syswow64\XAPOFX1_5.dll
2010-06-01 18:55:30 527192 ----a-w- c:\windows\syswow64\XAudio2_7.dll
2010-06-01 18:55:30 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-01 18:55:30 239960 ----a-w- c:\windows\syswow64\xactengine3_7.dll
2010-06-01 18:55:30 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-28 02:58:32 659048 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-05-26 17:23:46 48128 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 17:06:41 34304 ----a-w- c:\windows\syswow64\atmlib.dll
2010-05-26 15:10:41 366080 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 14:47:41 289792 ----a-w- c:\windows\syswow64\atmfd.dll
2010-05-26 01:41:02 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 01:41:02 470880 ----a-w- c:\windows\syswow64\d3dx10_43.dll
2010-05-26 01:41:02 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 01:41:02 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 01:41:02 248672 ----a-w- c:\windows\syswow64\d3dx11_43.dll
2010-05-26 01:41:02 2106216 ----a-w- c:\windows\syswow64\D3DCompiler_43.dll
2010-05-26 01:41:02 1998168 ----a-w- c:\windows\syswow64\D3DX9_43.dll
2010-05-26 01:41:02 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 01:41:02 1868128 ----a-w- c:\windows\syswow64\d3dcsx_43.dll
2010-05-26 01:41:00 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-05-25 06:50:57 153376 ----a-w- c:\windows\syswow64\javaws.exe
2010-05-25 06:50:57 145184 ----a-w- c:\windows\syswow64\javaw.exe
2010-05-25 06:50:57 145184 ----a-w- c:\windows\syswow64\java.exe
2010-05-25 06:50:55 411368 ----a-w- c:\windows\syswow64\deployJava1.dll
2010-05-25 06:03:33 20135936 ----a-w- C:\True Crime® New York City.exe
2009-11-17 05:24:54 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 17:20:11.46 ===============

Below is the Attach file from DDS




Attached File  Attach.zip   3.55KB   8 downloads

Edited by Orange Blossom, 20 August 2010 - 11:19 PM.


BC AdBot (Login to Remove)

 


#2 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:07:14 PM

Posted 26 August 2010 - 09:31 PM

Hi davidog,

Welcome to Bleeping Computer!

My name is mpascal, and I will be helping you fix your problem.

Before we begin, I would like give a few guidelines so that we can fix your problem as quickly and efficiently as possible:
  • Be sure to follow all my instructions carefully! If there is anything you don't understand, don't hesitate to ask.
  • Please do not do anything or perform other steps unless I have asked you to do so.
  • Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.
  • Don't attach any logs unless asked. Posting them in the forums will make them easier to analyze.
  • If you are unsure of how to reply, or need help with anything regarding the website, please look here.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below I will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

STEP 1 - MBAM

Note: In the event that you already have MBAM installed, you do not need to reinstall it. Simply Updating it and doing a Quickscan is sufficient.

Please download Malwarebytes Anti-Malware (v1.44) and save it to your desktop.MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

STEP 2 - GMER

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.
-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning
.

STEP 3 - OTL

Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • In the Custom Scans box, copy and paste the following:
    CODE
    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of the files, and post it with your next reply.
STEP 4 - Reply

Please reply with the following logs:
  • MBAM Log
  • GMER Log
  • OTL Log

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#3 davidog

davidog
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 27 August 2010 - 01:50 AM

Hi mpascal, I created an mbam log that was fine but my gmer only scanned with these boxes ticked: Services, Registry, Files and my Local Disk C: and ADS Ticked. Also, my OTL only created OTL.txt and not an additional Extras file. This is my mbam log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4487

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

27/08/2010 3:32:24 PM
mbam-log-2010-08-27 (15-32-24).txt

Scan type: Quick scan
Objects scanned: 150692
Time elapsed: 5 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

This is my GMER log:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-27 16:20:28
Windows 6.0.6002 Service Pack 2
Running: pbrtbypw.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001b100010c7
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001b100010c7@9c18740b92d4 0x8C 0x36 0x27 0xD7 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001b100010c7@0026699725d4 0xA8 0x11 0x8B 0x32 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC4 0x49 0x0A 0x62 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCA 0x1E 0xF0 0x26 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xC8 0x62 0xFB 0x28 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x77 0x74 0xE8 0xB2 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001b100010c7 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001b100010c7@9c18740b92d4 0x8C 0x36 0x27 0xD7 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001b100010c7@0026699725d4 0xA8 0x11 0x8B 0x32 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC4 0x49 0x0A 0x62 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCA 0x1E 0xF0 0x26 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xC8 0x62 0xFB 0x28 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x77 0x74 0xE8 0xB2 ...

---- EOF - GMER 1.0.15 ----

Finally, this is my OTL log:

OTL logfile created on: 27/08/2010 4:24:41 PM - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Admin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 63.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 352.45 Gb Free Space | 37.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 956.80 Mb Total Space | 797.09 Mb Free Space | 83.31% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN-PC
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/27 15:41:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2010/07/31 10:21:50 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010/07/31 10:21:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/07/25 08:06:14 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/06/07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccsvchst.exe
PRC - [2009/11/11 09:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/10/27 08:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 08:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/10/27 08:14:22 | 000,128,000 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2009/07/26 15:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/07/10 15:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2001/09/11 07:53:06 | 000,032,768 | ---- | M] (Cell Soft) -- C:\Users\Admin\Desktop\EA Games\Battlefield Heroes\grenade virus(destroys your computer).exe


========== Modules (SafeList) ==========

MOD - [2010/08/27 15:41:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
MOD - [2010/05/14 15:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\asoehook.dll
MOD - [2009/07/12 18:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 18:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\microsoft.vc90.crt\msvcp90.dll
MOD - [2008/01/21 12:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2008/07/29 12:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2008/01/21 12:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/08/09 16:59:52 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/07/31 10:21:50 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/07/31 10:21:39 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/06/07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/22 05:41:00 | 003,532,120 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 14:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe -- (N360)
SRV - [2009/10/27 08:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/08 17:15:26 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008/07/10 15:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008/07/10 15:33:06 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
SRV - [2008/07/10 15:33:02 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010/08/14 12:54:07 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/07/01 19:22:40 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/06/30 19:54:26 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/06/30 19:54:26 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010/05/06 14:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0402000.00C\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2010/04/29 15:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/04/22 13:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2010/04/22 12:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0402000.00C\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2010/04/22 12:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/03/23 02:17:06 | 001,462,304 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2010/02/26 10:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2009/10/15 13:50:05 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2009/10/06 10:56:34 | 000,172,544 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2009/10/06 10:54:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009/10/06 10:53:56 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2009/10/06 10:53:56 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009/10/06 10:53:54 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009/10/05 20:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV:64bit: - [2009/09/28 02:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/08/17 13:57:56 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2009/08/17 13:57:52 | 000,116,640 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2009/05/19 08:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/11 15:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2008/11/04 12:21:08 | 000,098,144 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\jraid.sys -- (JRAID)
DRV:64bit: - [2008/08/28 10:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007/06/25 05:37:14 | 000,108,032 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2007/01/23 09:20:34 | 000,040,216 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vcd9bus.sys -- (vcd9bus)
DRV:64bit: - [2006/09/19 07:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010/08/27 15:19:35 | 000,024,072 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/08/14 12:57:59 | 001,791,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100826.002\EX64.SYS -- (NAVEX15)
DRV - [2010/08/14 12:57:59 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/08/14 12:57:59 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/08/14 12:57:59 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100826.002\ENG64.SYS -- (NAVENG)
DRV - [2010/08/10 11:11:04 | 000,945,200 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010/06/17 11:54:12 | 000,463,408 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100825.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/10/05 20:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV - [2009/08/17 13:57:56 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2009/08/17 13:57:52 | 000,116,640 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2007/03/16 10:11:20 | 000,015,648 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys -- (Cardex)
DRV - [2007/01/24 20:25:52 | 000,420,648 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RTL85n64.sys -- (RTL85n64)
DRV - [2005/01/05 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
FF - prefs.js..extensions.enabledItems: netvideohunter@netvideohunter.com:1.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/11/20 07:11:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/08/15 08:47:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/08/14 12:54:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/25 08:06:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/31 09:55:05 | 000,000,000 | ---D | M]

