Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HiJackThis Logs.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

HiJackThis Logs.

Unread postby Bezzy2829 » August 17th, 2010, 6:51 am

Most of the time when i click a link it brings up a random website instead and its getting annoying.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:36:03, on 17/08/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\vsnpstd3.exe
C:\Program Files\IWONGIE\bar\1.bin\vrbrmon.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe
C:\Users\Kieran\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B3PVQL95\windows-kb890830-v3.10[1].exe
c:\36d7cdc2edf0669fd0d810c6093fd3\mrtstub.exe
C:\Windows\system32\MRT.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9067
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
R3 - URLSearchHook: (no name) - {2ad11eb6-a327-4dfe-88bf-c6071e09f05b} - C:\Program Files\IWONGIE\bar\1.bin\vrSrcAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Toolbar BHO - {d6995d07-cd9b-4cc0-a22a-9e14684d6d64} - C:\PROGRA~1\IWONGIE\bar\1.bin\vrbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O3 - Toolbar: IWON - {43a3055a-6ff3-4aa5-90e6-18a10297cb53} - C:\Program Files\IWONGIE\bar\1.bin\vrbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "c:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [IWONGIE Browser Plugin Loader] C:\PROGRA~1\IWONGIE\bar\1.bin\vrbrmon.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [HKCU] C:\Users\Kieran\AppData\Roaming\winlog\server.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IWON Service (IWONGIEService) - IWON - C:\PROGRA~1\IWONGIE\bar\1.bin\vrbarsvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 11404 bytes


Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2
Adobe Reader 8.1.2
Adobe Shockwave Player 11.5
AMCap
AppCore
Apple Application Support
Apple Software Update
British Telecom
Browser Address Error Redirector
Call of Duty(R) 4 - Modern Warfare(TM)
Carbonite
ccCommon
Command & Conquer 3
Compatibility Pack for the 2007 Office system
Component Framework
Download Manager 2.3.10
EA SPORTS(TM) FIFA Online
Final Media Player 2010
Firefox
GameTracker Lite
Garry's Mod
Google BAE
Google Desktop
Google Earth
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
GoogleDesktop
GoogleToolbar
Half-Life 2
Half-Life 2: Episode One
Half-Life 2: Episode Two
HDReg
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ImTOO DVD Audio Ripper 6
Infocentre Rev. 2.0
Internet From BT
IWON
Java(TM) 6 Update 18
Junk Mail filter update
LimeWire 5.5.10
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
Metaboli
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Security Essentials
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft Works 9 SE
Microsoft® Office Trial 2007
Mozilla Firefox (2.0.0.11)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 8 Essentials
Nero 8 Essentials
neroxml
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
NVIDIA Display Control Panel
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Oxelon Media Converter 1.1
Packard Bell ImageWriter
Packard Bell LCD Test
Packard Bell Updator
Picasa 2
Picasa2
Pinnacle Instant DVD Recorder
Pinnacle Systems USB-2 Device Drivers
PlayStation(R)Network Downloader
Portal
Protect your files now
PunkBuster Services
PVSonyDll
QuickTime
RealPlayer
Realtek HD Audio V6.0.1.5618
Realtek High Definition Audio Driver
RealUpgrade 1.0
SeaTools for Windows
Security Update for 2007 Microsoft Office System (KB2277947)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for 2007 Microsoft Office System (KB982331)
Security Update for Microsoft Office Excel 2007 (KB982308)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2251419)
SetUp My PC
Skype 3.6.2.248
Skype™ 3.6
Sony Ericsson PC Companion 1.60.13
SPBBC 32bit
Steam
Symantec Real Time Storage Protection Component
Team Fortress 2
Tibia
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VCRedistSetup
Video NVIDIA V175.16
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
WinRAR archiver
Xfire (remove only)
XfireXO Toolbar
XPort 360
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am
Advertisement
Register to Remove

Re: HiJackThis Logs.

Unread postby MWR 3 day Mod » August 20th, 2010, 10:39 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: HiJackThis Logs.

Unread postby askey127 » August 21st, 2010, 7:12 am

Bezzy2829,
If you wish to proceed, there are quite a few things to do as we get started.
Just take one step at a time. While we are cleaning this, please don't install, remove, or scan with anything except what I ask.
-----------------------------------------------
Please Note Our Policy on the Use of P2P (Person to Person / Peer to Peer) file sharing programs
It is posted here: http://malwareremoval.com/forum/viewtopic.php?f=11&t=33112
As a condition of receiving our help, I have included the P2P program Limewire in the removal instructions below, so we are not wasting our time.
If you have used this, you can be fairly confident this is a principal reason your computer is infected

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Limewire, Vuze, Shareaza, Bitlord.
Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Some of the recent infections can turn your machine into a doorstop.
It's also very important to avoid any "cracks" or "Keygens" that allow unauthorized use of programs. Besides being illegal, these files also are loaded with "planted" malware.
-----------------------------------------------------------
There are some Issues with infections in relation to PunkBuster:
Your computer has installed gaming tools. Some of these, like Punkbuster, use spyware techniques to engage in the anti-piracy battle.
In the process, they take control of much of your PC, and they actually meet the definition of spyware/malware.
They are sometimes designed to prevent orderly removal or modification, and they have only limited respect for retaining the overall security and integrity of your machine.
It is not a certainty that your computer can be cleaned without breaking or removing some of these programs, and this could result in not being able to play the associated games, or corruption of your system.
Since we are dedicated to causing No Harm, we won't normally work on machines with this type of program installed without explicit permission from the owner.
If you want to continue using the machine in this way, you should consider using imaging software like Norton Ghost or Acronis TrueImage, or Terabyte Image, which can put your entire C: drive back into an earlier state whenever the infections or malfunctions get too severe.

If you really want to clean this machine, I will help, but if you so choose, understand there is NO assurance you will be able to do Punkbuster games afterwards.
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:
Adobe Reader 8.1.2
LimeWire 5.5.10
Java(TM) 6 Update 18
IWON

Take extra care in answering questions posed by any Uninstaller. Some questions may be worded to deceive you into Keeping the program.
----------------------------------------------
Run Temp File Cleaner
Download Temp File Cleaner and save it to your desktop.
Double click to run it. (Right click and Run as Administrator in Vista)
If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
When it's done, if it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
After Restart, log back in to your usual account.
------------------------------------------------------------
Download and Install the latest version of Java Runtime Environment from here : http://java.sun.com/javase/downloads/index.jsp, and install it to your computer.
In the first section on the page, labeled JDK 6 Update 21 (JDK or JRE), click on the button labeled Download JRE. Do NOT choose the button labeled "Download JDK".
Select the Platform Windows and check the box to agree to the license.
Choose the Windows Offline installation version and click on the link.
Download it, choose Save, and save it to your desktop.
Then doubleclick it on your desktop, (or right click and choose "Run as administrator" in Vista) and it will install the newest version of Java for you to use.
You can then remove the Installer from your desktop.
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.
All versions numbered lower than 9.33 are vulnerable.
Go HERE and click on AdbeRdr933_en_US.exe to download the latest version of Adobe Acrobat Reader.
Save this file to your desktop and run it (right-click and choose "Run as administrator") to install the latest version of Adobe Reader.
----------------------------------------------
Disable CD Emulator(s)
We need to use powerful tools to investigate your system. *If* you are are using a CD Emulator (Daemon Tools, Alcohol 120%, Astroburn, AnyDVD) be aware that they use hidden drivers with rootkit-like techniques to hide from other applications. When dealing with a malware infections, CD Emulators can interfere with investigative tools producing misleading or inaccurate scan results, false detection of legitimate files, cause unexpected crashes, BSODs, and general 'dross' which often makes it hard to differentiate between malicious rootkits and the legitimate drivers used by Emulators. Since CD Emulators use a hidden driver which can be seen as a rootkit and can interfere with investigative tools or cause other problems, we need to remove or disable them until disinfection is completed.

Please download DeFogger by jpshortstuff and save it to your desktop.
  • Double click DeFogger.exe to run the tool.
  • The application window will appear.
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue.
  • A 'Finished!' message will appear.
  • Click OK...DeFogger will now ask to reboot the machine...click OK. If not, reboot manually.
  • Do not re-enable these drivers until instructed or your system has been cleaned.
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
------------------------------------------------------------
Please download the GMER Rootkit Scanner from Here.
  • Right click the .exe file and chose Run as Administrator. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • IAT/EAT
    • Drives/Partition other than the System drive (which is typically C:\)
    • Show All (don't miss this one)
      See image below
      Image
  • Then click the Scan button & wait for it to finish
    **Caution** Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
  • Save it where you can easily find it, such as your desktop, and post it in your next reply
Note: Do not run any other programs while Gmer is running.

So we are looking for the results from Gmer, and any comments about how it goes..
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: HiJackThis Logs.

Unread postby Bezzy2829 » August 21st, 2010, 7:08 pm

Well I followed everything word by word but when i got onto the GMER bit i got the 'Blue screen' and the problem was 'Memory_Management' or something like that , any ideas ?
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am

Re: HiJackThis Logs.

Unread postby askey127 » August 22nd, 2010, 6:48 am

Bezzy2829,
Let's try a scan with a different tool.
-----------------------------------------------
Run RootRepeal
Download RootRepeal.zip from here & unzip it to your Desktop.
  • Double click RootRepeal.exe to start the program, or in Vista, right click and choose "Run as administrator"
  • Click the Report tab at the bottom of the program window
  • Click the Scan button
  • In the Select Scan dialog, check:
      Drivers
      Files
      Processes
      SSDT
      Stealth Objects
      Hidden Services
  • Click the OK button
  • In the next dialog, select every drive showing
  • Click OK to start the scan
Note: The scan can take some time. DO NOT run any other programs while the scan is running
==================================
Save the LOG:
  • When the scan is complete, the Save Report button will become available
  • Click this and save the report to your Desktop as RootRepeal.txt
  • Go to File then Exit to close the program
  • Post the contents of RootRepeal.txt in your next reply

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: HiJackThis Logs.

Unread postby Bezzy2829 » August 22nd, 2010, 7:22 am

i get a warning shortly after i click scan saying 'Could not read the boot sector. Try adjusting the Disk Access Level in the Options dialog.'
What should i do ?