[2009/12/12 07:01:08 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2009/11/01 16:43:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/08/26 18:09:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions
[2010/06/08 19:33:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/26 07:48:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/07/23 21:09:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/08 17:38:34 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/06/09 15:44:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\battlefieldheroespatcher@ea.com
[2010/07/23 21:09:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\netvideohunter@netvideohunter.com
[2010/08/14 12:42:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/25 16:51:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/11/03 10:07:00 | 000,040,960 | ---- | M] (BYOND) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npbyond.dll
[2010/05/25 16:50:59 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/10/06 19:40:40 | 000,098,304 | ---- | M] (OGPlanet Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npOGPPlugin.dll
[2010/03/13 15:32:41 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010/03/22 18:40:25 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/22 18:40:25 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/22 18:40:25 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/22 18:40:25 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/19 07:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 10
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.21\AMVConverter\grab.html ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.21\AMVConverter\grab.html ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0db75662-b455-11de-be8e-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{0db75662-b455-11de-be8e-00241d75f2da}\Shell\AutoRun\command - "" = I:\autorun.exe -- File not found
O33 - MountPoints2\{114234e4-9764-11de-82bf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{114234e4-9764-11de-82bf-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Nvsetup.exe -- File not found
O33 - MountPoints2\{1bc13fd6-b6c4-11de-973d-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{1bc13fd6-b6c4-11de-973d-00241d75f2da}\Shell\AutoRun\command - "" = E:\AutoRunMorrowind.exe -- File not found
O33 - MountPoints2\{1bc13fd6-b6c4-11de-973d-00241d75f2da}\Shell\install\command - "" = E:\Setup.exe -- File not found
O33 - MountPoints2\{1f0a1a99-be86-11de-b6ba-00241d75f2da}\Shell\AutoRun\command - "" = F:\x0.cmd -- File not found
O33 - MountPoints2\{1f0a1a99-be86-11de-b6ba-00241d75f2da}\Shell\explore\Command - "" = F:\x0.cmd -- File not found
O33 - MountPoints2\{1f0a1a99-be86-11de-b6ba-00241d75f2da}\Shell\open\Command - "" = F:\x0.cmd -- File not found
O33 - MountPoints2\{7aad38ea-df0b-11de-a68b-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{7aad38ea-df0b-11de-a68b-00241d75f2da}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a06ee4be-9917-11de-8931-00241d75f2da}\Shell\AutoRun\command - "" = firefox.exe
O33 - MountPoints2\{ddce7701-984e-11de-92c3-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{ddce7701-984e-11de-92c3-00241d75f2da}\Shell\AutoRun\command - "" = E:\BelkinFileTransferCable.exe -- File not found
O33 - MountPoints2\{f5bb7dd2-9866-11de-9b75-00241d75f2da}\Shell\AutoRun\command - "" = iexplore.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/08/27 16:21:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2010/08/26 07:48:32 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/08/25 20:12:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Singularity
[2010/08/25 19:05:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Piss OFF
[2010/08/25 16:52:17 | 000,000,000 | ---D | C] -- C:\eSIngulartiy
[2010/08/23 21:11:11 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\NFS-CARBON [FULL-RIP COTTA]
[2010/08/22 17:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/08/21 23:17:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2010/08/21 23:17:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2010/08/21 23:12:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmplpxy.dll
[2010/08/21 23:12:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrssrv.dll
[2010/08/21 23:12:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll
[2010/08/21 23:12:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrsmgr.dll
[2010/08/21 23:12:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll
[2010/08/21 23:12:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll
[2010/08/21 23:12:29 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pwrshplugin.dll
[2010/08/21 23:12:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll
[2010/08/21 23:12:27 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrs.exe
[2010/08/21 23:12:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrshost.exe
[2010/08/21 23:12:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsmprovhost.exe
[2010/08/21 23:12:19 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtfwd.dll
[2010/08/21 23:12:19 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecutil.exe
[2010/08/21 23:12:19 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wecapi.dll
[2010/08/21 23:12:19 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll
[2010/08/21 23:12:19 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe
[2010/08/21 23:12:19 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll
[2010/08/21 23:12:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll
[2010/08/21 23:12:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmRes.dll
[2010/08/21 23:12:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe
[2010/08/21 23:12:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe
[2010/08/21 23:12:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe
[2010/08/21 23:12:12 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2010/08/21 23:12:12 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2010/08/21 23:12:12 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2010/08/21 23:12:12 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll
[2010/08/21 23:12:12 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2010/08/21 23:12:12 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2010/08/21 23:12:12 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2010/08/21 23:12:11 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winrscmd.dll
[2010/08/21 23:12:11 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2010/08/21 23:12:11 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2010/08/21 13:07:48 | 000,000,000 | ---D | C] -- C:\Users\Admin\Games
[2010/08/20 17:25:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\DDS LOGS
[2010/08/19 18:36:42 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\HELP MY PC LOGS
[2010/08/15 08:54:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/08/15 08:54:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/08/14 17:39:03 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symtdiv.sys
[2010/08/14 17:39:03 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.sys
[2010/08/14 17:39:02 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.sys
[2010/08/14 17:39:02 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.sys
[2010/08/14 17:39:01 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.sys
[2010/08/14 17:39:01 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\ironx64.sys
[2010/08/14 17:39:00 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.sys
[2010/08/14 17:37:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\CrashDumps
[2010/08/14 17:36:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C
[2010/08/14 12:54:20 | 000,126,312 | R--- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2010/08/14 12:54:20 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010/08/14 12:54:20 | 000,034,152 | R--- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010/08/14 12:54:19 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/08/14 12:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/08/14 12:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/08/14 12:53:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2010/08/14 12:53:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2010/08/14 12:52:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010/08/13 20:51:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2010/08/13 20:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/13 20:51:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/08/12 17:00:53 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010/08/12 17:00:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010/08/12 17:00:16 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010/08/12 17:00:14 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/08/12 16:59:32 | 002,335,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/08/12 16:59:31 | 000,706,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/08/12 16:59:31 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/08/12 16:59:31 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/08/12 16:59:31 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010/08/12 16:59:30 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010/08/12 16:59:30 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010/08/12 16:59:30 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/08/12 16:59:30 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010/08/12 16:59:30 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/08/12 16:59:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010/08/12 16:59:30 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/08/12 16:59:30 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010/08/12 16:59:30 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010/08/12 16:59:30 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010/08/12 16:59:30 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010/08/12 16:59:29 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010/08/12 16:59:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010/08/12 16:59:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010/08/12 16:59:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010/08/12 16:59:29 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010/08/12 16:59:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/08/12 16:59:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/08/08 15:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter Strike Source
[2010/08/07 15:59:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\CAPCOM
[2010/08/07 15:59:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\CAPCOM
[2010/08/07 14:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2010/08/06 21:34:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2010/08/03 07:48:05 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\New Folder
[2010/07/30 19:52:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Year 6
[2010/07/29 20:38:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Call of Juarez - Bound in Blood
[1 C:\Users\Admin\Documents\*.tmp files -> C:\Users\Admin\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/27 16:27:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6C9C280-F0A5-40B5-AD8B-F677E0311A7F}.job
[2010/08/27 16:25:30 | 002,370,622 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Cat.DB
[2010/08/27 16:23:42 | 004,718,592 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT
[2010/08/27 16:19:16 | 000,069,801 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/27 15:49:20 | 000,894,318 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/27 15:49:20 | 000,742,562 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/27 15:49:20 | 000,160,882 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/27 15:45:59 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3727659869-3107808148-815176439-1004UA.job
[2010/08/27 15:41:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2010/08/27 15:37:52 | 000,293,376 | ---- | M] () -- C:\Users\Admin\Desktop\pbrtbypw.exe
[2010/08/27 15:19:58 | 000,069,801 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/27 15:19:35 | 000,024,072 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010/08/27 15:19:31 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/27 15:19:31 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/27 15:19:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/27 15:19:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/27 07:55:43 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/08/27 07:55:40 | 006,291,456 | -H-- | M] () -- C:\Users\Admin\AppData\Local\IconCache.db
[2010/08/27 07:32:20 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0019C1E7-F172-4530-B86E-647413BEF618}.job
[2010/08/26 07:48:30 | 000,001,074 | ---- | M] () -- C:\Users\Admin\Desktop\DVDVideoSoft Free Studio.lnk
[2010/08/25 19:46:24 | 005,058,894 | ---- | M] () -- C:\Users\Admin\Desktop\2 pac - tupac - Hit em up.mp3
[2010/08/25 19:39:03 | 011,745,280 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).mp3
[2010/08/25 19:34:43 | 012,495,014 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).flv
[2010/08/25 19:33:11 | 000,000,794 | ---- | M] () -- C:\Users\Admin\Desktop\Singularity - Shortcut.lnk
[2010/08/25 19:28:23 | 013,815,808 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50_ Eminem_ 2Pac_ Nas & Busta Rhymes - Victory (NickT Remix) (854x480 HQ).mp3
[2010/08/25 19:12:03 | 032,096,422 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50, Eminem, 2Pac, Nas & Busta Rhymes - Victory (NickT Remix) (854x480 HQ).flv
[2010/08/25 16:40:00 | 000,000,680 | ---- | M] () -- C:\Users\Admin\AppData\Local\d3d9caps.dat
[2010/08/23 21:11:59 | 000,087,552 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/22 17:51:16 | 000,010,219 | ---- | M] () -- C:\Users\Admin\Documents\Midsummer Rationale.docx
[2010/08/22 17:51:04 | 000,012,927 | ---- | M] () -- C:\Users\Admin\Documents\Midsummer.docx
[2010/08/22 13:12:25 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3727659869-3107808148-815176439-1004Core.job
[2010/08/22 12:15:01 | 005,063,312 | ---- | M] () -- C:\Users\Admin\Documents\Cla.flv
[2010/08/22 00:32:09 | 000,000,162 | -H-- | M] () -- C:\Users\Admin\Documents\~$od PDHPE.docx
[2010/08/21 20:25:43 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/08/21 20:25:43 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/08/21 13:40:14 | 000,000,802 | ---- | M] () -- C:\Users\Admin\Desktop\Company of Heroes.lnk
[2010/08/20 17:11:31 | 000,000,020 | ---- | M] () -- C:\Users\Admin\defogger_reenable
[2010/08/20 17:09:38 | 000,525,824 | ---- | M] () -- C:\Users\Admin\Desktop\dds.scr
[2010/08/18 17:08:30 | 000,000,534 | ---- | M] () -- C:\Users\Admin\Desktop\whshnpky - Shortcut.lnk
[2010/08/15 08:54:33 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/14 19:21:24 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2010/08/14 12:54:07 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/08/14 12:54:07 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/08/14 12:54:07 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/08/12 17:46:29 | 000,270,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/10 17:07:23 | 000,000,906 | ---- | M] () -- C:\Users\Admin\Desktop\MassEffect2Launcher - Shortcut.lnk
[2010/08/05 21:15:44 | 000,019,050 | ---- | M] () -- C:\Users\Admin\Documents\My family History PDHPE Assignment.docx
[2010/08/03 22:16:46 | 000,011,005 | ---- | M] () -- C:\Users\Admin\Documents\Favourite TV Shows.docx
[2010/08/03 19:35:19 | 000,020,167 | ---- | M] () -- C:\Users\Admin\Documents\Food PDHPE.docx
[2010/08/02 17:15:57 | 000,002,279 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/08/01 21:52:33 | 000,000,000 | -H-- | M] () -- C:\Users\Admin\Documents\Default.rdp
[2010/07/31 16:40:13 | 000,012,402 | ---- | M] () -- C:\Users\Admin\Documents\A little history about me.docx
[2010/07/31 10:21:50 | 000,107,832 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/07/31 10:21:39 | 002,250,024 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/07/31 10:21:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/07/28 19:25:30 | 000,004,314 | ---- | M] () -- C:\Users\Admin\Documents\GROWN_UPS.MDS
[2010/07/28 18:25:41 | 000,000,740 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Chaser Ad Road Test - Subway (640x360 HQ) - Shortcut.lnk
[1 C:\Users\Admin\Documents\*.tmp files -> C:\Users\Admin\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/27 15:49:56 | 000,293,376 | ---- | C] () -- C:\Users\Admin\Desktop\pbrtbypw.exe
[2010/08/25 19:46:05 | 005,058,894 | ---- | C] () -- C:\Users\Admin\Desktop\2 pac - tupac - Hit em up.mp3
[2010/08/25 19:38:51 | 011,745,280 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).mp3
[2010/08/25 19:33:11 | 000,000,794 | ---- | C] () -- C:\Users\Admin\Desktop\Singularity - Shortcut.lnk
[2010/08/25 19:31:20 | 012,495,014 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).flv
[2010/08/25 19:12:24 | 013,815,808 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50_ Eminem_ 2Pac_ Nas & Busta Rhymes - Victory (NickT Remix) (854x480 HQ).mp3
[2010/08/25 19:09:41 | 000,001,074 | ---- | C] () -- C:\Users\Admin\Desktop\DVDVideoSoft Free Studio.lnk
[2010/08/25 19:07:39 | 032,096,422 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50, Eminem, 2Pac, Nas & Busta Rhymes - Victory (NickT Remix) (854x480 HQ).flv
[2010/08/22 17:51:16 | 000,010,219 | ---- | C] () -- C:\Users\Admin\Documents\Midsummer Rationale.docx
[2010/08/22 17:51:03 | 000,012,927 | ---- | C] () -- C:\Users\Admin\Documents\Midsummer.docx
[2010/08/22 12:14:58 | 005,063,312 | ---- | C] () -- C:\Users\Admin\Documents\Cla.flv
[2010/08/22 00:32:09 | 000,000,162 | -H-- | C] () -- C:\Users\Admin\Documents\~$od PDHPE.docx
[2010/08/21 23:12:12 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2010/08/21 23:12:12 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2010/08/21 23:12:12 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2010/08/21 23:12:12 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2010/08/21 23:12:12 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2010/08/21 23:12:12 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2010/08/21 20:17:16 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010/08/21 20:17:16 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/08/21 13:40:14 | 000,000,802 | ---- | C] () -- C:\Users\Admin\Desktop\Company of Heroes.lnk
[2010/08/20 17:28:40 | 000,293,376 | ---- | C] () -- C:\Users\Admin\Desktop\gmer.exe
[2010/08/20 17:11:30 | 000,000,020 | ---- | C] () -- C:\Users\Admin\defogger_reenable
[2010/08/20 17:09:19 | 000,525,824 | ---- | C] () -- C:\Users\Admin\Desktop\dds.scr
[2010/08/18 17:08:30 | 000,000,534 | ---- | C] () -- C:\Users\Admin\Desktop\whshnpky - Shortcut.lnk
[2010/08/15 08:54:33 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/14 21:29:22 | 000,165,183 | ---- | C] () -- C:\Users\Admin\Helping PC.txt
[2010/08/14 19:20:43 | 002,370,622 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Cat.DB
[2010/08/14 17:39:03 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.cat
[2010/08/14 17:39:03 | 000,007,787 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnetv64.cat
[2010/08/14 17:39:03 | 000,007,368 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnet64.cat
[2010/08/14 17:39:03 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa.inf
[2010/08/14 17:39:03 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnetv.inf
[2010/08/14 17:39:03 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnet.inf
[2010/08/14 17:39:02 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.cat
[2010/08/14 17:39:02 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.cat
[2010/08/14 17:39:02 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds.inf
[2010/08/14 17:39:02 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.inf
[2010/08/14 17:39:01 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.cat
[2010/08/14 17:39:01 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\iron.cat
[2010/08/14 17:39:01 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.inf
[2010/08/14 17:39:01 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\iron.inf
[2010/08/14 17:39:00 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.cat
[2010/08/14 17:39:00 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.inf
[2010/08/14 17:36:17 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\isolate.ini
[2010/08/14 12:54:19 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/08/14 12:54:19 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/08/14 12:54:00 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2010/08/10 17:07:23 | 000,000,906 | ---- | C] () -- C:\Users\Admin\Desktop\MassEffect2Launcher - Shortcut.lnk
[2010/08/03 22:16:46 | 000,011,005 | ---- | C] () -- C:\Users\Admin\Documents\Favourite TV Shows.docx
[2010/08/01 21:52:33 | 000,000,000 | -H-- | C] () -- C:\Users\Admin\Documents\Default.rdp
[2010/07/31 16:07:31 | 000,012,402 | ---- | C] () -- C:\Users\Admin\Documents\A little history about me.docx
[2010/07/31 16:07:05 | 000,020,167 | ---- | C] () -- C:\Users\Admin\Documents\Food PDHPE.docx
[2010/07/28 20:22:56 | 000,002,024 | ---- | C] () -- C:\Users\Admin\Math Homework.txt
[2010/07/28 19:25:30 | 000,004,314 | ---- | C] () -- C:\Users\Admin\Documents\GROWN_UPS.MDS
[2010/07/28 18:25:41 | 000,000,740 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Chaser Ad Road Test - Subway (640x360 HQ) - Shortcut.lnk
[2010/07/13 14:58:53 | 000,000,088 | ---- | C] () -- C:\Windows\galaxy.ini
[2010/06/26 18:26:54 | 000,364,030 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistMSI4E76.txt
[2010/06/26 18:26:53 | 000,015,354 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistUI4E76.txt
[2010/06/19 13:15:29 | 000,028,101 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_depcheckdotnetfx30.txt
[2010/06/19 13:15:24 | 000,032,000 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_dotnetfx3install.txt
[2010/06/19 13:15:24 | 000,000,604 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_dotnetfx3error.txt
[2010/05/31 16:31:50 | 000,422,018 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistMSI06F3.txt
[2010/05/31 16:31:50 | 000,011,140 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistUI06F3.txt
[2010/05/09 20:08:45 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010/05/09 20:08:45 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010/05/09 20:08:45 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/02/13 16:22:32 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2010/02/13 16:22:32 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010/01/16 16:40:03 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2010/01/03 14:19:27 | 000,324,360 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SQLCEToolsForVS2007_MSI75F2.txt
[2010/01/03 14:19:25 | 000,403,614 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SSCERuntime_MSI75EB.txt
[2010/01/03 14:17:04 | 010,833,356 | ---- | C] () -- C:\Users\Admin\AppData\Local\VSMsiLog741F.txt
[2010/01/03 14:14:45 | 000,099,209 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_depcheck_VB_EXP_90.txt
[2010/01/03 14:14:41 | 000,314,184 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_install_vb_xcor_90.txt
[2010/01/03 14:14:41 | 000,000,002 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_error_vb_xcor_90.txt
[2010/01/02 09:48:17 | 000,000,680 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d9caps.dat
[2010/01/01 08:10:14 | 000,028,094 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\OFMissionEditorConfig.xml
[2009/12/25 17:50:46 | 000,000,549 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\AutoGK.ini
[2009/12/21 14:57:00 | 000,398,420 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SharedManagementObjects_MSI1AF5.txt
[2009/12/21 14:56:57 | 000,183,144 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SQLSysClrTypes_msi1AEB.txt
[2009/12/21 14:54:21 | 010,877,390 | ---- | C] () -- C:\Users\Admin\AppData\Local\VSMsiLog18ED.txt
[2009/12/21 14:54:16 | 000,202,590 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI18DD.txt
[2009/12/21 14:54:05 | 000,223,372 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_WinSDK_ExpTools_x64_MSI18B9.txt
[2009/12/21 14:52:58 | 005,362,064 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_WinSDK_Build_x64_MSI17DE.txt
[2009/12/21 14:52:50 | 001,214,510 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_ExpRemoteDbg_x64_MSI17C4.txt
[2009/12/21 14:52:34 | 000,432,970 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_VC_Red_MSI1790.txt
[2009/12/21 14:47:37 | 000,116,946 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_depcheck_VC_EXP_90.txt
[2009/12/21 14:47:32 | 000,460,720 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_install_vc_xcor_90.txt
[2009/12/21 14:47:32 | 000,010,940 | ---- | C] () -- C:\Users\Admin\AppData\Local\uxeventlog.txt
[2009/12/21 14:47:32 | 000,000,002 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_error_vc_xcor_90.txt
[2009/11/07 09:27:35 | 000,440,344 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistMSI30FA.txt
[2009/11/07 09:27:35 | 000,016,504 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistUI30FA.txt
[2009/11/04 19:16:28 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/09/10 18:59:49 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/10 18:58:17 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/07 17:35:33 | 000,024,226 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\UserTile.png
[2009/09/06 11:00:04 | 000,087,552 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/06 08:52:54 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2009/09/06 08:50:22 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/09/05 06:46:59 | 000,000,093 | ---- | C] () -- C:\Users\Admin\AppData\Local\fusioncache.dat
[2009/09/04 16:23:09 | 000,888,214 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/09/02 12:47:13 | 000,069,801 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/02 12:44:41 | 000,069,801 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/09/02 12:19:17 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009/09/02 12:09:17 | 000,000,732 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d9caps64.dat
[2008/01/21 12:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/03/06 09:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\AMV_DecDLL.dll
[2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\SysWow64\drivers\ADFUUD.SYS
[2003/05/08 02:25:22 | 000,002,497 | ---- | C] () -- C:\Windows\SysWow64\NSM 7 Student CD.ini
[2002/10/16 08:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[1999/06/24 10:54:34 | 000,000,340 | ---- | M] () -- C:\16-11025d.wav
[1999/06/24 10:50:14 | 000,000,326 | ---- | M] () -- C:\16-11025u.wav
[1999/06/24 11:34:12 | 000,000,652 | ---- | M] () -- C:\16-22050d.wav
[1999/06/24 11:34:48 | 000,000,442 | ---- | M] () -- C:\16-22050u.wav
[1999/06/24 11:37:56 | 000,001,186 | ---- | M] () -- C:\16-44100d.wav
[1999/06/24 11:38:30 | 000,000,956 | ---- | M] () -- C:\16-44100u.wav
[1999/06/24 11:40:52 | 000,000,260 | ---- | M] () -- C:\16-8000d.wav
[1999/06/24 11:41:20 | 000,000,220 | ---- | M] () -- C:\16-8000u.wav
[1999/06/24 11:46:04 | 000,000,183 | ---- | M] () -- C:\8-11025d.wav
[1999/06/24 11:46:30 | 000,000,135 | ---- | M] () -- C:\8-11025u.wav
[1999/06/24 11:47:28 | 000,000,317 | ---- | M] () -- C:\8-22050d.wav
[1999/06/24 11:47:52 | 000,000,225 | ---- | M] () -- C:\8-22050u.wav
[1999/06/24 11:49:16 | 000,000,587 | ---- | M] () -- C:\8-44100d.wav
[1999/06/24 11:49:50 | 000,000,421 | ---- | M] () -- C:\8-44100u.wav
[1999/06/24 11:43:36 | 000,000,151 | ---- | M] () -- C:\8-8000d.wav
[1999/06/24 11:44:02 | 000,000,127 | ---- | M] () -- C:\8-8000u.wav
[2006/12/14 10:18:46 | 000,003,274 | ---- | M] () -- C:\agreement.txt
[2009/10/03 13:10:40 | 634,472,639 | ---- | M] () -- C:\bananaSA.rar
[2009/04/11 16:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/09/03 05:57:10 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2009/06/17 15:45:12 | 000,103,424 | ---- | M] (Hyperionics) -- C:\CamRes2.dll
[2009/09/02 12:31:43 | 000,000,197 | ---- | M] () -- C:\csb.log
[1994/02/17 00:20:00 | 000,575,767 | ---- | M] () -- C:\DOOM.EXE
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2006/12/14 13:13:53 | 000,113,628 | ---- | M] () -- C:\HyCam2.chm
[2009/06/22 09:29:28 | 001,465,680 | ---- | M] (Hyperionics) -- C:\HyCam2.exe
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2009/06/11 10:47:24 | 000,049,152 | ---- | M] (Hyperionics) -- C:\MClick2.dll
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2002/01/05 03:38:38 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\msvci70.dll
[2010/08/27 15:19:25 | 2459,516,927 | -HS- | M] () -- C:\pagefile.sys
[2004/05/05 12:57:28 | 000,002,018 | ---- | M] () -- C:\readme.txt
[2009/09/02 12:27:53 | 000,000,473 | ---- | M] () -- C:\RHDSetup.log
[2009/12/19 14:12:53 | 000,001,001 | ---- | M] () -- C:\Santa Claus in Trouble
[2010/08/27 15:19:44 | 000,000,126 | ---- | M] () -- C:\service.log
[2010/08/22 17:50:47 | 000,061,766 | ---- | M] () -- C:\TDSSKiller.2.4.1.2_22.08.2010_17.48.57_log.txt
[2010/05/25 16:03:33 | 020,135,936 | ---- | M] (Aspyr Media, Inc. (www.aspyr.com))) -- C:\True Crime® New York City.exe
[2005/03/22 13:55:24 | 000,200,767 | ---- | M] () -- C:\ul_format.exe
[2005/03/14 22:52:48 | 000,049,152 | ---- | M] () -- C:\ul_install.exe
[2009/06/22 09:29:29 | 000,105,832 | ---- | M] (Hyperionics) -- C:\UnHyCam2.exe
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\Fonts\*.com >
[2006/11/03 01:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/03 01:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/03 01:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/09/24 16:45:31 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/19 07:35:48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2009/07/10 12:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/21 13:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Files - Unicode (All) ==========
[2009/11/06 15:30:41 | 000,000,000 | ---D | M](C:\Users\Admin\Documents\????) -- C:\Users\Admin\Documents\마비노기
[2009/11/06 15:30:41 | 000,000,000 | ---D | C](C:\Users\Admin\Documents\????) -- C:\Users\Admin\Documents\마비노기
< End of report >


#4 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:07:14 PM

Posted 27 August 2010 - 12:19 PM

Open up OTL and push the Quickscan button. Post the resulting log here.

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#5 davidog

davidog
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 27 August 2010 - 04:38 PM

This is the OTL log:

OTL logfile created on: 28/08/2010 7:32:13 AM - Run 3
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Admin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 69.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 343.14 Gb Free Space | 36.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7.45 Gb Total Space | 5.53 Gb Free Space | 74.21% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN-PC
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/27 15:41:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
PRC - [2010/07/31 10:21:50 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010/07/31 10:21:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/07/25 08:06:15 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/07/25 08:06:14 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/06/07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccsvchst.exe
PRC - [2009/11/11 09:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/10/27 08:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 08:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/10/27 08:14:22 | 000,128,000 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2009/07/26 15:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/07/10 15:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe


========== Modules (SafeList) ==========

MOD - [2010/08/27 15:41:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
MOD - [2010/05/14 15:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\asoehook.dll
MOD - [2009/07/12 18:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 18:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\microsoft.vc90.crt\msvcp90.dll
MOD - [2008/01/21 12:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2008/07/29 12:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2008/01/21 12:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/08/09 16:59:52 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/07/31 10:21:50 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/07/31 10:21:39 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/06/07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/22 05:41:00 | 003,532,120 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 14:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe -- (N360)
SRV - [2009/10/27 08:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/08 17:15:26 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008/07/10 15:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008/07/10 15:33:06 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
SRV - [2008/07/10 15:33:02 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010/08/14 12:54:07 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/07/01 19:22:40 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/06/30 19:54:26 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/06/30 19:54:26 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010/05/06 14:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0402000.00C\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2010/04/29 15:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/04/22 13:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2010/04/22 12:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0402000.00C\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2010/04/22 12:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/03/23 02:17:06 | 001,462,304 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2010/02/26 10:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2009/10/15 13:50:05 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2009/10/06 10:56:34 | 000,172,544 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2009/10/06 10:54:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009/10/06 10:53:56 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2009/10/06 10:53:56 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009/10/06 10:53:54 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009/10/05 20:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV:64bit: - [2009/09/28 02:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/08/17 13:57:56 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2009/08/17 13:57:52 | 000,116,640 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2009/05/19 08:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/11 15:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2008/11/04 12:21:08 | 000,098,144 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\jraid.sys -- (JRAID)
DRV:64bit: - [2008/08/28 10:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007/06/25 05:37:14 | 000,108,032 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2007/01/23 09:20:34 | 000,040,216 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vcd9bus.sys -- (vcd9bus)
DRV:64bit: - [2006/09/19 07:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010/08/28 07:21:45 | 000,024,072 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/08/14 12:57:59 | 001,791,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100827.003\EX64.SYS -- (NAVEX15)
DRV - [2010/08/14 12:57:59 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/08/14 12:57:59 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/08/14 12:57:59 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100827.003\ENG64.SYS -- (NAVENG)
DRV - [2010/08/10 11:11:04 | 000,945,200 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010/06/17 11:54:12 | 000,463,408 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100826.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/10/05 20:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV - [2009/08/17 13:57:56 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2009/08/17 13:57:52 | 000,116,640 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2007/03/16 10:11:20 | 000,015,648 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys -- (Cardex)
DRV - [2007/01/24 20:25:52 | 000,420,648 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RTL85n64.sys -- (RTL85n64)
DRV - [2005/01/05 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
FF - prefs.js..extensions.enabledItems: netvideohunter@netvideohunter.com:1.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/11/20 07:11:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/08/15 08:47:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/08/14 12:54:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/25 08:06:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/31 09:55:05 | 000,000,000 | ---D | M]