--------------------------Edit!--------------------------

I clicked ok on the box that popped up , it continued to scan then i got another warning message that said 'Could not read system registry! Please contact the author!'
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am

Re: HiJackThis Logs.

Unread postby askey127 » August 22nd, 2010, 11:20 am

Bezzy2829,
---------------------------------------------
Please download OTL.exe by OldTimer and save it to your desktop.
  • For Vista or Win7, right click the icon and choose "Run as administrator".
  • Make sure all other windows are closed to let it run uninterrupted.
  • Copy the text in the code box below and paste it into the Custom Scans/Fixes box (under the cyan line at the bottom of the window)
    Code: Select all
    netsvcs
    drivers32 
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg 
    %systemroot%\*.jpg 
    %systemroot%\*.png 
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.* 
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav 
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x 
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %PROGRAMFILES%\Internet Explorer\*.dat
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.(presumably your desktop)
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: HiJackThis Logs.

Unread postby Bezzy2829 » August 22nd, 2010, 5:16 pm

Finally, no crashes or computer deaths ...

OTL Notepad --

OTL logfile created on: 22/08/2010 22:06:29 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kieran\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.09 Gb Total Space | 177.31 Gb Free Space | 61.98% Space Free | Partition Type: NTFS
Drive D: | 4.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIERAN-PC
Current User Name: Kieran
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
PRC - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/07/18 22:52:35 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/07/18 19:34:16 | 001,238,352 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/07/18 15:12:37 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/07/18 15:05:19 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/07/09 20:00:26 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/04/16 19:55:32 | 000,223,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) -- C:\Program Files\GameTracker\GSInGameService.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/12/08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2009/03/08 12:34:00 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ielowutil.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/05/07 15:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/07 15:09:06 | 000,306,112 | ---- | M] (Carbonite, Inc.) -- C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
PRC - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/02/04 11:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2008/01/21 03:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2006/09/19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe


========== Modules (SafeList) ==========

MOD - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
MOD - [2008/01/21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/21 03:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/08/06 01:31:18 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/22 02:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/15 09:09:12 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100821.004\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/07/15 09:09:12 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/07/15 09:09:12 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/07/15 09:09:12 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100821.004\NAVENG.SYS -- (NAVENG)
DRV - [2010/06/23 20:37:10 | 000,281,648 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100810.002\IDSvix86.sys -- (IDSvix86)
DRV - [2010/04/03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/05/25 06:50:44 | 000,164,864 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 13:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/06/06 18:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/06/06 18:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/05/07 18:22:50 | 002,134,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/01/31 19:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 19:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 19:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/12 15:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/08/08 18:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/03/27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9067
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/18 22:53:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/08 21:31:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/21 23:39:21 | 000,000,000 | ---D | M]

[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions
[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/08/06 01:23:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\packardbell@partners.mozilla.com
[2008/08/06 01:23:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/11/28 20:31:59 | 000,067,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2007/11/28 20:31:59 | 000,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2007/11/28 20:31:59 | 000,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2007/11/28 20:31:59 | 000,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2007/11/28 20:31:59 | 000,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2010/08/21 23:31:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/06/15 11:24:15 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2006/06/15 11:24:15 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2006/06/15 11:24:15 | 000,001,077 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2006/09/11 15:39:34 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [USBToolTip] c:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [HKCU] C:\Users\Kieran\AppData\Roaming\winlog\server.exe ()
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab (CDownloadCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell - "" = AutoRun
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell\AutoRun\command - "" = E:\Startme.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\Windows\System32\emYUV.dll (Microsoft Corporation)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 90 Days ==========

[2010/08/22 22:05:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 12:19:20 | 000,472,064 | ---- | C] ( ) -- C:\Users\Kieran\Desktop\RootRepeal.exe
[2010/08/22 00:05:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/08/21 23:36:07 | 042,459,072 | ---- | C] ( ) -- C:\Users\Kieran\Desktop\AdbeRdr933_en_US.exe
[2010/08/21 23:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/21 23:22:26 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/19 16:48:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Random
[2010/08/19 16:48:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Games
[2010/08/19 16:47:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Vids n Pics
[2010/08/17 11:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/15 16:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\IWONGEI
[2010/08/15 04:11:56 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2010/08/15 02:41:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Downloads
[2010/08/15 02:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/08/14 02:09:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\IGN_DLM
[2010/08/14 02:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager
[2010/08/14 00:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/08/13 22:11:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\RCube
[2010/08/11 08:53:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/08/09 16:27:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Sony Ericsson
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/08/09 15:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/08/09 15:19:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Apple
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010/08/09 15:12:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2010/08/09 14:55:19 | 000,114,728 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdm.sys
[2010/08/09 14:55:19 | 000,109,864 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018unic.sys
[2010/08/09 14:55:19 | 000,106,208 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mgmt.sys
[2010/08/09 14:55:19 | 000,104,744 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018obex.sys
[2010/08/09 14:55:19 | 000,086,824 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018bus.sys
[2010/08/09 14:55:19 | 000,026,024 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018nd5.sys
[2010/08/09 14:55:19 | 000,015,016 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdfl.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018whnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018wh.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cmnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cm.sys
[2010/08/09 14:55:19 | 000,010,792 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cr.sys
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010/08/09 14:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2010/08/08 21:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2010/07/26 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\dvdcss
[2010/07/26 11:45:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/26 11:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\ImTOO
[2010/07/26 11:24:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\LimeWire
[2010/07/26 11:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/07/26 11:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/07/26 11:21:55 | 000,000,000 | ---D | C] -- C:\Program Files\LimeWire
[2010/07/26 01:19:37 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Mods
[2010/07/25 00:32:51 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:24 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:04 | 000,000,000 | RH-D | C] -- C:\Users\Kieran\AppData\Roaming\SecuROM
[2010/07/24 23:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/07/21 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/07/21 16:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\FinalMediaPlayer
[2010/07/21 16:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2010/07/20 20:33:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\VIDEO_TS
[2010/07/20 19:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\BreakPoint Software
[2010/07/20 19:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Noel Danjou
[2010/07/20 19:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/20 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Adobe
[2010/07/20 17:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/07/19 22:45:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\InstantCDDVD
[2010/07/19 22:44:58 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Pinnacle
[2010/07/19 22:44:49 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Pinnacle
[2010/07/19 22:42:57 | 000,045,056 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emVFW.dll
[2010/07/19 22:42:57 | 000,032,768 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emProp.ax
[2010/07/19 22:42:57 | 000,024,269 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emStream.sys
[2010/07/19 22:42:57 | 000,009,739 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emUSD.dll
[2010/07/19 22:42:57 | 000,005,245 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emFilter.sys
[2010/07/19 22:42:57 | 000,004,493 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emScan.sys
[2010/07/19 22:42:56 | 000,100,957 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emDevice.sys
[2010/07/19 22:42:56 | 000,073,728 | ---- | C] (Pinnacle Systems) -- C:\Windows\System32\PCLECoInst.dll
[2010/07/19 22:41:58 | 000,884,736 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMUIRes.dll
[2010/07/19 22:41:58 | 000,012,288 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMLRes.dll
[2010/07/19 22:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2010/07/19 21:32:28 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\PunkBuster
[2010/07/19 21:32:17 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\EA SPORTS(TM) FIFA Online
[2010/07/19 18:43:55 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2010/07/19 18:43:41 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Downloaded Installations
[2010/07/18 23:35:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/18 23:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\Datel
[2010/07/18 23:27:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\WinRAR
[2010/07/18 23:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\GameTuts
[2010/07/18 22:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/07/18 22:52:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/07/18 22:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/07/18 22:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/07/18 22:52:26 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Real
[2010/07/18 22:51:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/07/18 22:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\OxelonMedia
[2010/07/18 21:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/07/18 21:10:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft Help
[2010/07/18 20:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/07/18 19:42:25 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010/07/18 19:41:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
[2010/07/18 19:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\GameTracker
[2010/07/18 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/07/18 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Mozilla
[2010/07/18 19:35:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Xfire
[2010/07/18 19:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010/07/18 19:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/07/18 19:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/07/18 19:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/07/18 15:37:39 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music
[2010/07/18 15:30:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music Idisgo
[2010/07/18 15:21:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Macromedia
[2010/07/18 15:20:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Tracing
[2010/07/18 15:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/07/18 15:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/07/18 15:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/07/18 15:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/07/18 15:12:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/07/18 15:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/07/18 15:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/07/18 15:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/07/18 15:02:46 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Adobe
[2010/07/18 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Google
[2010/07/18 14:51:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symantec
[2010/07/18 14:43:14 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\My Google Gadgets
[2010/07/18 14:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/07/18 14:43:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Google
[2010/07/18 14:42:40 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Packard Bell
[2010/07/18 14:42:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Symantec
[2010/07/18 14:42:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/07/18 14:42:14 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Searches
[2010/07/18 14:42:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Identities
[2010/07/18 14:42:05 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Contacts
[2010/07/18 14:42:04 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\VirtualStore
[2010/07/18 14:36:20 | 000,000,000 | --SD | C] -- C:\Users\Kieran\AppData\Roaming\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Videos
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Saved Games
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Pictures
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Music
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Links
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Favorites
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Downloads
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Documents
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Desktop
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Temporary Internet Files
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Templates
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Start Menu
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\SendTo
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Recent
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\PrintHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\NetHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Videos
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Pictures
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Music
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\My Documents
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Local Settings
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\History
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Cookies
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -H-D | C] -- C:\Users\Kieran\AppData
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Temp
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Media Center Programs
[2010/07/18 14:29:21 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/07/18 14:27:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2007/03/12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll

========== Files - Modified Within 90 Days ==========

[2010/08/22 22:11:36 | 002,621,440 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT
[2010/08/22 22:10:43 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/08/22 22:08:30 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/22 22:08:30 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/22 22:08:30 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 22:03:02 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/22 22:03:01 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/22 22:02:45 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/22 22:02:45 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/08/22 22:01:30 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/08/22 22:01:30 | 000,065,536 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/08/22 22:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/22 22:01:06 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/22 22:01:02 | 000,000,314 | -HS- | M] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/22 22:01:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/22 22:01:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/22 22:00:57 | 3220,418,560 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/22 14:58:07 | 002,813,885 | -H-- | M] () -- C:\Users\Kieran\AppData\Local\IconCache.db
[2010/08/22 14:30:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/08/22 14:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/22 12:20:07 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:12 | 000,464,491 | ---- | M] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,680 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/08/22 00:14:42 | 000,000,552 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:26 | 317,705,964 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:56 | 000,293,376 | ---- | M] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:46 | 000,050,477 | ---- | M] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/21 23:39:21 | 000,001,850 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/21 23:36:12 | 042,459,072 | ---- | M] ( ) -- C:\Users\Kieran\Desktop\AdbeRdr933_en_US.exe
[2010/08/21 23:22:36 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/21 03:08:31 | 000,022,528 | ---- | M] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/21 00:44:05 | 000,224,960 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/08/21 00:39:01 | 000,137,944 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/08/20 23:43:36 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/08/14 00:51:39 | 000,022,328 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/08/13 09:22:46 | 000,324,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/12 00:35:07 | 000,063,977 | -H-- | M] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2010/08/09 16:27:06 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,057,344 | RHS- | M] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:05 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:42 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:07 | 000,000,887 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:11:07 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/20 08:08:54 | 000,080,544 | ---- | M] () -- C:\Users\Kieran\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/19 22:44:42 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 20:21:24 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:52:37 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:51:50 | 000,000,573 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | M] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 19:42:25 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:35:53 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 19:35:19 | 000,000,799 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:20:06 | 000,000,946 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 14:54:16 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/07/18 14:52:15 | 000,010,635 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/07/18 14:52:15 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/07/18 14:36:20 | 000,000,020 | -HS- | M] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:33:20 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/07/09 20:00:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll

========== Files Created - No Company Name ==========

[2010/08/22 12:20:07 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:09 | 000,464,491 | ---- | C] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,552 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:08 | 317,705,964 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:53 | 000,293,376 | ---- | C] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:45 | 000,050,477 | ---- | C] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/21 23:39:21 | 000,001,850 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/09 16:27:06 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,000,314 | -HS- | C] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/09 16:04:56 | 000,057,344 | RHS- | C] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:04 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:39 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:08 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/07/21 16:28:07 | 000,000,887 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:12:23 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010/07/20 19:11:07 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/19 22:44:42 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 22:41:58 | 000,138,752 | ---- | C] () -- C:\Windows\System32\MASE32.DLL
[2010/07/19 22:41:58 | 000,136,192 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL
[2010/07/19 22:41:58 | 000,057,856 | ---- | C] () -- C:\Windows\System32\MASD32.DLL
[2010/07/19 22:41:57 | 000,196,096 | ---- | C] () -- C:\Windows\System32\MACD32.DLL
[2010/07/19 22:41:57 | 000,027,648 | ---- | C] () -- C:\Windows\System32\MA32.DLL
[2010/07/19 22:41:24 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/07/19 21:32:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/07/19 18:39:42 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/07/19 18:39:42 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/07/19 18:39:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/07/19 18:33:29 | 000,000,424 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:51:50 | 000,000,573 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | C] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 20:26:43 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/07/18 19:42:48 | 000,137,944 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/07/18 19:42:47 | 000,022,328 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/07/18 19:42:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/07/18 19:42:25 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:42:25 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/07/18 19:35:19 | 000,000,799 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 19:33:46 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 15:09:12 | 000,022,528 | ---- | C] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/18 15:07:32 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/18 15:07:31 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/18 15:07:25 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/07/18 15:01:42 | 000,000,946 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/07/18 14:44:27 | 000,000,548 | ---- | C] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 14:43:44 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/07/18 14:36:21 | 000,000,680 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/07/18 14:36:20 | 002,621,440 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/18 14:36:20 | 000,262,144 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG1
[2010/07/18 14:36:20 | 000,065,536 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/18 14:36:20 | 000,000,258 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/07/18 14:36:20 | 000,000,240 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/07/18 14:36:20 | 000,000,020 | -HS- | C] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:36:20 | 000,000,000 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG2
[2010/07/18 14:30:55 | 3220,418,560 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/04/08 03:16:43 | 000,063,977 | -H-- | C] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2004/02/27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

========== LOP Check ==========

[2010/08/21 03:58:47 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/18 23:35:45 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/21 20:08:17 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/08/21 03:29:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 23:04:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/08/15 04:09:12 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/07/26 11:45:11 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/18 22:51:56 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/08/09 15:17:08 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:18:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2005/09/01 04:55:35 | 000,000,000 | RHSD | M] -- C:\Users\Kieran\AppData\Roaming\winlog
[2010/08/22 22:02:45 | 000,000,388 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2010/08/22 14:30:00 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-Kieran.job
[2010/08/22 14:58:13 | 000,027,172 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/22 22:01:02 | 000,000,314 | -HS- | M] () -- C:\Windows\Tasks\TLKVMEJNOI.job
[2010/08/22 22:10:43 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008/01/21 03:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/08/06 09:52:35 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/08/22 22:00:57 | 3220,418,560 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/22 22:00:56 | 3534,221,312 | -HS- | M] () -- C:\pagefile.sys
[2010/08/22 12:19:56 | 000,000,016 | ---- | M] () -- C:\RootRepeal report 08-22-10 (12-19-56).txt
[2010/08/22 12:25:43 | 000,017,294 | ---- | M] () -- C:\RootRepeal report 08-22-10 (12-23-02).txt

< %systemroot%\Fonts\*.com >
[2006/11/02 13:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 13:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 13:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 13:37:12 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 22:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/04/17 00:04:40 | 000,306,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/21 03:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
[2002/07/26 17:02:06 | 000,153,088 | ---- | M] () -- C:\Program Files\UNWISE.EXE

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/07/18 15:36:20 | 000,000,286 | -HS- | M] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/08/21 23:36:12 | 042,459,072 | ---- | M] ( ) -- C:\Users\Kieran\Desktop\AdbeRdr933_en_US.exe
[2010/08/21 23:57:46 | 000,050,477 | ---- | M] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/22 00:01:56 | 000,293,376 | ---- | M] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2009/08/13 11:14:18 | 000,472,064 | ---- | M] ( ) -- C:\Users\Kieran\Desktop\RootRepeal.exe
[2010/08/21 23:22:36 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >
[2004/02/27 16:36:18 | 000,013,023 | ---- | M] () -- C:\Windows\snpstd3.src

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-08-13 08:27:23

< >
< End of report >
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am

Re: HiJackThis Logs.

Unread postby Bezzy2829 » August 22nd, 2010, 5:19 pm

Extras log --

OTL Extras logfile created on: 22/08/2010 22:06:29 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kieran\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 55.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.09 Gb Total Space | 177.31 Gb Free Space | 61.98% Space Free | Partition Type: NTFS
Drive D: | 4.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIERAN-PC
Current User Name: Kieran
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0317C576-0B85-4343-8940-8958B1326FD0}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{4AB04A4B-FD48-4A98-910D-77E2D322B48C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{645FBB29-3444-4A95-92DC-9F509247D75B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7CC2EF20-00A7-461F-937A-5E8B8EE03AF7}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05AC2A94-8942-4D10-913E-8736B850841A}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{0FBA8A08-2C4E-4823-96C4-BB3CD261C49E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{0FD76A67-41EE-4F4D-A1D6-0D0A69463ED8}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{25AC2917-20CD-450B-AA3D-EB226C928F5B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{282373F9-D51B-4ACC-B319-A28BD494B8B6}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{2A262777-DCB6-4AC5-B6E3-BCC49EE7E559}" = dir=in | app=c:\program files\finalmediaplayer\fmpcheckforupdates.exe |
"{3A69BFE6-19A4-4676-8907-1309DFE993DA}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{43A1E8AF-05FC-4247-9EAD-826E0A72DB98}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{A3E4BC22-34BF-4047-A3CE-65E262E50CDB}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{B0656F1D-7AC2-471E-B778-FFD1E4D24683}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B1F14101-9D7A-4A23-8766-D34745C78C1B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B7AD64BE-4407-4A84-8CE0-2DA69A1117A9}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{C28A1579-71B9-48A2-B26E-661AD73A5E38}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E4A9064A-7A8B-47E6-85A6-9A27B893AA75}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{F120B2E7-791F-4460-9B6F-E5E19F65B822}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{F31E62F4-8855-4231-A7C9-9F36A90F3903}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1C61C87D-DB8E-4E8A-900C-293C569DC211}" = Internet From BT
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{308B07B6-8FA3-4A43-8729-D0993189D1E7}" = SymNet
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3559CDE0-11FC-4D7B-A65C-D646035B1033}" = Nero 8 Essentials
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6FE3B0CE-37C1-4825-908A-5A84C9B4EC2F}" = EA SPORTS(TM) FIFA Online
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9870C7AE-7C6A-478D-9A75-35827382220F}" = Pinnacle Systems USB-2 Device Drivers
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB7032FF-AFED-4C58-AA5C-8473B273793A}" = HDReg
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}" = Adobe Flash Player 10 Plugin
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AMCap" = AMCap
"AUDIO_REALTEK" = Realtek HD Audio V6.0.1.5618
"BT_GB" = British Telecom
"Carbonite" = Carbonite
"Carbonite Setup Lite" = Protect your files now
"Download Manager" = Download Manager 2.3.10
"FinalMediaPlayer_is1" = Final Media Player 2010
"FirefoxGB" = Firefox
"GameTracker Lite" = GameTracker Lite
"Google Desktop" = Google Desktop
"GOOGLE_EARTH" = Google Earth
"GoogleBAE" = Google BAE
"GoogleDesktop_XX" = GoogleDesktop
"GoogleToolbar" = GoogleToolbar
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImageWriter" = Packard Bell ImageWriter
"ImTOO DVD Audio Ripper" = ImTOO DVD Audio Ripper 6
"Infocentre" = Infocentre Rev. 2.0
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LCDTest" = Packard Bell LCD Test
"METABOLI" = Metaboli
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (2.0.0.11)" = Mozilla Firefox (2.0.0.11)
"Nero8" = Nero 8 Essentials
"NIS2008_GB" = Norton Internet Security
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OFF2k7_UK" = Microsoft® Office Trial 2007
"Oxelon Media Converter_is1" = Oxelon Media Converter 1.1
"Picasa_2" = Picasa2
"Picasa2" = Picasa 2
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"SETUPMYPC_GB" = SetUp My PC
"SKYPE" = Skype 3.6.2.248
"Steam App 220" = Half-Life 2
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"Tibia_is1" = Tibia
"Updator" = Packard Bell Updator
"VIDEO_NVIDIA_GOB" = Video NVIDIA V175.16
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"works9se" = Microsoft Works 9 SE
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
"XPort 360_is1" = XPort 360