[2009/12/12 07:01:08 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2009/11/01 16:43:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/08/26 18:09:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions
[2010/06/08 19:33:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/26 07:48:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/07/23 21:09:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/08 17:38:34 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/06/09 15:44:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\battlefieldheroespatcher@ea.com
[2010/07/23 21:09:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\netvideohunter@netvideohunter.com
[2010/08/14 12:42:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/25 16:51:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/11/03 10:07:00 | 000,040,960 | ---- | M] (BYOND) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npbyond.dll
[2010/05/25 16:50:59 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/10/06 19:40:40 | 000,098,304 | ---- | M] (OGPlanet Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npOGPPlugin.dll
[2010/03/13 15:32:41 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010/03/22 18:40:25 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/22 18:40:25 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/22 18:40:25 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/22 18:40:25 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/19 07:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 10
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.21\AMVConverter\grab.html ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.21\AMVConverter\grab.html ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0db75662-b455-11de-be8e-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{0db75662-b455-11de-be8e-00241d75f2da}\Shell\AutoRun\command - "" = I:\autorun.exe -- File not found
O33 - MountPoints2\{114234e4-9764-11de-82bf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{114234e4-9764-11de-82bf-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Nvsetup.exe -- File not found
O33 - MountPoints2\{1bc13fd6-b6c4-11de-973d-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{1bc13fd6-b6c4-11de-973d-00241d75f2da}\Shell\AutoRun\command - "" = E:\AutoRunMorrowind.exe -- File not found
O33 - MountPoints2\{1bc13fd6-b6c4-11de-973d-00241d75f2da}\Shell\install\command - "" = E:\Setup.exe -- File not found
O33 - MountPoints2\{1f0a1a99-be86-11de-b6ba-00241d75f2da}\Shell\AutoRun\command - "" = F:\x0.cmd -- File not found
O33 - MountPoints2\{1f0a1a99-be86-11de-b6ba-00241d75f2da}\Shell\explore\Command - "" = F:\x0.cmd -- File not found
O33 - MountPoints2\{1f0a1a99-be86-11de-b6ba-00241d75f2da}\Shell\open\Command - "" = F:\x0.cmd -- File not found
O33 - MountPoints2\{7aad38ea-df0b-11de-a68b-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{7aad38ea-df0b-11de-a68b-00241d75f2da}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a06ee4be-9917-11de-8931-00241d75f2da}\Shell\AutoRun\command - "" = firefox.exe
O33 - MountPoints2\{ddce7701-984e-11de-92c3-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{ddce7701-984e-11de-92c3-00241d75f2da}\Shell\AutoRun\command - "" = E:\BelkinFileTransferCable.exe -- File not found
O33 - MountPoints2\{f5bb7dd2-9866-11de-9b75-00241d75f2da}\Shell\AutoRun\command - "" = iexplore.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/27 20:15:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Hitman Blood Money
[2010/08/27 19:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2010/08/27 19:26:06 | 000,000,000 | ---D | C] -- C:\Hitman Blood Money
[2010/08/27 17:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze
[2010/08/27 16:21:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2010/08/26 07:48:32 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/08/25 20:12:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Singularity
[2010/08/25 19:05:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Piss OFF
[2010/08/25 16:52:17 | 000,000,000 | ---D | C] -- C:\eSIngulartiy
[2010/08/23 21:11:11 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\NFS-CARBON [FULL-RIP COTTA]
[2010/08/22 17:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/08/21 23:17:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2010/08/21 23:17:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2010/08/21 13:07:48 | 000,000,000 | ---D | C] -- C:\Users\Admin\Games
[2010/08/20 17:25:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\DDS LOGS
[2010/08/19 18:36:42 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\HELP MY PC LOGS
[2010/08/15 08:54:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/08/15 08:54:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/08/14 17:39:03 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symtdiv.sys
[2010/08/14 17:39:03 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.sys
[2010/08/14 17:39:02 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.sys
[2010/08/14 17:39:02 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.sys
[2010/08/14 17:39:01 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.sys
[2010/08/14 17:39:01 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\ironx64.sys
[2010/08/14 17:39:00 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.sys
[2010/08/14 17:37:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\CrashDumps
[2010/08/14 17:36:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C
[2010/08/14 12:54:19 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/08/14 12:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/08/14 12:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/08/14 12:53:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2010/08/14 12:53:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2010/08/14 12:52:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010/08/13 20:51:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2010/08/13 20:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/13 20:51:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/08/08 15:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter Strike Source
[2010/08/07 15:59:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\CAPCOM
[2010/08/07 15:59:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\CAPCOM
[2010/08/07 14:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2010/08/06 21:34:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2010/08/03 07:48:05 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\New Folder
[2010/07/30 19:52:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Year 6
[2010/07/29 20:38:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Call of Juarez - Bound in Blood
[2010/07/27 21:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free M4a to MP3 Converter
[2010/07/27 21:06:38 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Smart FLV Converter Pro
[2010/07/21 16:13:17 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Chaos Key Binder
[2010/07/20 17:29:20 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\My Received Files
[2010/07/19 18:28:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Golly
[2010/07/19 18:26:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Golly
[2010/07/19 17:24:22 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Phone Browser
[2010/07/19 17:23:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Nokia
[2010/07/19 16:54:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Ebook To Txt
[2010/07/17 16:20:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Divinity 2
[2010/07/17 16:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Divinity 2
[2010/07/17 16:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Divinity II - Ego Draconis
[2010/07/14 12:22:45 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\NVIDIA
[2010/07/13 14:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/07/13 14:55:17 | 000,000,000 | ---D | C] -- C:\Alien Arena 7_40
[2010/07/13 14:53:05 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/07/13 14:53:05 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/07/13 12:37:23 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Vuze Downloads
[2010/07/13 12:25:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Azureus
[2010/07/12 20:12:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\fizzy
[2010/07/12 20:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fizzy
[2010/07/07 17:05:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\My Spore Creations
[2010/07/07 17:05:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\SPORE
[2010/07/07 16:59:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Caddyshack
[2010/07/05 17:31:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Perfect PC 2.0 Beta
[2010/07/05 17:30:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC User PerfectPC 2.0
[2010/07/05 16:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC User YouGrab 3
[2010/07/04 10:25:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\border
[2010/07/01 21:36:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010/07/01 19:32:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Risen
[2010/07/01 19:31:04 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Video Game folders
[2010/07/01 18:33:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Disney Interactive Studios
[2010/06/30 20:22:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Disney Interactive Studios
[2010/06/30 19:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver
[2010/06/30 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Opera
[2010/06/30 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Opera
[2010/06/30 18:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010/06/29 20:14:57 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\tixati
[2010/06/29 18:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\tixati
[2010/06/28 17:00:49 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2010/06/27 08:45:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Scirra
[2010/06/27 08:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scirra
[2010/06/26 22:59:02 | 000,000,000 | ---D | C] -- C:\d6b80ca959faa11a5896b5df14d04e
[2010/06/26 18:31:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2010/06/25 16:18:56 | 000,000,000 | ---D | C] -- C:\DoW II
[2010/06/23 18:08:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2010/06/23 18:04:46 | 000,000,000 | ---D | C] -- C:\plants vs zombies
[2010/06/19 11:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unreal Tournament 3
[2010/06/14 19:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect 2
[2010/06/14 19:45:14 | 000,000,000 | ---D | C] -- C:\Mass Effect 2
[2010/06/10 16:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lionhead Studios Ltd
[2010/06/09 15:58:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\PunkBuster
[2010/06/09 15:54:11 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Battlefield Heroes
[2010/06/08 17:37:57 | 000,000,000 | ---D | C] -- C:\L4D2
[2010/06/07 18:27:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Activision
[2010/06/07 18:27:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Activision
[2010/06/07 18:01:58 | 000,000,000 | ---D | C] -- C:\Marvel.Ultimate.Alliance.PC.Game(djDEVASTATE™)
[2010/06/06 15:20:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\JC2 Saves
[2010/06/06 12:09:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Mount&Blade Savegames
[2010/06/06 12:03:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Mount&Blade
[2010/06/05 13:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mount&Blade
[2010/06/04 22:41:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marble Blast Gold
[2010/06/04 18:07:06 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Freedom Fighters
[2010/06/04 17:16:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Luke D
[2010/05/31 17:19:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010/05/31 16:37:55 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\LAG
[2010/05/31 16:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\LAG
[2010/05/31 16:24:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lead and Gold
[2010/05/30 09:10:08 | 000,000,000 | ---D | C] -- C:\games
[2010/05/30 09:08:53 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\TeraCopy
[1 C:\Users\Admin\Documents\*.tmp files -> C:\Users\Admin\Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/08/28 07:34:37 | 004,718,592 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT
[2010/08/28 07:31:59 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6C9C280-F0A5-40B5-AD8B-F677E0311A7F}.job
[2010/08/28 07:24:01 | 000,069,801 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/28 07:24:00 | 000,069,801 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/28 07:21:47 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/28 07:21:47 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/28 07:21:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/28 07:21:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/27 21:01:40 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/08/27 21:01:28 | 003,621,543 | -H-- | M] () -- C:\Users\Admin\AppData\Local\IconCache.db
[2010/08/27 20:45:59 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3727659869-3107808148-815176439-1004UA.job
[2010/08/27 20:36:44 | 000,894,318 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/27 20:36:44 | 000,742,562 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/27 20:36:44 | 000,160,882 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/27 19:48:19 | 000,000,925 | ---- | M] () -- C:\Users\Admin\Desktop\Hitman Blood Money by Synergy.lnk
[2010/08/27 18:15:51 | 002,370,622 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Cat.DB
[2010/08/27 17:34:50 | 000,001,687 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010/08/27 17:34:50 | 000,001,687 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/08/27 15:41:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2010/08/27 15:37:52 | 000,293,376 | ---- | M] () -- C:\Users\Admin\Desktop\pbrtbypw.exe
[2010/08/27 07:32:20 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0019C1E7-F172-4530-B86E-647413BEF618}.job
[2010/08/26 07:48:30 | 000,001,074 | ---- | M] () -- C:\Users\Admin\Desktop\DVDVideoSoft Free Studio.lnk
[2010/08/25 19:46:24 | 005,058,894 | ---- | M] () -- C:\Users\Admin\Desktop\2 pac - tupac - Hit em up.mp3
[2010/08/25 19:39:03 | 011,745,280 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).mp3
[2010/08/25 19:34:43 | 012,495,014 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).flv
[2010/08/25 19:33:11 | 000,000,794 | ---- | M] () -- C:\Users\Admin\Desktop\Singularity - Shortcut.lnk
[2010/08/25 19:28:23 | 013,815,808 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50_ Eminem_ 2Pac_ Nas &amp; Busta Rhymes - Victory (NickT Remix) (854x480 HQ).mp3
[2010/08/25 19:12:03 | 032,096,422 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50, Eminem, 2Pac, Nas &amp; Busta Rhymes - Victory (NickT Remix) (854x480 HQ).flv
[2010/08/25 16:40:00 | 000,000,680 | ---- | M] () -- C:\Users\Admin\AppData\Local\d3d9caps.dat
[2010/08/23 21:11:59 | 000,087,552 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/22 17:51:16 | 000,010,219 | ---- | M] () -- C:\Users\Admin\Documents\Midsummer Rationale.docx
[2010/08/22 17:51:04 | 000,012,927 | ---- | M] () -- C:\Users\Admin\Documents\Midsummer.docx
[2010/08/22 13:12:25 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3727659869-3107808148-815176439-1004Core.job
[2010/08/22 12:15:01 | 005,063,312 | ---- | M] () -- C:\Users\Admin\Documents\Cla.flv
[2010/08/22 00:32:09 | 000,000,162 | -H-- | M] () -- C:\Users\Admin\Documents\~$od PDHPE.docx
[2010/08/21 20:25:43 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/08/21 20:25:43 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/08/21 13:40:14 | 000,000,802 | ---- | M] () -- C:\Users\Admin\Desktop\Company of Heroes.lnk
[2010/08/20 17:11:31 | 000,000,020 | ---- | M] () -- C:\Users\Admin\defogger_reenable
[2010/08/20 17:09:38 | 000,525,824 | ---- | M] () -- C:\Users\Admin\Desktop\dds.scr
[2010/08/18 17:08:30 | 000,000,534 | ---- | M] () -- C:\Users\Admin\Desktop\whshnpky - Shortcut.lnk
[2010/08/15 08:54:33 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/14 19:21:24 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2010/08/14 12:54:07 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/08/14 12:54:07 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/08/14 12:54:07 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/08/12 17:46:29 | 000,270,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/10 17:07:23 | 000,000,906 | ---- | M] () -- C:\Users\Admin\Desktop\MassEffect2Launcher - Shortcut.lnk
[2010/08/05 21:15:44 | 000,019,050 | ---- | M] () -- C:\Users\Admin\Documents\My family History PDHPE Assignment.docx
[2010/08/03 22:16:46 | 000,011,005 | ---- | M] () -- C:\Users\Admin\Documents\Favourite TV Shows.docx
[2010/08/03 19:35:19 | 000,020,167 | ---- | M] () -- C:\Users\Admin\Documents\Food PDHPE.docx
[2010/08/02 17:15:57 | 000,002,279 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/08/01 21:52:33 | 000,000,000 | -H-- | M] () -- C:\Users\Admin\Documents\Default.rdp
[2010/07/31 16:40:13 | 000,012,402 | ---- | M] () -- C:\Users\Admin\Documents\A little history about me.docx
[2010/07/31 10:21:50 | 000,107,832 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/07/31 10:21:39 | 002,250,024 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/07/31 10:21:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/07/28 19:25:30 | 000,004,314 | ---- | M] () -- C:\Users\Admin\Documents\GROWN_UPS.MDS
[2010/07/28 18:25:41 | 000,000,740 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Chaser Ad Road Test - Subway (640x360 HQ) - Shortcut.lnk
[2010/07/27 21:14:08 | 000,000,892 | ---- | M] () -- C:\Users\Admin\Desktop\Free M4a to MP3 Converter.lnk
[2010/07/27 21:14:08 | 000,000,887 | ---- | M] () -- C:\Users\Admin\Desktop\My Music Tools.lnk
[2010/07/26 17:58:45 | 000,000,779 | ---- | M] () -- C:\Users\Admin\Desktop\m0d_s0beit_sa.DEV.2010-04-14.Mercurial.f4bb98d07523.Setup - Shortcut.lnk
[2010/07/25 15:20:34 | 000,000,162 | -H-- | M] () -- C:\Users\Admin\Documents\~$ family History PDHPE Assignment.docx
[2010/07/23 21:30:14 | 000,000,104 | ---- | M] () -- C:\Users\Admin\Desktop\Recycle Bin - Shortcut.lnk
[2010/07/21 19:40:34 | 000,117,229 | ---- | M] () -- C:\Users\Admin\Documents\Untitled (2).wma
[2010/07/20 17:07:34 | 000,036,409 | ---- | M] () -- C:\Users\Admin\Documents\Untitled.wma
[2010/07/20 16:25:25 | 000,000,758 | ---- | M] () -- C:\Users\Admin\Desktop\samp - Shortcut.lnk
[2010/07/19 19:04:34 | 000,000,641 | ---- | M] () -- C:\Users\Admin\Desktop\Golly - Shortcut.lnk
[2010/07/16 14:55:15 | 000,000,072 | ---- | M] () -- C:\Users\Admin\Documents\Gho Shoot.persist
[2010/07/13 21:59:16 | 000,000,000 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/07/13 14:59:00 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/07/13 14:59:00 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/07/13 14:59:00 | 000,122,904 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010/07/13 14:59:00 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010/07/13 14:58:53 | 000,000,088 | ---- | M] () -- C:\Windows\galaxy.ini
[2010/07/10 08:44:56 | 000,000,312 | ---- | M] () -- C:\Users\Admin\Desktop\Curse Client.appref-ms
[2010/07/10 08:41:29 | 000,000,897 | ---- | M] () -- C:\Users\Admin\Desktop\DTLite - Shortcut.lnk
[2010/07/10 08:41:25 | 000,000,885 | ---- | M] () -- C:\Users\Admin\Desktop\YASU - Shortcut.lnk
[2010/07/08 19:32:59 | 000,000,549 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\AutoGK.ini
[2010/07/05 17:30:26 | 000,001,029 | ---- | M] () -- C:\Users\Admin\Desktop\PC User PerfectPC 2.0.lnk
[2010/07/05 16:39:47 | 000,000,954 | ---- | M] () -- C:\Users\Admin\Desktop\PC User YouGrab 3.lnk
[2010/07/01 19:22:41 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/07/01 19:22:40 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2010/06/30 19:54:26 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2010/06/30 19:54:26 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2010/06/30 18:44:38 | 000,000,768 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/06/28 17:00:50 | 000,000,818 | ---- | M] () -- C:\Users\Admin\Desktop\PeerBlock.lnk
[2010/06/27 12:15:05 | 000,023,650 | ---- | M] () -- C:\Users\Admin\Documents\Gho Shoot.cap
[2010/06/24 19:56:51 | 000,022,697 | ---- | M] () -- C:\Users\Admin\Desktop\moo....mp3
[2010/06/20 12:46:24 | 000,013,351 | ---- | M] () -- C:\Users\Admin\Documents\The Families.docx
[2010/06/19 07:35:02 | 000,062,312 | ---- | M] () -- C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/06/14 13:29:24 | 000,031,919 | ---- | M] () -- C:\Users\Admin\Documents\Ds.wma
[2010/06/13 09:20:16 | 000,048,200 | ---- | M] () -- C:\Users\Admin\Documents\MassEffectConfigReport2010-06-13.xml
[2010/06/11 20:19:09 | 000,215,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/06/09 15:51:23 | 002,427,248 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010/06/08 09:58:00 | 000,065,128 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/06/08 09:58:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/06/08 09:58:00 | 000,012,507 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2010/06/04 17:23:51 | 000,000,892 | ---- | M] () -- C:\Windows\eReg.dat
[2010/06/03 22:14:52 | 000,001,069 | ---- | M] () -- C:\Users\Admin\Desktop\Fantasy Beings - Shortcut.lnk
[1 C:\Users\Admin\Documents\*.tmp files -> C:\Users\Admin\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/27 19:48:19 | 000,000,925 | ---- | C] () -- C:\Users\Admin\Desktop\Hitman Blood Money by Synergy.lnk
[2010/08/27 17:34:50 | 000,001,687 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010/08/27 17:34:50 | 000,001,687 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/08/27 15:49:56 | 000,293,376 | ---- | C] () -- C:\Users\Admin\Desktop\pbrtbypw.exe
[2010/08/25 19:46:05 | 005,058,894 | ---- | C] () -- C:\Users\Admin\Desktop\2 pac - tupac - Hit em up.mp3
[2010/08/25 19:38:51 | 011,745,280 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).mp3
[2010/08/25 19:33:11 | 000,000,794 | ---- | C] () -- C:\Users\Admin\Desktop\Singularity - Shortcut.lnk
[2010/08/25 19:31:20 | 012,495,014 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).flv
[2010/08/25 19:12:24 | 013,815,808 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50_ Eminem_ 2Pac_ Nas &amp; Busta Rhymes - Victory (NickT Remix) (854x480 HQ).mp3
[2010/08/25 19:09:41 | 000,001,074 | ---- | C] () -- C:\Users\Admin\Desktop\DVDVideoSoft Free Studio.lnk
[2010/08/25 19:07:39 | 032,096,422 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50, Eminem, 2Pac, Nas &amp; Busta Rhymes - Victory (NickT Remix) (854x480 HQ).flv
[2010/08/22 17:51:16 | 000,010,219 | ---- | C] () -- C:\Users\Admin\Documents\Midsummer Rationale.docx
[2010/08/22 17:51:03 | 000,012,927 | ---- | C] () -- C:\Users\Admin\Documents\Midsummer.docx
[2010/08/22 12:14:58 | 005,063,312 | ---- | C] () -- C:\Users\Admin\Documents\Cla.flv
[2010/08/22 00:32:09 | 000,000,162 | -H-- | C] () -- C:\Users\Admin\Documents\~$od PDHPE.docx
[2010/08/21 23:12:12 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2010/08/21 23:12:12 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2010/08/21 23:12:12 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2010/08/21 23:12:12 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2010/08/21 23:12:12 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2010/08/21 23:12:12 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2010/08/21 20:17:16 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010/08/21 20:17:16 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/08/21 13:40:14 | 000,000,802 | ---- | C] () -- C:\Users\Admin\Desktop\Company of Heroes.lnk
[2010/08/20 17:28:40 | 000,293,376 | ---- | C] () -- C:\Users\Admin\Desktop\gmer.exe
[2010/08/20 17:11:30 | 000,000,020 | ---- | C] () -- C:\Users\Admin\defogger_reenable
[2010/08/20 17:09:19 | 000,525,824 | ---- | C] () -- C:\Users\Admin\Desktop\dds.scr
[2010/08/18 17:08:30 | 000,000,534 | ---- | C] () -- C:\Users\Admin\Desktop\whshnpky - Shortcut.lnk
[2010/08/15 08:54:33 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/14 21:29:22 | 000,165,183 | ---- | C] () -- C:\Users\Admin\Helping PC.txt
[2010/08/14 19:20:43 | 002,370,622 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Cat.DB
[2010/08/14 17:39:03 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.cat
[2010/08/14 17:39:03 | 000,007,787 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnetv64.cat
[2010/08/14 17:39:03 | 000,007,368 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnet64.cat
[2010/08/14 17:39:03 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa.inf
[2010/08/14 17:39:03 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnetv.inf
[2010/08/14 17:39:03 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnet.inf
[2010/08/14 17:39:02 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.cat
[2010/08/14 17:39:02 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.cat
[2010/08/14 17:39:02 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds.inf
[2010/08/14 17:39:02 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.inf
[2010/08/14 17:39:01 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.cat
[2010/08/14 17:39:01 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\iron.cat
[2010/08/14 17:39:01 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.inf
[2010/08/14 17:39:01 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\iron.inf
[2010/08/14 17:39:00 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.cat
[2010/08/14 17:39:00 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.inf
[2010/08/14 17:36:17 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\isolate.ini
[2010/08/14 12:54:19 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/08/14 12:54:19 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/08/14 12:54:00 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2010/08/10 17:07:23 | 000,000,906 | ---- | C] () -- C:\Users\Admin\Desktop\MassEffect2Launcher - Shortcut.lnk
[2010/08/03 22:16:46 | 000,011,005 | ---- | C] () -- C:\Users\Admin\Documents\Favourite TV Shows.docx
[2010/08/01 21:52:33 | 000,000,000 | -H-- | C] () -- C:\Users\Admin\Documents\Default.rdp
[2010/07/31 16:07:31 | 000,012,402 | ---- | C] () -- C:\Users\Admin\Documents\A little history about me.docx
[2010/07/31 16:07:05 | 000,020,167 | ---- | C] () -- C:\Users\Admin\Documents\Food PDHPE.docx
[2010/07/28 20:22:56 | 000,002,024 | ---- | C] () -- C:\Users\Admin\Math Homework.txt
[2010/07/28 19:25:30 | 000,004,314 | ---- | C] () -- C:\Users\Admin\Documents\GROWN_UPS.MDS
[2010/07/28 18:25:41 | 000,000,740 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Chaser Ad Road Test - Subway (640x360 HQ) - Shortcut.lnk
[2010/07/27 21:14:08 | 000,000,892 | ---- | C] () -- C:\Users\Admin\Desktop\Free M4a to MP3 Converter.lnk
[2010/07/27 21:14:08 | 000,000,887 | ---- | C] () -- C:\Users\Admin\Desktop\My Music Tools.lnk
[2010/07/26 17:58:45 | 000,000,779 | ---- | C] () -- C:\Users\Admin\Desktop\m0d_s0beit_sa.DEV.2010-04-14.Mercurial.f4bb98d07523.Setup - Shortcut.lnk
[2010/07/25 15:20:34 | 000,000,162 | -H-- | C] () -- C:\Users\Admin\Documents\~$ family History PDHPE Assignment.docx
[2010/07/25 15:20:33 | 000,019,050 | ---- | C] () -- C:\Users\Admin\Documents\My family History PDHPE Assignment.docx
[2010/07/23 21:30:14 | 000,000,104 | ---- | C] () -- C:\Users\Admin\Desktop\Recycle Bin - Shortcut.lnk
[2010/07/21 19:40:33 | 000,117,229 | ---- | C] () -- C:\Users\Admin\Documents\Untitled (2).wma
[2010/07/20 17:07:33 | 000,036,409 | ---- | C] () -- C:\Users\Admin\Documents\Untitled.wma
[2010/07/20 16:25:25 | 000,000,758 | ---- | C] () -- C:\Users\Admin\Desktop\samp - Shortcut.lnk
[2010/07/19 19:04:34 | 000,000,641 | ---- | C] () -- C:\Users\Admin\Desktop\Golly - Shortcut.lnk
[2010/07/18 13:48:13 | 000,524,288 | ---- | C] () -- C:\Users\Admin\Desktop\1628 - Dragon Quest Monsters Joker (U)(Xenophobia).SAV
[2010/07/13 21:59:16 | 000,000,000 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/07/13 14:58:53 | 000,000,088 | ---- | C] () -- C:\Windows\galaxy.ini
[2010/07/10 08:41:29 | 000,000,897 | ---- | C] () -- C:\Users\Admin\Desktop\DTLite - Shortcut.lnk
[2010/07/10 08:41:25 | 000,000,885 | ---- | C] () -- C:\Users\Admin\Desktop\YASU - Shortcut.lnk
[2010/07/05 17:30:26 | 000,001,029 | ---- | C] () -- C:\Users\Admin\Desktop\PC User PerfectPC 2.0.lnk
[2010/07/05 16:39:47 | 000,000,954 | ---- | C] () -- C:\Users\Admin\Desktop\PC User YouGrab 3.lnk
[2010/07/01 19:22:41 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/06/30 19:54:26 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2010/06/30 19:54:26 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2010/06/30 18:44:38 | 000,000,768 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/06/28 17:00:50 | 000,000,818 | ---- | C] () -- C:\Users\Admin\Desktop\PeerBlock.lnk
[2010/06/27 12:15:06 | 000,000,072 | ---- | C] () -- C:\Users\Admin\Documents\Gho Shoot.persist
[2010/06/27 12:15:04 | 000,023,650 | ---- | C] () -- C:\Users\Admin\Documents\Gho Shoot.cap
[2010/06/26 18:26:54 | 000,364,030 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistMSI4E76.txt
[2010/06/26 18:26:53 | 000,015,354 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistUI4E76.txt
[2010/06/24 19:56:51 | 000,022,697 | ---- | C] () -- C:\Users\Admin\Desktop\moo....mp3
[2010/06/19 13:15:29 | 000,028,101 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_depcheckdotnetfx30.txt
[2010/06/19 13:15:24 | 000,032,000 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_dotnetfx3install.txt
[2010/06/19 13:15:24 | 000,000,604 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_dotnetfx3error.txt
[2010/06/14 13:29:23 | 000,031,919 | ---- | C] () -- C:\Users\Admin\Documents\Ds.wma
[2010/06/13 21:26:20 | 000,002,279 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/06/13 09:20:15 | 000,048,200 | ---- | C] () -- C:\Users\Admin\Documents\MassEffectConfigReport2010-06-13.xml
[2010/06/09 15:58:28 | 000,215,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/06/09 15:51:23 | 002,427,248 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010/06/03 17:03:16 | 000,001,069 | ---- | C] () -- C:\Users\Admin\Desktop\Fantasy Beings - Shortcut.lnk
[2010/05/31 16:31:50 | 000,422,018 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistMSI06F3.txt
[2010/05/31 16:31:50 | 000,011,140 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistUI06F3.txt
[2010/05/09 20:08:45 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010/05/09 20:08:45 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010/05/09 20:08:45 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/02/13 16:22:32 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2010/02/13 16:22:32 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010/01/16 16:40:03 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2010/01/03 14:19:27 | 000,324,360 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SQLCEToolsForVS2007_MSI75F2.txt
[2010/01/03 14:19:25 | 000,403,614 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SSCERuntime_MSI75EB.txt
[2010/01/03 14:17:04 | 010,833,356 | ---- | C] () -- C:\Users\Admin\AppData\Local\VSMsiLog741F.txt
[2010/01/03 14:14:45 | 000,099,209 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_depcheck_VB_EXP_90.txt
[2010/01/03 14:14:41 | 000,314,184 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_install_vb_xcor_90.txt
[2010/01/03 14:14:41 | 000,000,002 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_error_vb_xcor_90.txt
[2010/01/02 09:48:17 | 000,000,680 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d9caps.dat
[2010/01/01 08:10:14 | 000,028,094 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\OFMissionEditorConfig.xml
[2009/12/25 17:50:46 | 000,000,549 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\AutoGK.ini
[2009/12/21 14:57:00 | 000,398,420 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SharedManagementObjects_MSI1AF5.txt
[2009/12/21 14:56:57 | 000,183,144 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SQLSysClrTypes_msi1AEB.txt
[2009/12/21 14:54:21 | 010,877,390 | ---- | C] () -- C:\Users\Admin\AppData\Local\VSMsiLog18ED.txt
[2009/12/21 14:54:16 | 000,202,590 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI18DD.txt
[2009/12/21 14:54:05 | 000,223,372 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_WinSDK_ExpTools_x64_MSI18B9.txt
[2009/12/21 14:52:58 | 005,362,064 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_WinSDK_Build_x64_MSI17DE.txt
[2009/12/21 14:52:50 | 001,214,510 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_ExpRemoteDbg_x64_MSI17C4.txt
[2009/12/21 14:52:34 | 000,432,970 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_VC_Red_MSI1790.txt
[2009/12/21 14:47:37 | 000,116,946 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_depcheck_VC_EXP_90.txt
[2009/12/21 14:47:32 | 000,460,720 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_install_vc_xcor_90.txt
[2009/12/21 14:47:32 | 000,010,940 | ---- | C] () -- C:\Users\Admin\AppData\Local\uxeventlog.txt
[2009/12/21 14:47:32 | 000,000,002 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_error_vc_xcor_90.txt
[2009/11/07 09:27:35 | 000,440,344 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistMSI30FA.txt
[2009/11/07 09:27:35 | 000,016,504 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistUI30FA.txt
[2009/11/04 19:16:28 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/09/10 18:59:49 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/10 18:58:17 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/07 17:35:33 | 000,024,226 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\UserTile.png
[2009/09/06 11:00:04 | 000,087,552 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/06 08:52:54 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2009/09/06 08:50:22 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/09/05 06:46:59 | 000,000,093 | ---- | C] () -- C:\Users\Admin\AppData\Local\fusioncache.dat
[2009/09/04 16:23:09 | 000,888,214 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/09/02 12:47:13 | 000,069,801 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/02 12:44:41 | 000,069,801 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/09/02 12:19:17 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009/09/02 12:09:17 | 000,000,732 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d9caps64.dat
[2008/01/21 12:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/03/06 09:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\AMV_DecDLL.dll
[2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\SysWow64\drivers\ADFUUD.SYS
[2003/05/08 02:25:22 | 000,002,497 | ---- | C] () -- C:\Windows\SysWow64\NSM 7 Student CD.ini
[2002/10/16 08:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