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17/08/2010 06:44:51 | Computer Name = Kieran-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 17/08/2010 06:44:51 | Computer Name = Kieran-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 17/08/2010 09:23:33 | Computer Name = Kieran-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18943 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 13b0 Start Time: 01cb3df94dbad1fb Termination Time: 0

Error - 18/08/2010 15:42:42 | Computer Name = Kieran-PC | Source = WinMgmt | ID = 10
Description =

Error - 18/08/2010 17:45:54 | Computer Name = Kieran-PC | Source = Application Hang | ID = 1002
Description = The program hl2.exe version 0.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 360 Start Time: 01cb3f1ea7b109b3 Termination Time: 611

Error - 18/08/2010 17:46:17 | Computer Name = Kieran-PC | Source = Application Hang | ID = 1002
Description = The program hl2.exe version 0.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1640 Start Time: 01cb3f1ebf0b6e73 Termination Time: 29

Error - 19/08/2010 11:44:36 | Computer Name = Kieran-PC | Source = WinMgmt | ID = 10
Description =

Error - 20/08/2010 16:59:17 | Computer Name = Kieran-PC | Source = WinMgmt | ID = 10
Description =

Error - 20/08/2010 19:17:00 | Computer Name = Kieran-PC | Source = WinMgmt | ID = 10
Description =

Error - 20/08/2010 21:06:38 | Computer Name = Kieran-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4c525184,
faulting module client.dll, version 0.0.0.0, time stamp 0x4c32f22c, exception code
0xc0000005, fault offset 0x00236c12, process id 0x1368, application start time 0x01cb40c1d1cc1316.

[ System Events ]
Error - 15/08/2010 16:54:21 | Computer Name = Kieran-PC | Source = HTTP | ID = 15016
Description =

Error - 16/08/2010 12:48:19 | Computer Name = Kieran-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.64 for the Network Card with network
address 002197257C11 has been denied by the DHCP server 192.168.1.254 (The DHCP
Server sent a DHCPNACK message).

Error - 16/08/2010 12:48:19 | Computer Name = Kieran-PC | Source = HTTP | ID = 15016
Description =

Error - 17/08/2010 05:57:51 | Computer Name = Kieran-PC | Source = HTTP | ID = 15016
Description =

Error - 17/08/2010 06:40:36 | Computer Name = Kieran-PC | Source = HTTP | ID = 15016
Description =

Error - 18/08/2010 15:41:04 | Computer Name = Kieran-PC | Source = HTTP | ID = 15016
Description =

Error - 19/08/2010 11:44:04 | Computer Name = Kieran-PC | Source = HTTP | ID = 15016
Description =

Error - 20/08/2010 16:57:38 | Computer Name = Kieran-PC | Source = HTTP | ID = 15016
Description =

Error - 20/08/2010 19:15:05 | Computer Name = Kieran-PC | Source = DCOM | ID = 10010
Description =

Error - 20/08/2010 19:16:22 | Computer Name = Kieran-PC | Source = HTTP | ID = 15016
Description =


< End of report >
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am

Re: HiJackThis Logs.

Unread postby askey127 » August 23rd, 2010, 3:18 pm

Bezzy2829,
------------------------------------------------------------
Backup Your Registry with ERUNT:
  • Download erunt.zip to your Desktop from here:
    http://aumha.org/downloads/erunt.zip
  • Right-click erunt.zip, select Extract All... and follow the prompts to extract ERUNT to your Desktop. It will create a new folder.
  • Inside the new folder, right click ERUNT.exe and choose "Run as administrator"
  • OK all the prompts to back up your registry to the default location.
Note: If you ever need to restore your registry later, you would go to the default backup folder and start ERDNT.exe
(The default backup folder is C:\Windows\ERDNT\ and the backups are saved according to date stamp)
-----------------------------------------------------------
Remove Registry items with HighjackThis. Start HijackThis. (Right-click and "Run as administrator" in Vista/Win7)
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
----------------------------------------------
Run OTL (Right Click and "Run as administrator")
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    MSASCui.exe
    
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{282373F9-D51B-4ACC-B319-A28BD494B8B6}" =-
    "{3A69BFE6-19A4-4676-8907-1309DFE993DA}" =-
    
    :Files
    C:\Program Files\LimeWire\
    C:\Users\Kieran\Documents\LimeWire
    
    :Commands
    [emptytemp]
    [Reboot]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
-----------------------------------------------------------
Submit a file to Jotti
Please go here : http://virusscan.jotti.org/
On top of the page there is a field to add the filepath.
Copy and paste this filepath:
C:\Users\Kieran\AppData\Roaming\winlog\server.exe

Then hit Submit or Upload, depending on the scanner.
The scan will take a while before the result comes up so please be patient.
Then copy and/or save the result and post it here in this thread.

If Jotti's service load is too high, you can use the following scanner instead:
http://www.virustotal.com/xhtml/index_en.html
or virus.org here: http://scanner.virus.org/
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: HiJackThis Logs.

Unread postby Bezzy2829 » August 23rd, 2010, 5:56 pm

OTL logfile created on: 23/08/2010 22:50:13 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kieran\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.09 Gb Total Space | 176.98 Gb Free Space | 61.86% Space Free | Partition Type: NTFS
Drive D: | 4.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIERAN-PC
Current User Name: Kieran
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/23 22:30:49 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
PRC - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010/08/15 16:06:00 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe
PRC - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/07/18 22:52:35 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/07/18 15:12:37 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/07/18 15:05:19 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/07/09 20:00:26 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/04/16 19:55:32 | 000,223,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) -- C:\Program Files\GameTracker\GSInGameService.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/12/08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/05/07 15:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/07 15:09:06 | 000,306,112 | ---- | M] (Carbonite, Inc.) -- C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
PRC - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/02/04 11:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2006/09/19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe


========== Modules (SafeList) ==========

MOD - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
MOD - [2008/01/21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/21 03:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/08/06 01:31:18 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/22 02:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/15 09:09:12 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100823.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/07/15 09:09:12 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/07/15 09:09:12 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/07/15 09:09:12 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100823.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/06/23 20:37:10 | 000,281,648 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100810.002\IDSvix86.sys -- (IDSvix86)
DRV - [2010/04/03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/05/25 06:50:44 | 000,164,864 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 13:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/06/06 18:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/06/06 18:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/05/07 18:22:50 | 002,134,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/01/31 19:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 19:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 19:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/12 15:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/08/08 18:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/03/27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9067
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/18 22:53:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/08 21:31:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/21 23:39:21 | 000,000,000 | ---D | M]