========== LOP Check ==========

[2010/01/15 13:56:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\acccore
[2010/06/07 18:27:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Activision
[2009/11/05 07:14:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Atari
[2010/08/28 07:32:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Azureus
[2010/03/21 16:32:30 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Bioshock
[2009/10/17 15:44:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Braid
[2009/10/09 15:34:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2010/08/26 07:48:33 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/07/12 20:12:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\fizzy
[2010/07/19 19:04:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Golly
[2009/11/26 16:47:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GrabPro
[2009/12/25 19:30:39 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\HandBrake
[2009/10/03 17:54:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\HTNetMeter
[2009/09/07 19:34:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ImgBurn
[2010/08/14 13:03:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LimeWire
[2009/11/21 10:53:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mobipocket
[2010/06/06 12:55:33 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mount&Blade
[2010/07/19 17:26:58 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nokia
[2010/06/30 18:44:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Opera
[2010/06/24 21:50:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Orbit
[2010/07/19 17:26:58 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PC Suite
[2010/07/05 17:31:58 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Perfect PC 2.0 Beta
[2010/08/21 20:29:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Petroglyph
[2009/11/07 09:30:58 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\runic games
[2010/07/16 14:48:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Scirra
[2009/12/26 09:16:39 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Sega
[2010/07/27 21:06:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Smart FLV Converter Pro
[2010/01/26 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\smc
[2010/07/07 17:06:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\SPORE
[2009/10/18 15:46:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\SystemRequirementsLab
[2010/06/04 17:04:46 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TeraCopy
[2010/08/27 18:36:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\tixati
[2010/08/26 18:19:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2010/05/09 20:28:59 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Xilisoft Corporation
[2010/08/27 21:01:37 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/27 07:32:20 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0019C1E7-F172-4530-B86E-647413BEF618}.job
[2010/08/28 07:36:59 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E6C9C280-F0A5-40B5-AD8B-F677E0311A7F}.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2009/11/06 15:30:41 | 000,000,000 | ---D | M](C:\Users\Admin\Documents\????) -- C:\Users\Admin\Documents\마비노기
[2009/11/06 15:30:41 | 000,000,000 | ---D | C](C:\Users\Admin\Documents\????) -- C:\Users\Admin\Documents\마비노기
< End of report >


#6 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:07:14 PM

Posted 27 August 2010 - 04:43 PM

Hi there,

STEP 1 - TFC

Download TFC to your desktop
  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
STEP 2 - MBAM

Open Malwarebyte's Anti-Malware.
  • Under the Updates tab, click Check for Updates. Let the updates install (if any).
  • After that, under the Scanner tab, click Perform Quick Scan and then Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

STEP 3 - Kaspersky

Using Internet Explorer or Firefox, visit Kaspersky Online Scanner

1. Click Accept, when prompted to download and install the program files and database of malware definitions.

2. To optimize scanning time and produce a more sensible report for review:
  • Close any open programs
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Click HERE to see how to disable the most common antivirus programs.
3. Click Run at the Security prompt.

The program will then begin downloading and installing and will also update the database.
Please be patient as this can take quite a long time to download.
  • Once the update is complete, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, adware, dialers, and other riskware
    • Archives
    • E-mail databases
  • Click on My Computer under the green Scan bar to the left to start the scan.
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Click View report... at the bottom.
  • Click the Save report... button.



  • Change the Files of type dropdown box to Text file (.txt) and name the file KasReport.txt to save the file to your desktop so that you may post it in your next reply
STEP 4 - Reply

Please reply with the following log:
  • MBAM Log
  • Kaspersky Log

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#7 davidog

davidog
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 27 August 2010 - 05:40 PM

Hi mpascal, my internet browser doesnt work but I can strangely access bleeping computer so I can't use kaspersky online scanner. Is it of major importance?

Edited by davidog, 28 August 2010 - 12:01 AM.


#8 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:07:14 PM

Posted 28 August 2010 - 04:11 PM

Hi there,

I'll give you a program that you can download instead.

Before we start fixing anything you should print out these instructions or copy them to a NotePad file so they will be accessible. Some steps will require you to disconnect from the Internet or use Safe Mode and you will not have access to this page.

Please download Dr.Web CureIt and save it to your desktop. DO NOT perform a scan yet.
alternate download link
Note: The file will be randomly named (i.e. 5mkuvc4z.exe).

Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Scan with Dr.Web CureIt as follows:
  • Double-click on the randomly named file to open the program and click Start. (There is no need to update if you just downloaded the most current version
  • Read the anti-virus check by DrWeb scanner prompt and click Ok where asked to Start scan now? Allow the setup.exe to load if asked by any of your security programs.
  • The Express scan will automatically begin.
    (This is a short scan of files currently running in memory, boot sectors, and targeted folders).
  • If prompted to dowload the Full version Free Trial, ignore and click the X to close the window.
  • If an infected object is found, you will be prompted to move anything that cannot be cured. Click Yes to All. (This will move any detected files to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if they can't be cured)
  • After the Express Scan is finished, put a check next to Complete scan to scan all local disks and removable media.
  • In the top menu, click Settings > Change settings, and uncheck "Heuristic analysis" under the "Scanning" tab, then click Apply, Ok.
  • Back at the main window, click the green arrow "Start Scanning" button on the right under the Dr.Web logo.
  • Please be patient as this scan could take a long time to complete.
  • When the scan has finished, a message will be displayed at the bottom indicating if any viruses were found.
  • Click Select All, then choose Cure > Move incurable.
  • In the top menu, click file and choose save report list.
  • Save the DrWeb.csv report to your desktop.
  • Exit Dr.Web Cureit when done.
  • Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web in your next reply. (You can use Notepad to open the DrWeb.cvs report)

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#9 davidog

davidog
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 29 August 2010 - 04:58 AM

Hi, when I ran the program in safe mode, after 9 hours of scanning it was approx. 70% done. It was stuck on one file and I decided to pull the plug and stop the scan. I foolishly forgot to create a report as well. My apologies and here is the mbam log: Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4500

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

29/08/2010 8:07:05 PM
mbam-log-2010-08-29 (20-07-05).txt

Scan type: Quick scan
Objects scanned: 151456
Time elapsed: 6 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Also is it okay if I run a two week old TFC?

Edited by davidog, 29 August 2010 - 05:08 AM.


#10 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:07:14 PM

Posted 29 August 2010 - 12:07 PM

Feel free to run TFC, but I would download the newest version. You can get the newest version by clicking on the link I gave you a few posts ago.

Do you know if Dr. Web had found anything during the scan?

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#11 davidog

davidog
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 30 August 2010 - 01:24 AM

mpascal, The Dr Web scan did not find anything on my computer 70% through scanning. However a few days back, I installed superantispyware and found and removed two trojans and quite a few tracking cookies. However this did not help the situation at all.

#12 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:07:14 PM

Posted 30 August 2010 - 10:09 AM

Hi there,

We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#13 davidog

davidog
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 31 August 2010 - 01:54 AM

I was very angry when I launched ComboFix and discovered that it does not work on 64-Bit OS (I run Windows Vista Home Premium 64-Bit). Also, my virus has become so bad that I do not get the 5 minutes of web browsing I used to get. However Bleeping Computer still workis perfectly.

#14 mpascal

mpascal

    Math Nerd


  • Members
  • 1,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:07:14 PM

Posted 31 August 2010 - 10:16 AM

Hi there,

Sorry about that, I forgot you were running 64-bit.

Open up OTL and push the Quickscan button. Post the resulting log here.

Posted Image

Stay with your topic! Topics that go 4 days without a reply will be closed. PM me to reopen.

Please don't PM asking for support. Post on the forums instead.

My help is free, but if you wish to donate and help continue my fight against malware, click here: Posted Image


#15 davidog

davidog
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:10:14 AM

Posted 01 September 2010 - 02:38 AM

This is the OTL Report as requested:





OTL logfile created on: 1/09/2010 5:30:26 PM - Run 4
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Admin\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 64.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 341.89 Gb Free Space | 36.70% Space Free | Partition Type: NTFS
Drive D: | 3.62 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ADMIN-PC
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/01 17:29:09 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Downloads\OTL(2).exe
PRC - [2010/07/31 10:21:50 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010/07/31 10:21:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/07/25 08:06:15 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/07/25 08:06:14 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/06/07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccsvchst.exe
PRC - [2009/11/11 09:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/10/27 08:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 08:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/10/27 08:14:22 | 000,128,000 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2009/07/26 15:44:34 | 003,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/05/30 03:36:01 | 000,348,160 | R--- | M] (Codemasters) -- D:\autorun.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/07/10 15:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe


========== Modules (SafeList) ==========

MOD - [2010/09/01 17:29:09 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Downloads\OTL(2).exe
MOD - [2010/05/14 15:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\asoehook.dll
MOD - [2009/09/25 12:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009/07/12 18:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 18:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\microsoft.vc90.crt\msvcp90.dll
MOD - [2009/04/11 16:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2008/01/21 12:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc)
SRV:64bit: - [2010/06/30 03:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/08/18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2008/07/29 12:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2008/01/21 12:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/08/09 16:59:52 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/07/31 10:21:50 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010/07/31 10:21:39 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/06/07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/22 05:41:00 | 003,532,120 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/03/19 09:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 14:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 10:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ccSvcHst.exe -- (N360)
SRV - [2009/10/27 08:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/12/08 17:15:26 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)
SRV - [2008/07/10 15:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008/07/10 15:33:06 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
SRV - [2008/07/10 15:33:02 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010/08/14 12:54:07 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/07/01 19:22:40 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/06/30 19:54:26 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/06/30 19:54:26 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010/05/06 14:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0402000.00C\SYMTDIV.SYS -- (SYMTDIv)
DRV:64bit: - [2010/04/29 15:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2010/04/22 13:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2010/04/22 12:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0402000.00C\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2010/04/22 12:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/03/23 02:17:06 | 001,462,304 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2010/02/26 10:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2010/02/18 04:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/18 04:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2009/10/15 13:50:05 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\SYMDS64.SYS -- (SymDS)
DRV:64bit: - [2009/10/06 10:56:34 | 000,172,544 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2009/10/06 10:54:18 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2009/10/06 10:53:56 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2009/10/06 10:53:56 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2009/10/06 10:53:54 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2009/10/05 20:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV:64bit: - [2009/09/28 02:02:38 | 000,019,544 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/08/17 13:57:56 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2009/08/17 13:57:52 | 000,116,640 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2009/05/19 08:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/11 15:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2008/11/04 12:21:08 | 000,098,144 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\jraid.sys -- (JRAID)
DRV:64bit: - [2008/08/28 10:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007/06/25 05:37:14 | 000,108,032 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2007/01/23 09:20:34 | 000,040,216 | ---- | M] (H+H Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vcd9bus.sys -- (vcd9bus)
DRV:64bit: - [2006/09/19 07:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010/09/01 17:20:28 | 000,024,072 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/08/14 12:57:59 | 001,791,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100830.038\EX64.SYS -- (NAVEX15)
DRV - [2010/08/14 12:57:59 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/08/14 12:57:59 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/08/14 12:57:59 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100830.038\ENG64.SYS -- (NAVENG)
DRV - [2010/08/10 11:11:04 | 000,945,200 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100810.004\BHDrvx64.sys -- (BHDrvx64)
DRV - [2010/06/17 11:54:12 | 000,463,408 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100827.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/10/05 20:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV - [2009/08/17 13:57:56 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2009/08/17 13:57:52 | 000,116,640 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2007/03/16 10:11:20 | 000,015,648 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys -- (Cardex)
DRV - [2007/01/24 20:25:52 | 000,420,648 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RTL85n64.sys -- (RTL85n64)
DRV - [2005/01/05 04:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
FF - prefs.js..extensions.enabledItems: netvideohunter@netvideohunter.com:1.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/11/20 07:11:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/08/15 08:47:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/08/14 12:54:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/07/25 08:06:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/07/31 09:55:05 | 000,000,000 | ---D | M]