[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions
[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/08/06 01:23:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\packardbell@partners.mozilla.com
[2008/08/06 01:23:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/11/28 20:31:59 | 000,067,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2007/11/28 20:31:59 | 000,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2007/11/28 20:31:59 | 000,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2007/11/28 20:31:59 | 000,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2007/11/28 20:31:59 | 000,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2010/08/21 23:31:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/06/15 11:24:15 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2006/06/15 11:24:15 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2006/06/15 11:24:15 | 000,001,077 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2006/09/11 15:39:34 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [USBToolTip] c:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [HKCU] C:\Users\Kieran\AppData\Roaming\winlog\server.exe ()
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab (CDownloadCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell - "" = AutoRun
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell\AutoRun\command - "" = E:\Startme.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/23 22:45:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/23 22:35:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/23 22:34:53 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\erunt
[2010/08/22 22:05:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 12:19:20 | 000,472,064 | ---- | C] ( ) -- C:\Users\Kieran\Desktop\RootRepeal.exe
[2010/08/22 00:05:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/08/21 23:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/21 23:22:26 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/19 16:48:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Random
[2010/08/19 16:48:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Games
[2010/08/19 16:47:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Vids n Pics
[2010/08/17 11:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/15 16:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\IWONGEI
[2010/08/15 04:11:56 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2010/08/15 02:41:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Downloads
[2010/08/15 02:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/08/14 02:09:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\IGN_DLM
[2010/08/14 02:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager
[2010/08/14 00:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/08/13 22:11:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\RCube
[2010/08/11 08:53:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/08/09 16:27:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Sony Ericsson
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/08/09 15:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/08/09 15:19:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Apple
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010/08/09 15:12:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2010/08/09 14:55:19 | 000,114,728 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdm.sys
[2010/08/09 14:55:19 | 000,109,864 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018unic.sys
[2010/08/09 14:55:19 | 000,106,208 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mgmt.sys
[2010/08/09 14:55:19 | 000,104,744 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018obex.sys
[2010/08/09 14:55:19 | 000,086,824 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018bus.sys
[2010/08/09 14:55:19 | 000,026,024 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018nd5.sys
[2010/08/09 14:55:19 | 000,015,016 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdfl.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018whnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018wh.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cmnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cm.sys
[2010/08/09 14:55:19 | 000,010,792 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cr.sys
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010/08/09 14:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2010/08/08 21:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2010/07/26 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\dvdcss
[2010/07/26 11:45:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/26 11:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\ImTOO
[2010/07/26 11:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/07/26 11:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/07/26 01:19:37 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Mods
[2010/07/25 00:32:51 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:24 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:04 | 000,000,000 | RH-D | C] -- C:\Users\Kieran\AppData\Roaming\SecuROM
[2010/07/24 23:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/07/21 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/07/21 16:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\FinalMediaPlayer
[2010/07/21 16:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2010/07/20 20:33:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\VIDEO_TS
[2010/07/20 19:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\BreakPoint Software
[2010/07/20 19:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Noel Danjou
[2010/07/20 19:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/20 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Adobe
[2010/07/20 17:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/07/19 22:45:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\InstantCDDVD
[2010/07/19 22:44:58 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Pinnacle
[2010/07/19 22:44:49 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Pinnacle
[2010/07/19 22:42:57 | 000,045,056 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emVFW.dll
[2010/07/19 22:42:57 | 000,032,768 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emProp.ax
[2010/07/19 22:42:57 | 000,024,269 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emStream.sys
[2010/07/19 22:42:57 | 000,009,739 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emUSD.dll
[2010/07/19 22:42:57 | 000,005,245 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emFilter.sys
[2010/07/19 22:42:57 | 000,004,493 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emScan.sys
[2010/07/19 22:42:56 | 000,100,957 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emDevice.sys
[2010/07/19 22:42:56 | 000,073,728 | ---- | C] (Pinnacle Systems) -- C:\Windows\System32\PCLECoInst.dll
[2010/07/19 22:41:58 | 000,884,736 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMUIRes.dll
[2010/07/19 22:41:58 | 000,012,288 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMLRes.dll
[2010/07/19 22:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2010/07/19 21:32:28 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\PunkBuster
[2010/07/19 21:32:17 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\EA SPORTS(TM) FIFA Online
[2010/07/19 18:43:55 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2010/07/19 18:43:41 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Downloaded Installations
[2010/07/18 23:35:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/18 23:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\Datel
[2010/07/18 23:27:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\WinRAR
[2010/07/18 23:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\GameTuts
[2010/07/18 22:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/07/18 22:52:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/07/18 22:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/07/18 22:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/07/18 22:52:26 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Real
[2010/07/18 22:51:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/07/18 22:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\OxelonMedia
[2010/07/18 21:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/07/18 21:10:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft Help
[2010/07/18 20:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/07/18 19:42:25 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010/07/18 19:41:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
[2010/07/18 19:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\GameTracker
[2010/07/18 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/07/18 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Mozilla
[2010/07/18 19:35:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Xfire
[2010/07/18 19:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010/07/18 19:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/07/18 19:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/07/18 19:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/07/18 15:37:39 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music
[2010/07/18 15:30:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music Idisgo
[2010/07/18 15:21:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Macromedia
[2010/07/18 15:20:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Tracing
[2010/07/18 15:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/07/18 15:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/07/18 15:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/07/18 15:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/07/18 15:12:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/07/18 15:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/07/18 15:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/07/18 15:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/07/18 15:02:46 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Adobe
[2010/07/18 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Google
[2010/07/18 14:51:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symantec
[2010/07/18 14:43:14 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\My Google Gadgets
[2010/07/18 14:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/07/18 14:43:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Google
[2010/07/18 14:42:40 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Packard Bell
[2010/07/18 14:42:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Symantec
[2010/07/18 14:42:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/07/18 14:42:14 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Searches
[2010/07/18 14:42:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Identities
[2010/07/18 14:42:05 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Contacts
[2010/07/18 14:42:04 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\VirtualStore
[2010/07/18 14:36:20 | 000,000,000 | --SD | C] -- C:\Users\Kieran\AppData\Roaming\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Videos
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Saved Games
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Pictures
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Music
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Links
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Favorites
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Downloads
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Documents
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Desktop
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Temporary Internet Files
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Templates
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Start Menu
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\SendTo
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Recent
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\PrintHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\NetHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Videos
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Pictures
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Music
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\My Documents
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Local Settings
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\History
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Cookies
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -H-D | C] -- C:\Users\Kieran\AppData
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Temp
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Media Center Programs
[2010/07/18 14:29:21 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/07/18 14:27:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2007/03/12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll

========== Files - Modified Within 90 Days ==========

[2010/08/23 22:55:23 | 002,621,440 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT
[2010/08/23 22:48:31 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/23 22:48:30 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/23 22:48:07 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/23 22:48:07 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/08/23 22:47:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/23 22:47:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/23 22:47:56 | 000,000,314 | -HS- | M] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/23 22:47:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/23 22:47:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/23 22:47:50 | 3220,406,272 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/23 22:46:58 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/08/23 22:46:58 | 000,065,536 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/08/23 22:37:13 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/23 22:37:13 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/23 22:37:13 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/23 22:34:32 | 000,513,320 | ---- | M] () -- C:\Users\Kieran\Desktop\erunt.zip
[2010/08/23 22:31:14 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/08/23 17:30:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/08/23 17:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/23 01:15:25 | 002,814,309 | -H-- | M] () -- C:\Users\Kieran\AppData\Local\IconCache.db
[2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 12:20:07 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:12 | 000,464,491 | ---- | M] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,680 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/08/22 00:14:42 | 000,000,552 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:26 | 317,705,964 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:56 | 000,293,376 | ---- | M] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:46 | 000,050,477 | ---- | M] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/21 23:22:36 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/21 03:08:31 | 000,022,528 | ---- | M] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/21 00:44:05 | 000,224,960 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/08/21 00:39:01 | 000,137,944 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/08/20 23:43:36 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/08/17 11:35:54 | 000,001,837 | ---- | M] () -- C:\Users\Kieran\Desktop\HijackThis.lnk
[2010/08/14 00:51:39 | 000,022,328 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/08/13 09:22:46 | 000,324,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/12 00:35:07 | 000,063,977 | -H-- | M] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2010/08/09 16:27:06 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,057,344 | RHS- | M] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:05 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:42 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:07 | 000,000,887 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:11:07 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/20 08:08:54 | 000,080,544 | ---- | M] () -- C:\Users\Kieran\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/19 22:44:42 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 20:21:24 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:52:37 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:51:50 | 000,000,573 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | M] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 19:42:25 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:35:53 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 19:35:19 | 000,000,799 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:20:06 | 000,000,946 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 14:54:16 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/07/18 14:52:15 | 000,010,635 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/07/18 14:52:15 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/07/18 14:36:20 | 000,000,020 | -HS- | M] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:33:20 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/07/09 20:00:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll

========== Files Created - No Company Name ==========

[2010/08/23 22:34:30 | 000,513,320 | ---- | C] () -- C:\Users\Kieran\Desktop\erunt.zip
[2010/08/22 12:20:07 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:09 | 000,464,491 | ---- | C] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,552 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:08 | 317,705,964 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:53 | 000,293,376 | ---- | C] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:45 | 000,050,477 | ---- | C] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/17 11:35:54 | 000,001,837 | ---- | C] () -- C:\Users\Kieran\Desktop\HijackThis.lnk
[2010/08/09 16:27:06 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,000,314 | -HS- | C] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/09 16:04:56 | 000,057,344 | RHS- | C] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:04 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:39 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:08 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/07/21 16:28:07 | 000,000,887 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:12:23 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010/07/20 19:11:07 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/19 22:44:42 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 22:41:58 | 000,138,752 | ---- | C] () -- C:\Windows\System32\MASE32.DLL
[2010/07/19 22:41:58 | 000,136,192 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL
[2010/07/19 22:41:58 | 000,057,856 | ---- | C] () -- C:\Windows\System32\MASD32.DLL
[2010/07/19 22:41:57 | 000,196,096 | ---- | C] () -- C:\Windows\System32\MACD32.DLL
[2010/07/19 22:41:57 | 000,027,648 | ---- | C] () -- C:\Windows\System32\MA32.DLL
[2010/07/19 22:41:24 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/07/19 21:32:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/07/19 18:39:42 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/07/19 18:39:42 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/07/19 18:39:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/07/19 18:33:29 | 000,000,424 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:51:50 | 000,000,573 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | C] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 20:26:43 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/07/18 19:42:48 | 000,137,944 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/07/18 19:42:47 | 000,022,328 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/07/18 19:42:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/07/18 19:42:25 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:42:25 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/07/18 19:35:19 | 000,000,799 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 19:33:46 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 15:09:12 | 000,022,528 | ---- | C] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/18 15:07:32 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/18 15:07:31 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/18 15:07:25 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/07/18 15:01:42 | 000,000,946 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/07/18 14:44:27 | 000,000,548 | ---- | C] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 14:43:44 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/07/18 14:36:21 | 000,000,680 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/07/18 14:36:20 | 002,621,440 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/18 14:36:20 | 000,262,144 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG1
[2010/07/18 14:36:20 | 000,065,536 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/18 14:36:20 | 000,000,258 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/07/18 14:36:20 | 000,000,240 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/07/18 14:36:20 | 000,000,020 | -HS- | C] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:36:20 | 000,000,000 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG2
[2010/07/18 14:30:55 | 3220,406,272 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/04/08 03:16:43 | 000,063,977 | -H-- | C] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2004/02/27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

========== LOP Check ==========

[2010/08/21 03:58:47 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/18 23:35:45 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/21 20:08:17 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/08/21 03:29:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 23:04:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/08/15 04:09:12 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/07/26 11:45:11 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/18 22:51:56 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/08/09 15:17:08 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:18:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2005/09/01 04:55:35 | 000,000,000 | RHSD | M] -- C:\Users\Kieran\AppData\Roaming\winlog
[2010/08/23 22:48:07 | 000,000,388 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2010/08/23 17:30:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-Kieran.job
[2010/08/23 22:47:00 | 000,029,032 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/23 22:47:56 | 000,000,314 | -HS- | M] () -- C:\Windows\Tasks\TLKVMEJNOI.job
[2010/08/23 22:31:14 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job

========== Purity Check ==========


< End of report >
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am

Re: HiJackThis Logs.