[2009/12/12 07:01:08 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions
[2009/11/01 16:43:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/08/31 16:42:43 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions
[2010/06/08 19:33:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/23 21:09:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/08 17:38:34 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/06/09 15:44:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\battlefieldheroespatcher@ea.com
[2010/07/23 21:09:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\mozilla\Firefox\Profiles\6dflw320.default\extensions\netvideohunter@netvideohunter.com
[2010/08/14 12:42:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/25 16:51:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/11/03 10:07:00 | 000,040,960 | ---- | M] (BYOND) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npbyond.dll
[2010/05/25 16:50:59 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/10/06 19:40:40 | 000,098,304 | ---- | M] (OGPlanet Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npOGPPlugin.dll
[2010/03/13 15:32:41 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010/03/22 18:40:25 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/22 18:40:25 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2010/03/22 18:40:25 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2010/03/22 18:40:25 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/19 07:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.2.0.12\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 10
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.21\AMVConverter\grab.html ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files (x86)\Media Player Utilities 4.21\AMVConverter\grab.html ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/15 20:48:56 | 000,000,000 | R--D | M] - D:\AutorunFiles -- [ UDF ]
O32 - AutoRun File - [2009/05/30 03:36:01 | 000,348,160 | R--- | M] (Codemasters) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2007/03/29 20:45:28 | 000,000,051 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{0db75662-b455-11de-be8e-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{0db75662-b455-11de-be8e-00241d75f2da}\Shell\AutoRun\command - "" = I:\autorun.exe -- File not found
O33 - MountPoints2\{114234e4-9764-11de-82bf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{114234e4-9764-11de-82bf-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Nvsetup.exe -- File not found
O33 - MountPoints2\{1bc13fd6-b6c4-11de-973d-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{1bc13fd6-b6c4-11de-973d-00241d75f2da}\Shell\AutoRun\command - "" = E:\AutoRunMorrowind.exe -- File not found
O33 - MountPoints2\{1bc13fd6-b6c4-11de-973d-00241d75f2da}\Shell\install\command - "" = E:\Setup.exe -- File not found
O33 - MountPoints2\{1f0a1a99-be86-11de-b6ba-00241d75f2da}\Shell\AutoRun\command - "" = F:\x0.cmd -- File not found
O33 - MountPoints2\{1f0a1a99-be86-11de-b6ba-00241d75f2da}\Shell\explore\Command - "" = F:\x0.cmd -- File not found
O33 - MountPoints2\{1f0a1a99-be86-11de-b6ba-00241d75f2da}\Shell\open\Command - "" = F:\x0.cmd -- File not found
O33 - MountPoints2\{71816b81-976a-11de-b49a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{71816b81-976a-11de-b49a-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2009/05/30 03:36:01 | 000,348,160 | R--- | M] (Codemasters)
O33 - MountPoints2\{7aad38ea-df0b-11de-a68b-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{7aad38ea-df0b-11de-a68b-00241d75f2da}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a06ee4be-9917-11de-8931-00241d75f2da}\Shell\AutoRun\command - "" = firefox.exe
O33 - MountPoints2\{ddce7701-984e-11de-92c3-00241d75f2da}\Shell - "" = AutoRun
O33 - MountPoints2\{ddce7701-984e-11de-92c3-00241d75f2da}\Shell\AutoRun\command - "" = E:\BelkinFileTransferCable.exe -- File not found
O33 - MountPoints2\{f5bb7dd2-9866-11de-9b75-00241d75f2da}\Shell\AutoRun\command - "" = iexplore.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/31 21:16:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2010/08/31 18:29:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Gothic3ForsakenGods
[2010/08/31 16:31:53 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010/08/30 20:14:55 | 000,000,000 | ---D | C] -- C:\Jade Empire
[2010/08/30 18:32:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Singualrity
[2010/08/30 16:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JoWooD
[2010/08/30 16:20:19 | 000,000,000 | ---D | C] -- C:\Mafia I
[2010/08/29 09:59:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\DoctorWeb
[2010/08/28 15:25:38 | 000,000,000 | ---D | C] -- C:\Clam WIn
[2010/08/28 15:24:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\New Folder (1)
[2010/08/28 15:16:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dude
[2010/08/28 11:02:53 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\UFOAI
[2010/08/28 10:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UFOAI-2.3
[2010/08/28 10:55:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\SUPERAntiSpyware.com
[2010/08/28 10:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010/08/28 10:55:07 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2010/08/28 10:55:06 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/08/28 10:54:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hitman Pro 3.5
[2010/08/27 20:15:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Hitman Blood Money
[2010/08/27 19:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2010/08/27 19:26:06 | 000,000,000 | ---D | C] -- C:\Hitman Blood Money
[2010/08/27 17:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze
[2010/08/27 16:21:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2010/08/26 07:48:32 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/08/25 20:12:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Singularity
[2010/08/25 19:05:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Piss OFF
[2010/08/23 21:11:11 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\NFS-CARBON [FULL-RIP COTTA]
[2010/08/22 17:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/08/21 23:17:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2010/08/21 23:17:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2010/08/21 13:07:48 | 000,000,000 | ---D | C] -- C:\Users\Admin\Games
[2010/08/20 17:25:18 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\DDS LOGS
[2010/08/19 18:36:42 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\HELP MY PC LOGS
[2010/08/15 08:54:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/08/15 08:54:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/08/14 17:39:03 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symtdiv.sys
[2010/08/14 17:39:03 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.sys
[2010/08/14 17:39:02 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.sys
[2010/08/14 17:39:02 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.sys
[2010/08/14 17:39:01 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.sys
[2010/08/14 17:39:01 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\ironx64.sys
[2010/08/14 17:39:00 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.sys
[2010/08/14 17:37:33 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\CrashDumps
[2010/08/14 17:36:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0402000.00C
[2010/08/14 12:54:19 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/08/14 12:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010/08/14 12:54:07 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/08/14 12:53:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2010/08/14 12:53:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2010/08/14 12:52:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010/08/13 20:51:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Malwarebytes
[2010/08/13 20:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/13 20:51:06 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/08/08 15:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Counter Strike Source
[2010/08/07 15:59:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\CAPCOM
[2010/08/07 15:59:59 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\CAPCOM
[2010/08/07 14:49:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2010/08/06 21:34:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2010/08/03 07:48:05 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\New Folder
[2010/07/30 19:52:15 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Year 6
[2010/07/29 20:38:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Call of Juarez - Bound in Blood
[2010/07/27 21:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free M4a to MP3 Converter
[2010/07/27 21:06:38 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Smart FLV Converter Pro
[2010/07/21 16:13:17 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Chaos Key Binder
[2010/07/20 17:29:20 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\My Received Files
[2010/07/19 18:28:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Golly
[2010/07/19 18:26:40 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Golly
[2010/07/19 17:24:22 | 000,000,000 | -HSD | C] -- C:\Users\Admin\Phone Browser
[2010/07/19 17:23:34 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Nokia
[2010/07/19 16:54:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Ebook To Txt
[2010/07/17 16:20:50 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Divinity 2
[2010/07/17 16:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Divinity 2
[2010/07/17 16:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Divinity II - Ego Draconis
[2010/07/14 12:22:45 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\NVIDIA
[2010/07/13 14:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/07/13 14:55:17 | 000,000,000 | ---D | C] -- C:\Alien Arena 7_40
[2010/07/13 14:53:05 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/07/13 14:53:05 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/07/13 12:37:23 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Vuze Downloads
[2010/07/13 12:25:35 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Azureus
[2010/07/12 20:12:28 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\fizzy
[2010/07/12 20:11:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fizzy
[2010/07/07 17:05:51 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\My Spore Creations
[2010/07/07 17:05:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\SPORE
[2010/07/07 16:59:02 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Caddyshack
[2010/07/05 17:31:58 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Perfect PC 2.0 Beta
[2010/07/05 17:30:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC User PerfectPC 2.0
[2010/07/05 16:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC User YouGrab 3
[2010/07/04 10:25:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\border
[2010/07/01 21:36:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010/07/01 19:32:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Risen
[2010/07/01 19:31:04 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Video Game folders
[2010/07/01 18:33:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Disney Interactive Studios
[2010/06/30 20:22:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Disney Interactive Studios
[2010/06/30 19:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver
[2010/06/30 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Opera
[2010/06/30 18:44:44 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\Opera
[2010/06/30 18:44:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010/06/29 20:14:57 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\tixati
[2010/06/29 18:23:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\tixati
[2010/06/28 17:00:49 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2010/06/27 08:45:36 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Scirra
[2010/06/27 08:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scirra
[2010/06/26 22:59:02 | 000,000,000 | ---D | C] -- C:\d6b80ca959faa11a5896b5df14d04e
[2010/06/26 18:31:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2010/06/25 16:18:56 | 000,000,000 | ---D | C] -- C:\DoW II
[2010/06/23 18:08:52 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2010/06/23 18:04:46 | 000,000,000 | ---D | C] -- C:\plants vs zombies
[2010/06/19 11:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unreal Tournament 3
[2010/06/14 19:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect 2
[2010/06/14 19:45:14 | 000,000,000 | ---D | C] -- C:\Mass Effect 2
[2010/06/10 16:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lionhead Studios Ltd
[2010/06/09 15:58:10 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Local\PunkBuster
[2010/06/09 15:54:11 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Battlefield Heroes
[2010/06/08 17:37:57 | 000,000,000 | ---D | C] -- C:\L4D2
[2010/06/07 18:27:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Activision
[2010/06/07 18:27:16 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Activision
[2010/06/07 18:01:58 | 000,000,000 | ---D | C] -- C:\Marvel.Ultimate.Alliance.PC.Game(djDEVASTATE™)
[2010/06/06 15:20:39 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\JC2 Saves
[2010/06/06 12:09:49 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Mount&Blade Savegames
[2010/06/06 12:03:41 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\Mount&Blade
[2010/06/05 13:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mount&Blade
[2010/06/04 22:41:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marble Blast Gold
[2010/06/04 18:07:06 | 000,000,000 | ---D | C] -- C:\Users\Admin\Documents\Freedom Fighters
[2010/06/04 17:16:46 | 000,000,000 | ---D | C] -- C:\Users\Admin\Desktop\Luke D
[1 C:\Users\Admin\Documents\*.tmp files -> C:\Users\Admin\Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/09/01 17:36:59 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E6C9C280-F0A5-40B5-AD8B-F677E0311A7F}.job
[2010/09/01 17:34:13 | 004,718,592 | -HS- | M] () -- C:\Users\Admin\NTUSER.DAT
[2010/09/01 17:25:02 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0019C1E7-F172-4530-B86E-647413BEF618}.job
[2010/09/01 17:22:38 | 000,069,801 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/01 17:22:38 | 000,069,801 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/01 17:20:25 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 17:20:25 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/01 17:20:23 | 000,270,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/09/01 17:20:20 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/01 17:20:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/31 21:33:07 | 000,002,140 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/08/31 21:32:35 | 004,429,451 | -H-- | M] () -- C:\Users\Admin\AppData\Local\IconCache.db
[2010/08/31 21:26:06 | 002,370,622 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Cat.DB
[2010/08/31 21:19:10 | 000,894,318 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/31 21:19:10 | 000,742,562 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/31 21:19:10 | 000,160,882 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/31 20:46:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3727659869-3107808148-815176439-1004UA.job
[2010/08/31 19:46:20 | 000,060,784 | ---- | M] () -- C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/30 18:42:53 | 000,011,300 | ---- | M] () -- C:\Users\Admin\Documents\Brainstorm.docx
[2010/08/30 16:56:26 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\Play Gothic III Forsaken Gods.lnk
[2010/08/29 17:14:05 | 000,001,356 | ---- | M] () -- C:\Users\Admin\AppData\Local\d3d9caps.dat
[2010/08/29 17:13:54 | 000,090,624 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/28 12:46:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3727659869-3107808148-815176439-1004Core.job
[2010/08/28 10:56:57 | 000,000,822 | ---- | M] () -- C:\Users\Admin\Desktop\UFOAlien Invasion.lnk
[2010/08/28 10:55:07 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/28 10:54:04 | 000,001,827 | ---- | M] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/08/27 19:48:19 | 000,000,925 | ---- | M] () -- C:\Users\Admin\Desktop\Hitman Blood Money by Synergy.lnk
[2010/08/27 17:34:50 | 000,001,687 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010/08/27 17:34:50 | 000,001,687 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/08/27 15:41:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Admin\Desktop\OTL.exe
[2010/08/27 15:37:52 | 000,293,376 | ---- | M] () -- C:\Users\Admin\Desktop\pbrtbypw.exe
[2010/08/26 07:48:30 | 000,001,074 | ---- | M] () -- C:\Users\Admin\Desktop\DVDVideoSoft Free Studio.lnk
[2010/08/25 19:46:24 | 005,058,894 | ---- | M] () -- C:\Users\Admin\Desktop\2 pac - tupac - Hit em up.mp3
[2010/08/25 19:39:03 | 011,745,280 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).mp3
[2010/08/25 19:34:43 | 012,495,014 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).flv
[2010/08/25 19:28:23 | 013,815,808 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50_ Eminem_ 2Pac_ Nas &amp; Busta Rhymes - Victory (NickT Remix) (854x480 HQ).mp3
[2010/08/25 19:12:03 | 032,096,422 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50, Eminem, 2Pac, Nas &amp; Busta Rhymes - Victory (NickT Remix) (854x480 HQ).flv
[2010/08/22 17:51:16 | 000,010,219 | ---- | M] () -- C:\Users\Admin\Documents\Midsummer Rationale.docx
[2010/08/22 17:51:04 | 000,012,927 | ---- | M] () -- C:\Users\Admin\Documents\Midsummer.docx
[2010/08/22 12:15:01 | 005,063,312 | ---- | M] () -- C:\Users\Admin\Documents\Cla.flv
[2010/08/22 00:32:09 | 000,000,162 | -H-- | M] () -- C:\Users\Admin\Documents\~$od PDHPE.docx
[2010/08/21 20:25:43 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010/08/21 20:25:43 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2010/08/21 13:40:14 | 000,000,802 | ---- | M] () -- C:\Users\Admin\Desktop\Company of Heroes.lnk
[2010/08/20 17:11:31 | 000,000,020 | ---- | M] () -- C:\Users\Admin\defogger_reenable
[2010/08/20 17:09:38 | 000,525,824 | ---- | M] () -- C:\Users\Admin\Desktop\dds.scr
[2010/08/18 17:08:30 | 000,000,534 | ---- | M] () -- C:\Users\Admin\Desktop\whshnpky - Shortcut.lnk
[2010/08/15 08:54:33 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/14 19:21:24 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2010/08/14 12:54:07 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/08/14 12:54:07 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/08/14 12:54:07 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/08/10 17:07:23 | 000,000,906 | ---- | M] () -- C:\Users\Admin\Desktop\MassEffect2Launcher - Shortcut.lnk
[2010/08/05 21:15:44 | 000,019,050 | ---- | M] () -- C:\Users\Admin\Documents\My family History PDHPE Assignment.docx
[2010/08/03 22:16:46 | 000,011,005 | ---- | M] () -- C:\Users\Admin\Documents\Favourite TV Shows.docx
[2010/08/03 19:35:19 | 000,020,167 | ---- | M] () -- C:\Users\Admin\Documents\Food PDHPE.docx
[2010/08/02 17:15:57 | 000,002,279 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/08/01 21:52:33 | 000,000,000 | -H-- | M] () -- C:\Users\Admin\Documents\Default.rdp
[2010/07/31 16:40:13 | 000,012,402 | ---- | M] () -- C:\Users\Admin\Documents\A little history about me.docx
[2010/07/31 10:21:50 | 000,107,832 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/07/31 10:21:39 | 002,250,024 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/07/31 10:21:39 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/07/28 19:25:30 | 000,004,314 | ---- | M] () -- C:\Users\Admin\Documents\GROWN_UPS.MDS
[2010/07/28 18:25:41 | 000,000,740 | ---- | M] () -- C:\Users\Admin\Desktop\YouTube - Chaser Ad Road Test - Subway (640x360 HQ) - Shortcut.lnk
[2010/07/27 21:14:08 | 000,000,892 | ---- | M] () -- C:\Users\Admin\Desktop\Free M4a to MP3 Converter.lnk
[2010/07/27 21:14:08 | 000,000,887 | ---- | M] () -- C:\Users\Admin\Desktop\My Music Tools.lnk
[2010/07/26 17:58:45 | 000,000,779 | ---- | M] () -- C:\Users\Admin\Desktop\m0d_s0beit_sa.DEV.2010-04-14.Mercurial.f4bb98d07523.Setup - Shortcut.lnk
[2010/07/25 15:20:34 | 000,000,162 | -H-- | M] () -- C:\Users\Admin\Documents\~$ family History PDHPE Assignment.docx
[2010/07/23 21:30:14 | 000,000,104 | ---- | M] () -- C:\Users\Admin\Desktop\Recycle Bin - Shortcut.lnk
[2010/07/21 19:40:34 | 000,117,229 | ---- | M] () -- C:\Users\Admin\Documents\Untitled (2).wma
[2010/07/20 17:07:34 | 000,036,409 | ---- | M] () -- C:\Users\Admin\Documents\Untitled.wma
[2010/07/20 16:25:25 | 000,000,758 | ---- | M] () -- C:\Users\Admin\Desktop\samp - Shortcut.lnk
[2010/07/19 19:04:34 | 000,000,641 | ---- | M] () -- C:\Users\Admin\Desktop\Golly - Shortcut.lnk
[2010/07/16 14:55:15 | 000,000,072 | ---- | M] () -- C:\Users\Admin\Documents\Gho Shoot.persist
[2010/07/13 21:59:16 | 000,000,000 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/07/13 14:59:00 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/07/13 14:59:00 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/07/13 14:59:00 | 000,122,904 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010/07/13 14:59:00 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010/07/13 14:58:53 | 000,000,088 | ---- | M] () -- C:\Windows\galaxy.ini
[2010/07/10 08:44:56 | 000,000,312 | ---- | M] () -- C:\Users\Admin\Desktop\Curse Client.appref-ms
[2010/07/10 08:41:29 | 000,000,897 | ---- | M] () -- C:\Users\Admin\Desktop\DTLite - Shortcut.lnk
[2010/07/10 08:41:25 | 000,000,885 | ---- | M] () -- C:\Users\Admin\Desktop\YASU - Shortcut.lnk
[2010/07/08 19:32:59 | 000,000,549 | ---- | M] () -- C:\Users\Admin\AppData\Roaming\AutoGK.ini
[2010/07/05 17:30:26 | 000,001,029 | ---- | M] () -- C:\Users\Admin\Desktop\PC User PerfectPC 2.0.lnk
[2010/07/05 16:39:47 | 000,000,954 | ---- | M] () -- C:\Users\Admin\Desktop\PC User YouGrab 3.lnk
[2010/07/01 19:22:41 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/07/01 19:22:40 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2010/06/30 19:54:26 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2010/06/30 19:54:26 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2010/06/30 18:44:38 | 000,000,768 | ---- | M] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/06/28 17:00:50 | 000,000,818 | ---- | M] () -- C:\Users\Admin\Desktop\PeerBlock.lnk
[2010/06/27 12:15:05 | 000,023,650 | ---- | M] () -- C:\Users\Admin\Documents\Gho Shoot.cap
[2010/06/24 19:56:51 | 000,022,697 | ---- | M] () -- C:\Users\Admin\Desktop\moo....mp3
[2010/06/20 12:46:24 | 000,013,351 | ---- | M] () -- C:\Users\Admin\Documents\The Families.docx
[2010/06/14 13:29:24 | 000,031,919 | ---- | M] () -- C:\Users\Admin\Documents\Ds.wma
[2010/06/13 09:20:16 | 000,048,200 | ---- | M] () -- C:\Users\Admin\Documents\MassEffectConfigReport2010-06-13.xml
[2010/06/11 20:19:09 | 000,215,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/06/09 15:51:23 | 002,427,248 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010/06/08 09:58:00 | 000,065,128 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010/06/08 09:58:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010/06/08 09:58:00 | 000,012,507 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2010/06/04 17:23:51 | 000,000,892 | ---- | M] () -- C:\Windows\eReg.dat
[2010/06/03 22:14:52 | 000,001,069 | ---- | M] () -- C:\Users\Admin\Desktop\Fantasy Beings - Shortcut.lnk
[1 C:\Users\Admin\Documents\*.tmp files -> C:\Users\Admin\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/30 18:42:52 | 000,011,300 | ---- | C] () -- C:\Users\Admin\Documents\Brainstorm.docx
[2010/08/30 16:56:25 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\Play Gothic III Forsaken Gods.lnk
[2010/08/28 10:56:56 | 000,000,822 | ---- | C] () -- C:\Users\Admin\Desktop\UFOAlien Invasion.lnk
[2010/08/28 10:55:07 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/08/28 10:54:04 | 000,001,827 | ---- | C] () -- C:\Users\Public\Desktop\Hitman Pro 3.5.lnk
[2010/08/27 19:48:19 | 000,000,925 | ---- | C] () -- C:\Users\Admin\Desktop\Hitman Blood Money by Synergy.lnk
[2010/08/27 17:34:50 | 000,001,687 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010/08/27 17:34:50 | 000,001,687 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/08/27 15:49:56 | 000,293,376 | ---- | C] () -- C:\Users\Admin\Desktop\pbrtbypw.exe
[2010/08/25 19:46:05 | 005,058,894 | ---- | C] () -- C:\Users\Admin\Desktop\2 pac - tupac - Hit em up.mp3
[2010/08/25 19:38:51 | 011,745,280 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).mp3
[2010/08/25 19:31:20 | 012,495,014 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Eminem Drug Ballad (640x360 HQ).flv
[2010/08/25 19:12:24 | 013,815,808 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50_ Eminem_ 2Pac_ Nas &amp; Busta Rhymes - Victory (NickT Remix) (854x480 HQ).mp3
[2010/08/25 19:09:41 | 000,001,074 | ---- | C] () -- C:\Users\Admin\Desktop\DVDVideoSoft Free Studio.lnk
[2010/08/25 19:07:39 | 032,096,422 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Notorious BIG ft 50, Eminem, 2Pac, Nas &amp; Busta Rhymes - Victory (NickT Remix) (854x480 HQ).flv
[2010/08/22 17:51:16 | 000,010,219 | ---- | C] () -- C:\Users\Admin\Documents\Midsummer Rationale.docx
[2010/08/22 17:51:03 | 000,012,927 | ---- | C] () -- C:\Users\Admin\Documents\Midsummer.docx
[2010/08/22 12:14:58 | 005,063,312 | ---- | C] () -- C:\Users\Admin\Documents\Cla.flv
[2010/08/22 00:32:09 | 000,000,162 | -H-- | C] () -- C:\Users\Admin\Documents\~$od PDHPE.docx
[2010/08/21 23:12:12 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2010/08/21 23:12:12 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2010/08/21 23:12:12 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2010/08/21 23:12:12 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2010/08/21 23:12:12 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2010/08/21 23:12:12 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2010/08/21 20:17:16 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010/08/21 20:17:16 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2010/08/21 13:40:14 | 000,000,802 | ---- | C] () -- C:\Users\Admin\Desktop\Company of Heroes.lnk
[2010/08/20 17:28:40 | 000,293,376 | ---- | C] () -- C:\Users\Admin\Desktop\gmer.exe
[2010/08/20 17:11:30 | 000,000,020 | ---- | C] () -- C:\Users\Admin\defogger_reenable
[2010/08/20 17:09:19 | 000,525,824 | ---- | C] () -- C:\Users\Admin\Desktop\dds.scr
[2010/08/18 17:08:30 | 000,000,534 | ---- | C] () -- C:\Users\Admin\Desktop\whshnpky - Shortcut.lnk
[2010/08/15 08:54:33 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/14 21:29:22 | 000,165,183 | ---- | C] () -- C:\Users\Admin\Helping PC.txt
[2010/08/14 19:20:43 | 002,370,622 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\Cat.DB
[2010/08/14 17:39:03 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa64.cat
[2010/08/14 17:39:03 | 000,007,787 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnetv64.cat
[2010/08/14 17:39:03 | 000,007,368 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnet64.cat
[2010/08/14 17:39:03 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symefa.inf
[2010/08/14 17:39:03 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnetv.inf
[2010/08/14 17:39:03 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symnet.inf
[2010/08/14 17:39:02 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.cat
[2010/08/14 17:39:02 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds64.cat
[2010/08/14 17:39:02 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\symds.inf
[2010/08/14 17:39:02 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtspx64.inf
[2010/08/14 17:39:01 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.cat
[2010/08/14 17:39:01 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\iron.cat
[2010/08/14 17:39:01 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\srtsp64.inf
[2010/08/14 17:39:01 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\iron.inf
[2010/08/14 17:39:00 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.cat
[2010/08/14 17:39:00 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\cchpx64.inf
[2010/08/14 17:36:17 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0402000.00C\isolate.ini
[2010/08/14 12:54:19 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/08/14 12:54:19 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/08/14 12:54:00 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2010/08/10 17:07:23 | 000,000,906 | ---- | C] () -- C:\Users\Admin\Desktop\MassEffect2Launcher - Shortcut.lnk
[2010/08/03 22:16:46 | 000,011,005 | ---- | C] () -- C:\Users\Admin\Documents\Favourite TV Shows.docx
[2010/08/01 21:52:33 | 000,000,000 | -H-- | C] () -- C:\Users\Admin\Documents\Default.rdp
[2010/07/31 16:07:31 | 000,012,402 | ---- | C] () -- C:\Users\Admin\Documents\A little history about me.docx
[2010/07/31 16:07:05 | 000,020,167 | ---- | C] () -- C:\Users\Admin\Documents\Food PDHPE.docx
[2010/07/28 20:22:56 | 000,002,024 | ---- | C] () -- C:\Users\Admin\Math Homework.txt
[2010/07/28 19:25:30 | 000,004,314 | ---- | C] () -- C:\Users\Admin\Documents\GROWN_UPS.MDS
[2010/07/28 18:25:41 | 000,000,740 | ---- | C] () -- C:\Users\Admin\Desktop\YouTube - Chaser Ad Road Test - Subway (640x360 HQ) - Shortcut.lnk
[2010/07/27 21:14:08 | 000,000,892 | ---- | C] () -- C:\Users\Admin\Desktop\Free M4a to MP3 Converter.lnk
[2010/07/27 21:14:08 | 000,000,887 | ---- | C] () -- C:\Users\Admin\Desktop\My Music Tools.lnk
[2010/07/26 17:58:45 | 000,000,779 | ---- | C] () -- C:\Users\Admin\Desktop\m0d_s0beit_sa.DEV.2010-04-14.Mercurial.f4bb98d07523.Setup - Shortcut.lnk
[2010/07/25 15:20:34 | 000,000,162 | -H-- | C] () -- C:\Users\Admin\Documents\~$ family History PDHPE Assignment.docx
[2010/07/25 15:20:33 | 000,019,050 | ---- | C] () -- C:\Users\Admin\Documents\My family History PDHPE Assignment.docx
[2010/07/23 21:30:14 | 000,000,104 | ---- | C] () -- C:\Users\Admin\Desktop\Recycle Bin - Shortcut.lnk
[2010/07/21 19:40:33 | 000,117,229 | ---- | C] () -- C:\Users\Admin\Documents\Untitled (2).wma
[2010/07/20 17:07:33 | 000,036,409 | ---- | C] () -- C:\Users\Admin\Documents\Untitled.wma
[2010/07/20 16:25:25 | 000,000,758 | ---- | C] () -- C:\Users\Admin\Desktop\samp - Shortcut.lnk
[2010/07/19 19:04:34 | 000,000,641 | ---- | C] () -- C:\Users\Admin\Desktop\Golly - Shortcut.lnk
[2010/07/18 13:48:13 | 000,524,288 | ---- | C] () -- C:\Users\Admin\Desktop\1628 - Dragon Quest Monsters Joker (U)(Xenophobia).SAV
[2010/07/13 21:59:16 | 000,000,000 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2010/07/13 14:58:53 | 000,000,088 | ---- | C] () -- C:\Windows\galaxy.ini
[2010/07/10 08:41:29 | 000,000,897 | ---- | C] () -- C:\Users\Admin\Desktop\DTLite - Shortcut.lnk
[2010/07/10 08:41:25 | 000,000,885 | ---- | C] () -- C:\Users\Admin\Desktop\YASU - Shortcut.lnk
[2010/07/05 17:30:26 | 000,001,029 | ---- | C] () -- C:\Users\Admin\Desktop\PC User PerfectPC 2.0.lnk
[2010/07/05 16:39:47 | 000,000,954 | ---- | C] () -- C:\Users\Admin\Desktop\PC User YouGrab 3.lnk
[2010/07/01 19:22:41 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010/06/30 19:54:26 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2010/06/30 19:54:26 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2010/06/30 18:44:38 | 000,000,768 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010/06/28 17:00:50 | 000,000,818 | ---- | C] () -- C:\Users\Admin\Desktop\PeerBlock.lnk
[2010/06/27 12:15:06 | 000,000,072 | ---- | C] () -- C:\Users\Admin\Documents\Gho Shoot.persist
[2010/06/27 12:15:04 | 000,023,650 | ---- | C] () -- C:\Users\Admin\Documents\Gho Shoot.cap
[2010/06/26 18:26:54 | 000,364,030 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistMSI4E76.txt
[2010/06/26 18:26:53 | 000,015,354 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistUI4E76.txt
[2010/06/24 19:56:51 | 000,022,697 | ---- | C] () -- C:\Users\Admin\Desktop\moo....mp3
[2010/06/19 13:15:29 | 000,028,101 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_depcheckdotnetfx30.txt
[2010/06/19 13:15:24 | 000,032,000 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_dotnetfx3install.txt
[2010/06/19 13:15:24 | 000,000,604 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_dotnetfx3error.txt
[2010/06/14 13:29:23 | 000,031,919 | ---- | C] () -- C:\Users\Admin\Documents\Ds.wma
[2010/06/13 21:26:20 | 000,002,279 | ---- | C] () -- C:\Users\Admin\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2010/06/13 09:20:15 | 000,048,200 | ---- | C] () -- C:\Users\Admin\Documents\MassEffectConfigReport2010-06-13.xml
[2010/06/09 15:58:28 | 000,215,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/06/09 15:51:23 | 002,427,248 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010/05/31 16:31:50 | 000,422,018 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistMSI06F3.txt
[2010/05/31 16:31:50 | 000,011,140 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistUI06F3.txt
[2010/05/09 20:08:45 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010/05/09 20:08:45 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010/05/09 20:08:45 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/02/13 16:22:32 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2010/02/13 16:22:32 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010/01/16 16:40:03 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2010/01/03 14:19:27 | 000,324,360 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SQLCEToolsForVS2007_MSI75F2.txt
[2010/01/03 14:19:25 | 000,403,614 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SSCERuntime_MSI75EB.txt
[2010/01/03 14:17:04 | 010,833,356 | ---- | C] () -- C:\Users\Admin\AppData\Local\VSMsiLog741F.txt
[2010/01/03 14:14:45 | 000,099,209 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_depcheck_VB_EXP_90.txt
[2010/01/03 14:14:41 | 000,314,184 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_install_vb_xcor_90.txt
[2010/01/03 14:14:41 | 000,000,002 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_error_vb_xcor_90.txt
[2010/01/02 09:48:17 | 000,001,356 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d9caps.dat
[2010/01/01 08:10:14 | 000,028,094 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\OFMissionEditorConfig.xml
[2009/12/25 17:50:46 | 000,000,549 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\AutoGK.ini
[2009/12/21 14:57:00 | 000,398,420 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SharedManagementObjects_MSI1AF5.txt
[2009/12/21 14:56:57 | 000,183,144 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_SQLSysClrTypes_msi1AEB.txt
[2009/12/21 14:54:21 | 010,877,390 | ---- | C] () -- C:\Users\Admin\AppData\Local\VSMsiLog18ED.txt
[2009/12/21 14:54:16 | 000,202,590 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI18DD.txt
[2009/12/21 14:54:05 | 000,223,372 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_WinSDK_ExpTools_x64_MSI18B9.txt
[2009/12/21 14:52:58 | 005,362,064 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_WinSDK_Build_x64_MSI17DE.txt
[2009/12/21 14:52:50 | 001,214,510 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_ExpRemoteDbg_x64_MSI17C4.txt
[2009/12/21 14:52:34 | 000,432,970 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_VC_Red_MSI1790.txt
[2009/12/21 14:47:37 | 000,116,946 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_depcheck_VC_EXP_90.txt
[2009/12/21 14:47:32 | 000,460,720 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_install_vc_xcor_90.txt
[2009/12/21 14:47:32 | 000,010,940 | ---- | C] () -- C:\Users\Admin\AppData\Local\uxeventlog.txt
[2009/12/21 14:47:32 | 000,000,002 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_error_vc_xcor_90.txt
[2009/11/07 09:27:35 | 000,440,344 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistMSI30FA.txt
[2009/11/07 09:27:35 | 000,016,504 | ---- | C] () -- C:\Users\Admin\AppData\Local\dd_vcredistUI30FA.txt
[2009/11/04 19:16:28 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/09/10 18:59:49 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/10 18:58:17 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/07 17:35:33 | 000,024,226 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\UserTile.png
[2009/09/06 11:00:04 | 000,090,624 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/06 08:52:54 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2009/09/06 08:50:22 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/09/05 06:46:59 | 000,000,093 | ---- | C] () -- C:\Users\Admin\AppData\Local\fusioncache.dat
[2009/09/04 16:23:09 | 000,888,214 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/09/02 12:47:13 | 000,069,801 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/02 12:44:41 | 000,069,801 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/09/02 12:19:17 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009/09/02 12:09:17 | 000,000,732 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d9caps64.dat
[2008/01/21 12:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/03/06 09:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\AMV_DecDLL.dll
[2004/09/16 12:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\SysWow64\drivers\ADFUUD.SYS
[2003/05/08 02:25:22 | 000,002,497 | ---- | C] () -- C:\Windows\SysWow64\NSM 7 Student CD.ini
[2002/10/16 08:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

========== LOP Check ==========

[2010/01/15 13:56:18 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\acccore
[2010/06/07 18:27:16 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Activision
[2009/11/05 07:14:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Atari
[2010/08/31 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Azureus
[2010/03/21 16:32:30 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Bioshock
[2009/10/17 15:44:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Braid
[2009/10/09 15:34:56 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
[2010/08/26 07:48:33 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/07/12 20:12:28 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\fizzy
[2010/07/19 19:04:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Golly
[2009/11/26 16:47:22 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\GrabPro
[2009/12/25 19:30:39 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\HandBrake
[2009/10/03 17:54:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\HTNetMeter
[2009/09/07 19:34:49 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ImgBurn
[2010/08/14 13:03:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\LimeWire
[2009/11/21 10:53:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mobipocket
[2010/06/06 12:55:33 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mount&Blade
[2010/07/19 17:26:58 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nokia
[2010/06/30 18:44:44 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Opera
[2010/06/24 21:50:21 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Orbit
[2010/07/19 17:26:58 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PC Suite
[2010/08/28 15:19:08 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Perfect PC 2.0 Beta
[2010/08/21 20:29:55 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Petroglyph
[2009/11/07 09:30:58 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\runic games
[2010/07/16 14:48:29 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Scirra
[2009/12/26 09:16:39 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Sega
[2010/07/27 21:06:38 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Smart FLV Converter Pro
[2010/01/26 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\smc
[2010/07/07 17:06:09 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\SPORE
[2009/10/18 15:46:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\SystemRequirementsLab
[2010/06/04 17:04:46 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TeraCopy
[2010/08/27 18:36:34 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\tixati
[2010/08/28 11:02:53 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\UFOAI
[2010/08/26 18:19:13 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\uTorrent
[2010/05/09 20:28:59 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Xilisoft Corporation
[2010/08/31 21:33:00 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/01 17:25:02 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0019C1E7-F172-4530-B86E-647413BEF618}.job
[2010/09/01 17:36:59 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E6C9C280-F0A5-40B5-AD8B-F677E0311A7F}.job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2009/11/06 15:30:41 | 000,000,000 | ---D | M](C:\Users\Admin\Documents\????) -- C:\Users\Admin\Documents\마비노기
[2009/11/06 15:30:41 | 000,000,000 | ---D | C](C:\Users\Admin\Documents\????) -- C:\Users\Admin\Documents\마비노기
< End of report >





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users