Unread postby Bezzy2829 » August 23rd, 2010, 5:56 pm

OTL logfile created on: 23/08/2010 22:50:13 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kieran\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.09 Gb Total Space | 176.98 Gb Free Space | 61.86% Space Free | Partition Type: NTFS
Drive D: | 4.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIERAN-PC
Current User Name: Kieran
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/23 22:30:49 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
PRC - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010/08/15 16:06:00 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe
PRC - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/07/18 22:52:35 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/07/18 15:12:37 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/07/18 15:05:19 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/07/09 20:00:26 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/04/16 19:55:32 | 000,223,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) -- C:\Program Files\GameTracker\GSInGameService.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/12/08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/05/07 15:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/07 15:09:06 | 000,306,112 | ---- | M] (Carbonite, Inc.) -- C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
PRC - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/02/04 11:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2006/09/19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe


========== Modules (SafeList) ==========

MOD - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
MOD - [2008/01/21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/21 03:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/08/06 01:31:18 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/22 02:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/15 09:09:12 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100823.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/07/15 09:09:12 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/07/15 09:09:12 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/07/15 09:09:12 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100823.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/06/23 20:37:10 | 000,281,648 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100810.002\IDSvix86.sys -- (IDSvix86)
DRV - [2010/04/03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/05/25 06:50:44 | 000,164,864 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 13:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/06/06 18:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/06/06 18:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/05/07 18:22:50 | 002,134,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/01/31 19:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 19:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 19:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/12 15:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/08/08 18:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/03/27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9067
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/18 22:53:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/08 21:31:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/21 23:39:21 | 000,000,000 | ---D | M]

[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions
[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/08/06 01:23:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\packardbell@partners.mozilla.com
[2008/08/06 01:23:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/11/28 20:31:59 | 000,067,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2007/11/28 20:31:59 | 000,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2007/11/28 20:31:59 | 000,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2007/11/28 20:31:59 | 000,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2007/11/28 20:31:59 | 000,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2010/08/21 23:31:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/06/15 11:24:15 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2006/06/15 11:24:15 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2006/06/15 11:24:15 | 000,001,077 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2006/09/11 15:39:34 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [USBToolTip] c:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [HKCU] C:\Users\Kieran\AppData\Roaming\winlog\server.exe ()
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab (CDownloadCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell - "" = AutoRun
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell\AutoRun\command - "" = E:\Startme.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/23 22:45:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/23 22:35:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/23 22:34:53 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\erunt
[2010/08/22 22:05:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 12:19:20 | 000,472,064 | ---- | C] ( ) -- C:\Users\Kieran\Desktop\RootRepeal.exe
[2010/08/22 00:05:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/08/21 23:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/21 23:22:26 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/19 16:48:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Random
[2010/08/19 16:48:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Games
[2010/08/19 16:47:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Vids n Pics
[2010/08/17 11:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/15 16:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\IWONGEI
[2010/08/15 04:11:56 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2010/08/15 02:41:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Downloads
[2010/08/15 02:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/08/14 02:09:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\IGN_DLM
[2010/08/14 02:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager
[2010/08/14 00:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/08/13 22:11:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\RCube
[2010/08/11 08:53:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/08/09 16:27:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Sony Ericsson
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/08/09 15:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/08/09 15:19:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Apple
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010/08/09 15:12:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2010/08/09 14:55:19 | 000,114,728 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdm.sys
[2010/08/09 14:55:19 | 000,109,864 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018unic.sys
[2010/08/09 14:55:19 | 000,106,208 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mgmt.sys
[2010/08/09 14:55:19 | 000,104,744 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018obex.sys
[2010/08/09 14:55:19 | 000,086,824 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018bus.sys
[2010/08/09 14:55:19 | 000,026,024 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018nd5.sys
[2010/08/09 14:55:19 | 000,015,016 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdfl.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018whnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018wh.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cmnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cm.sys
[2010/08/09 14:55:19 | 000,010,792 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cr.sys
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010/08/09 14:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2010/08/08 21:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2010/07/26 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\dvdcss
[2010/07/26 11:45:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/26 11:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\ImTOO
[2010/07/26 11:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/07/26 11:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/07/26 01:19:37 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Mods
[2010/07/25 00:32:51 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:24 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:04 | 000,000,000 | RH-D | C] -- C:\Users\Kieran\AppData\Roaming\SecuROM
[2010/07/24 23:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/07/21 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/07/21 16:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\FinalMediaPlayer
[2010/07/21 16:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2010/07/20 20:33:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\VIDEO_TS
[2010/07/20 19:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\BreakPoint Software
[2010/07/20 19:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Noel Danjou
[2010/07/20 19:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/20 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Adobe
[2010/07/20 17:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/07/19 22:45:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\InstantCDDVD
[2010/07/19 22:44:58 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Pinnacle
[2010/07/19 22:44:49 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Pinnacle
[2010/07/19 22:42:57 | 000,045,056 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emVFW.dll
[2010/07/19 22:42:57 | 000,032,768 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emProp.ax
[2010/07/19 22:42:57 | 000,024,269 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emStream.sys
[2010/07/19 22:42:57 | 000,009,739 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emUSD.dll
[2010/07/19 22:42:57 | 000,005,245 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emFilter.sys
[2010/07/19 22:42:57 | 000,004,493 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emScan.sys
[2010/07/19 22:42:56 | 000,100,957 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emDevice.sys
[2010/07/19 22:42:56 | 000,073,728 | ---- | C] (Pinnacle Systems) -- C:\Windows\System32\PCLECoInst.dll
[2010/07/19 22:41:58 | 000,884,736 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMUIRes.dll
[2010/07/19 22:41:58 | 000,012,288 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMLRes.dll
[2010/07/19 22:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2010/07/19 21:32:28 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\PunkBuster
[2010/07/19 21:32:17 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\EA SPORTS(TM) FIFA Online
[2010/07/19 18:43:55 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2010/07/19 18:43:41 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Downloaded Installations
[2010/07/18 23:35:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/18 23:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\Datel
[2010/07/18 23:27:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\WinRAR
[2010/07/18 23:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\GameTuts
[2010/07/18 22:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/07/18 22:52:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/07/18 22:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/07/18 22:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/07/18 22:52:26 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Real
[2010/07/18 22:51:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/07/18 22:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\OxelonMedia
[2010/07/18 21:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/07/18 21:10:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft Help
[2010/07/18 20:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/07/18 19:42:25 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010/07/18 19:41:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
[2010/07/18 19:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\GameTracker
[2010/07/18 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/07/18 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Mozilla
[2010/07/18 19:35:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Xfire
[2010/07/18 19:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010/07/18 19:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/07/18 19:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/07/18 19:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/07/18 15:37:39 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music
[2010/07/18 15:30:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music Idisgo
[2010/07/18 15:21:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Macromedia
[2010/07/18 15:20:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Tracing
[2010/07/18 15:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/07/18 15:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/07/18 15:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/07/18 15:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/07/18 15:12:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/07/18 15:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/07/18 15:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/07/18 15:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/07/18 15:02:46 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Adobe
[2010/07/18 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Google
[2010/07/18 14:51:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symantec
[2010/07/18 14:43:14 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\My Google Gadgets
[2010/07/18 14:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/07/18 14:43:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Google
[2010/07/18 14:42:40 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Packard Bell
[2010/07/18 14:42:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Symantec
[2010/07/18 14:42:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/07/18 14:42:14 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Searches
[2010/07/18 14:42:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Identities
[2010/07/18 14:42:05 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Contacts
[2010/07/18 14:42:04 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\VirtualStore
[2010/07/18 14:36:20 | 000,000,000 | --SD | C] -- C:\Users\Kieran\AppData\Roaming\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Videos
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Saved Games
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Pictures
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Music
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Links
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Favorites
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Downloads
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Documents
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Desktop
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Temporary Internet Files
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Templates
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Start Menu
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\SendTo
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Recent
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\PrintHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\NetHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Videos
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Pictures
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Music
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\My Documents
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Local Settings
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\History
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Cookies
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -H-D | C] -- C:\Users\Kieran\AppData
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Temp
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Media Center Programs
[2010/07/18 14:29:21 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/07/18 14:27:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2007/03/12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll

========== Files - Modified Within 90 Days ==========

[2010/08/23 22:55:23 | 002,621,440 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT
[2010/08/23 22:48:31 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/23 22:48:30 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/23 22:48:07 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/23 22:48:07 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/08/23 22:47:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/23 22:47:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/23 22:47:56 | 000,000,314 | -HS- | M] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/23 22:47:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/23 22:47:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/23 22:47:50 | 3220,406,272 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/23 22:46:58 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/08/23 22:46:58 | 000,065,536 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/08/23 22:37:13 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/23 22:37:13 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/23 22:37:13 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/23 22:34:32 | 000,513,320 | ---- | M] () -- C:\Users\Kieran\Desktop\erunt.zip
[2010/08/23 22:31:14 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/08/23 17:30:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/08/23 17:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/23 01:15:25 | 002,814,309 | -H-- | M] () -- C:\Users\Kieran\AppData\Local\IconCache.db
[2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 12:20:07 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:12 | 000,464,491 | ---- | M] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,680 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/08/22 00:14:42 | 000,000,552 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:26 | 317,705,964 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:56 | 000,293,376 | ---- | M] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:46 | 000,050,477 | ---- | M] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/21 23:22:36 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/21 03:08:31 | 000,022,528 | ---- | M] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/21 00:44:05 | 000,224,960 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/08/21 00:39:01 | 000,137,944 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/08/20 23:43:36 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/08/17 11:35:54 | 000,001,837 | ---- | M] () -- C:\Users\Kieran\Desktop\HijackThis.lnk
[2010/08/14 00:51:39 | 000,022,328 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/08/13 09:22:46 | 000,324,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/12 00:35:07 | 000,063,977 | -H-- | M] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2010/08/09 16:27:06 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,057,344 | RHS- | M] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:05 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:42 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:07 | 000,000,887 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:11:07 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/20 08:08:54 | 000,080,544 | ---- | M] () -- C:\Users\Kieran\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/19 22:44:42 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 20:21:24 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:52:37 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:51:50 | 000,000,573 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | M] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 19:42:25 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:35:53 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 19:35:19 | 000,000,799 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:20:06 | 000,000,946 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 14:54:16 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/07/18 14:52:15 | 000,010,635 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/07/18 14:52:15 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/07/18 14:36:20 | 000,000,020 | -HS- | M] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:33:20 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/07/09 20:00:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll

========== Files Created - No Company Name ==========

[2010/08/23 22:34:30 | 000,513,320 | ---- | C] () -- C:\Users\Kieran\Desktop\erunt.zip
[2010/08/22 12:20:07 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:09 | 000,464,491 | ---- | C] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,552 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:08 | 317,705,964 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:53 | 000,293,376 | ---- | C] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:45 | 000,050,477 | ---- | C] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/17 11:35:54 | 000,001,837 | ---- | C] () -- C:\Users\Kieran\Desktop\HijackThis.lnk
[2010/08/09 16:27:06 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,000,314 | -HS- | C] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/09 16:04:56 | 000,057,344 | RHS- | C] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:04 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:39 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:08 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/07/21 16:28:07 | 000,000,887 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:12:23 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010/07/20 19:11:07 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/19 22:44:42 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 22:41:58 | 000,138,752 | ---- | C] () -- C:\Windows\System32\MASE32.DLL
[2010/07/19 22:41:58 | 000,136,192 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL
[2010/07/19 22:41:58 | 000,057,856 | ---- | C] () -- C:\Windows\System32\MASD32.DLL
[2010/07/19 22:41:57 | 000,196,096 | ---- | C] () -- C:\Windows\System32\MACD32.DLL
[2010/07/19 22:41:57 | 000,027,648 | ---- | C] () -- C:\Windows\System32\MA32.DLL
[2010/07/19 22:41:24 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/07/19 21:32:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/07/19 18:39:42 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/07/19 18:39:42 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/07/19 18:39:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/07/19 18:33:29 | 000,000,424 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:51:50 | 000,000,573 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | C] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 20:26:43 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/07/18 19:42:48 | 000,137,944 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/07/18 19:42:47 | 000,022,328 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/07/18 19:42:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/07/18 19:42:25 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:42:25 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/07/18 19:35:19 | 000,000,799 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 19:33:46 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 15:09:12 | 000,022,528 | ---- | C] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/18 15:07:32 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/18 15:07:31 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/18 15:07:25 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/07/18 15:01:42 | 000,000,946 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/07/18 14:44:27 | 000,000,548 | ---- | C] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 14:43:44 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/07/18 14:36:21 | 000,000,680 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/07/18 14:36:20 | 002,621,440 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/18 14:36:20 | 000,262,144 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG1
[2010/07/18 14:36:20 | 000,065,536 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/18 14:36:20 | 000,000,258 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/07/18 14:36:20 | 000,000,240 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/07/18 14:36:20 | 000,000,020 | -HS- | C] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:36:20 | 000,000,000 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG2
[2010/07/18 14:30:55 | 3220,406,272 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/04/08 03:16:43 | 000,063,977 | -H-- | C] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2004/02/27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

========== LOP Check ==========

[2010/08/21 03:58:47 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/18 23:35:45 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/21 20:08:17 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/08/21 03:29:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 23:04:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/08/15 04:09:12 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/07/26 11:45:11 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/18 22:51:56 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/08/09 15:17:08 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:18:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2005/09/01 04:55:35 | 000,000,000 | RHSD | M] -- C:\Users\Kieran\AppData\Roaming\winlog
[2010/08/23 22:48:07 | 000,000,388 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2010/08/23 17:30:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-Kieran.job
[2010/08/23 22:47:00 | 000,029,032 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/23 22:47:56 | 000,000,314 | -HS- | M] () -- C:\Windows\Tasks\TLKVMEJNOI.job
[2010/08/23 22:31:14 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job

========== Purity Check ==========


< End of report >
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am

Re: HiJackThis Logs.

Unread postby Bezzy2829 » August 23rd, 2010, 5:57 pm

OTL logfile created on: 23/08/2010 22:50:13 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kieran\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.09 Gb Total Space | 176.98 Gb Free Space | 61.86% Space Free | Partition Type: NTFS
Drive D: | 4.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIERAN-PC
Current User Name: Kieran
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/23 22:30:49 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
PRC - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010/08/15 16:06:00 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe
PRC - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/07/18 22:52:35 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/07/18 15:12:37 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/07/18 15:05:19 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/07/09 20:00:26 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/04/16 19:55:32 | 000,223,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) -- C:\Program Files\GameTracker\GSInGameService.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/12/08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/05/07 15:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/07 15:09:06 | 000,306,112 | ---- | M] (Carbonite, Inc.) -- C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
PRC - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/02/04 11:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2006/09/19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe


========== Modules (SafeList) ==========

MOD - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
MOD - [2008/01/21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/21 03:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/08/06 01:31:18 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/22 02:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/15 09:09:12 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100823.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/07/15 09:09:12 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/07/15 09:09:12 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/07/15 09:09:12 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100823.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/06/23 20:37:10 | 000,281,648 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100810.002\IDSvix86.sys -- (IDSvix86)
DRV - [2010/04/03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/05/25 06:50:44 | 000,164,864 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 13:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/06/06 18:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/06/06 18:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/05/07 18:22:50 | 002,134,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/01/31 19:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 19:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 19:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/12 15:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/08/08 18:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/03/27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9067
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/18 22:53:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/08 21:31:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/21 23:39:21 | 000,000,000 | ---D | M]

[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions
[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/08/06 01:23:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\packardbell@partners.mozilla.com
[2008/08/06 01:23:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/11/28 20:31:59 | 000,067,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2007/11/28 20:31:59 | 000,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2007/11/28 20:31:59 | 000,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2007/11/28 20:31:59 | 000,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2007/11/28 20:31:59 | 000,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2010/08/21 23:31:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/06/15 11:24:15 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2006/06/15 11:24:15 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2006/06/15 11:24:15 | 000,001,077 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2006/09/11 15:39:34 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [USBToolTip] c:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [HKCU] C:\Users\Kieran\AppData\Roaming\winlog\server.exe ()
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab (CDownloadCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell - "" = AutoRun
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell\AutoRun\command - "" = E:\Startme.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/23 22:45:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/23 22:35:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/23 22:34:53 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\erunt
[2010/08/22 22:05:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 12:19:20 | 000,472,064 | ---- | C] ( ) -- C:\Users\Kieran\Desktop\RootRepeal.exe
[2010/08/22 00:05:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/08/21 23:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/21 23:22:26 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/19 16:48:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Random
[2010/08/19 16:48:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Games
[2010/08/19 16:47:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Vids n Pics
[2010/08/17 11:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/15 16:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\IWONGEI
[2010/08/15 04:11:56 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2010/08/15 02:41:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Downloads
[2010/08/15 02:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/08/14 02:09:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\IGN_DLM
[2010/08/14 02:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager
[2010/08/14 00:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/08/13 22:11:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\RCube
[2010/08/11 08:53:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/08/09 16:27:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Sony Ericsson
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/08/09 15:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/08/09 15:19:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Apple
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010/08/09 15:12:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2010/08/09 14:55:19 | 000,114,728 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdm.sys
[2010/08/09 14:55:19 | 000,109,864 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018unic.sys
[2010/08/09 14:55:19 | 000,106,208 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mgmt.sys
[2010/08/09 14:55:19 | 000,104,744 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018obex.sys
[2010/08/09 14:55:19 | 000,086,824 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018bus.sys
[2010/08/09 14:55:19 | 000,026,024 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018nd5.sys
[2010/08/09 14:55:19 | 000,015,016 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdfl.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018whnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018wh.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cmnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cm.sys
[2010/08/09 14:55:19 | 000,010,792 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cr.sys
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010/08/09 14:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2010/08/08 21:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2010/07/26 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\dvdcss
[2010/07/26 11:45:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/26 11:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\ImTOO
[2010/07/26 11:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/07/26 11:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/07/26 01:19:37 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Mods
[2010/07/25 00:32:51 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:24 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:04 | 000,000,000 | RH-D | C] -- C:\Users\Kieran\AppData\Roaming\SecuROM
[2010/07/24 23:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/07/21 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/07/21 16:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\FinalMediaPlayer
[2010/07/21 16:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2010/07/20 20:33:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\VIDEO_TS
[2010/07/20 19:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\BreakPoint Software
[2010/07/20 19:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Noel Danjou
[2010/07/20 19:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/20 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Adobe
[2010/07/20 17:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/07/19 22:45:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\InstantCDDVD
[2010/07/19 22:44:58 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Pinnacle
[2010/07/19 22:44:49 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Pinnacle
[2010/07/19 22:42:57 | 000,045,056 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emVFW.dll
[2010/07/19 22:42:57 | 000,032,768 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emProp.ax
[2010/07/19 22:42:57 | 000,024,269 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emStream.sys
[2010/07/19 22:42:57 | 000,009,739 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emUSD.dll
[2010/07/19 22:42:57 | 000,005,245 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emFilter.sys
[2010/07/19 22:42:57 | 000,004,493 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emScan.sys
[2010/07/19 22:42:56 | 000,100,957 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emDevice.sys
[2010/07/19 22:42:56 | 000,073,728 | ---- | C] (Pinnacle Systems) -- C:\Windows\System32\PCLECoInst.dll
[2010/07/19 22:41:58 | 000,884,736 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMUIRes.dll
[2010/07/19 22:41:58 | 000,012,288 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMLRes.dll
[2010/07/19 22:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2010/07/19 21:32:28 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\PunkBuster
[2010/07/19 21:32:17 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\EA SPORTS(TM) FIFA Online
[2010/07/19 18:43:55 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2010/07/19 18:43:41 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Downloaded Installations
[2010/07/18 23:35:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/18 23:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\Datel
[2010/07/18 23:27:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\WinRAR
[2010/07/18 23:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\GameTuts
[2010/07/18 22:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/07/18 22:52:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/07/18 22:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/07/18 22:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/07/18 22:52:26 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Real
[2010/07/18 22:51:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/07/18 22:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\OxelonMedia
[2010/07/18 21:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/07/18 21:10:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft Help
[2010/07/18 20:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/07/18 19:42:25 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010/07/18 19:41:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
[2010/07/18 19:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\GameTracker
[2010/07/18 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/07/18 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Mozilla
[2010/07/18 19:35:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Xfire
[2010/07/18 19:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010/07/18 19:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/07/18 19:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/07/18 19:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/07/18 15:37:39 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music
[2010/07/18 15:30:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music Idisgo
[2010/07/18 15:21:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Macromedia
[2010/07/18 15:20:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Tracing
[2010/07/18 15:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/07/18 15:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/07/18 15:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/07/18 15:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/07/18 15:12:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/07/18 15:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/07/18 15:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/07/18 15:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/07/18 15:02:46 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Adobe
[2010/07/18 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Google
[2010/07/18 14:51:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symantec
[2010/07/18 14:43:14 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\My Google Gadgets
[2010/07/18 14:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/07/18 14:43:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Google
[2010/07/18 14:42:40 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Packard Bell
[2010/07/18 14:42:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Symantec
[2010/07/18 14:42:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/07/18 14:42:14 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Searches
[2010/07/18 14:42:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Identities
[2010/07/18 14:42:05 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Contacts
[2010/07/18 14:42:04 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\VirtualStore
[2010/07/18 14:36:20 | 000,000,000 | --SD | C] -- C:\Users\Kieran\AppData\Roaming\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Videos
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Saved Games
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Pictures
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Music
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Links
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Favorites
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Downloads
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Documents
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Desktop
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Temporary Internet Files
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Templates
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Start Menu
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\SendTo
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Recent
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\PrintHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\NetHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Videos
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Pictures
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Music
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\My Documents
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Local Settings
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\History
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Cookies
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -H-D | C] -- C:\Users\Kieran\AppData
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Temp
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Media Center Programs
[2010/07/18 14:29:21 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/07/18 14:27:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2007/03/12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll

========== Files - Modified Within 90 Days ==========

[2010/08/23 22:55:23 | 002,621,440 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT
[2010/08/23 22:48:31 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/23 22:48:30 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/23 22:48:07 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/23 22:48:07 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/08/23 22:47:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/23 22:47:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/23 22:47:56 | 000,000,314 | -HS- | M] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/23 22:47:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/23 22:47:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/23 22:47:50 | 3220,406,272 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/23 22:46:58 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/08/23 22:46:58 | 000,065,536 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/08/23 22:37:13 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/23 22:37:13 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/23 22:37:13 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/23 22:34:32 | 000,513,320 | ---- | M] () -- C:\Users\Kieran\Desktop\erunt.zip
[2010/08/23 22:31:14 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/08/23 17:30:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/08/23 17:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/23 01:15:25 | 002,814,309 | -H-- | M] () -- C:\Users\Kieran\AppData\Local\IconCache.db
[2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 12:20:07 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:12 | 000,464,491 | ---- | M] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,680 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/08/22 00:14:42 | 000,000,552 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:26 | 317,705,964 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:56 | 000,293,376 | ---- | M] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:46 | 000,050,477 | ---- | M] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/21 23:22:36 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/21 03:08:31 | 000,022,528 | ---- | M] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/21 00:44:05 | 000,224,960 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/08/21 00:39:01 | 000,137,944 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/08/20 23:43:36 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/08/17 11:35:54 | 000,001,837 | ---- | M] () -- C:\Users\Kieran\Desktop\HijackThis.lnk
[2010/08/14 00:51:39 | 000,022,328 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/08/13 09:22:46 | 000,324,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/12 00:35:07 | 000,063,977 | -H-- | M] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2010/08/09 16:27:06 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,057,344 | RHS- | M] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:05 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:42 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:07 | 000,000,887 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:11:07 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/20 08:08:54 | 000,080,544 | ---- | M] () -- C:\Users\Kieran\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/19 22:44:42 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 20:21:24 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:52:37 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:51:50 | 000,000,573 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | M] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 19:42:25 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:35:53 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 19:35:19 | 000,000,799 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:20:06 | 000,000,946 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 14:54:16 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/07/18 14:52:15 | 000,010,635 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/07/18 14:52:15 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/07/18 14:36:20 | 000,000,020 | -HS- | M] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:33:20 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/07/09 20:00:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll

========== Files Created - No Company Name ==========

[2010/08/23 22:34:30 | 000,513,320 | ---- | C] () -- C:\Users\Kieran\Desktop\erunt.zip
[2010/08/22 12:20:07 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:09 | 000,464,491 | ---- | C] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,552 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:08 | 317,705,964 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:53 | 000,293,376 | ---- | C] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:45 | 000,050,477 | ---- | C] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/17 11:35:54 | 000,001,837 | ---- | C] () -- C:\Users\Kieran\Desktop\HijackThis.lnk
[2010/08/09 16:27:06 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,000,314 | -HS- | C] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/09 16:04:56 | 000,057,344 | RHS- | C] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:04 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:39 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:08 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/07/21 16:28:07 | 000,000,887 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:12:23 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010/07/20 19:11:07 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/19 22:44:42 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 22:41:58 | 000,138,752 | ---- | C] () -- C:\Windows\System32\MASE32.DLL
[2010/07/19 22:41:58 | 000,136,192 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL
[2010/07/19 22:41:58 | 000,057,856 | ---- | C] () -- C:\Windows\System32\MASD32.DLL
[2010/07/19 22:41:57 | 000,196,096 | ---- | C] () -- C:\Windows\System32\MACD32.DLL
[2010/07/19 22:41:57 | 000,027,648 | ---- | C] () -- C:\Windows\System32\MA32.DLL
[2010/07/19 22:41:24 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/07/19 21:32:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/07/19 18:39:42 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/07/19 18:39:42 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/07/19 18:39:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/07/19 18:33:29 | 000,000,424 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:51:50 | 000,000,573 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | C] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 20:26:43 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/07/18 19:42:48 | 000,137,944 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/07/18 19:42:47 | 000,022,328 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/07/18 19:42:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/07/18 19:42:25 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:42:25 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/07/18 19:35:19 | 000,000,799 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 19:33:46 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 15:09:12 | 000,022,528 | ---- | C] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/18 15:07:32 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/18 15:07:31 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/18 15:07:25 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/07/18 15:01:42 | 000,000,946 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/07/18 14:44:27 | 000,000,548 | ---- | C] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 14:43:44 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/07/18 14:36:21 | 000,000,680 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/07/18 14:36:20 | 002,621,440 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/18 14:36:20 | 000,262,144 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG1
[2010/07/18 14:36:20 | 000,065,536 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/18 14:36:20 | 000,000,258 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/07/18 14:36:20 | 000,000,240 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/07/18 14:36:20 | 000,000,020 | -HS- | C] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:36:20 | 000,000,000 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG2
[2010/07/18 14:30:55 | 3220,406,272 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/04/08 03:16:43 | 000,063,977 | -H-- | C] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2004/02/27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

========== LOP Check ==========

[2010/08/21 03:58:47 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/18 23:35:45 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/21 20:08:17 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/08/21 03:29:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 23:04:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/08/15 04:09:12 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/07/26 11:45:11 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/18 22:51:56 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/08/09 15:17:08 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:18:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2005/09/01 04:55:35 | 000,000,000 | RHSD | M] -- C:\Users\Kieran\AppData\Roaming\winlog
[2010/08/23 22:48:07 | 000,000,388 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2010/08/23 17:30:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-Kieran.job
[2010/08/23 22:47:00 | 000,029,032 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/23 22:47:56 | 000,000,314 | -HS- | M] () -- C:\Windows\Tasks\TLKVMEJNOI.job
[2010/08/23 22:31:14 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job

========== Purity Check ==========


< End of report >
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am

Re: HiJackThis Logs.

Unread postby Bezzy2829 » August 23rd, 2010, 5:57 pm

OTL logfile created on: 23/08/2010 22:50:13 - Run 2
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Kieran\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.09 Gb Total Space | 176.98 Gb Free Space | 61.86% Space Free | Partition Type: NTFS
Drive D: | 4.18 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KIERAN-PC
Current User Name: Kieran
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/08/23 22:30:49 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
PRC - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2010/08/15 16:06:00 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe
PRC - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/07/18 22:52:35 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/07/18 15:12:37 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/07/18 15:05:19 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/07/09 20:00:26 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files\Xfire\Xfire.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/04/16 19:55:32 | 000,223,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) -- C:\Program Files\GameTracker\GSInGameService.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/12/08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008/05/07 15:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/04/07 15:09:06 | 000,306,112 | ---- | M] (Carbonite, Inc.) -- C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe
PRC - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2008/02/04 11:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
PRC - [2006/09/19 09:07:28 | 000,827,392 | ---- | M] () -- C:\Windows\vsnpstd3.exe


========== Modules (SafeList) ==========

MOD - [2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
MOD - [2008/01/21 03:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/21 03:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/08/21 00:18:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/08 19:26:52 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/04/14 17:51:18 | 001,648,480 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Program Files\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/01/14 17:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/09/05 11:52:32 | 003,220,856 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2008/08/06 01:31:18 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/09 18:06:00 | 000,238,968 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/22 02:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/15 09:09:12 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100823.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/07/15 09:09:12 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/07/15 09:09:12 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/07/15 09:09:12 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20100823.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/06/23 20:37:10 | 000,281,648 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20100810.002\IDSvix86.sys -- (IDSvix86)
DRV - [2010/04/03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/05/25 06:50:44 | 000,164,864 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/03/25 16:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 16:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009/03/25 16:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009/03/25 16:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 16:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009/03/25 16:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009/03/25 16:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009/03/17 12:56:58 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/02/19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 13:31:18 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,096,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/02/19 13:31:16 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/07/30 17:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/06/06 18:13:40 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/06/06 18:13:10 | 000,145,440 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/05/07 18:22:50 | 002,134,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/01/31 19:51:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/01/31 19:51:00 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/01/31 19:51:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:23:21 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/12 15:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/08/08 18:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/03/27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/12/12 11:16:06 | 000,022,528 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2005/12/21 10:14:52 | 000,100,957 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emDevice.sys -- (DCamUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,005,245 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emFilter.sys -- (FiltUSBEMPIA)
DRV - [2005/12/21 10:14:52 | 000,004,493 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emScan.sys -- (ScanUSBEMPIA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.packardbell.com/?id=9067
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/18 22:53:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/08 21:31:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/21 23:39:21 | 000,000,000 | ---D | M]

[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions
[2010/07/26 11:24:38 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions
[2010/07/18 19:35:34 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Kieran\AppData\Roaming\Mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/21 23:31:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/08/06 01:23:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\packardbell@partners.mozilla.com
[2008/08/06 01:23:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/11/28 20:31:59 | 000,067,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2007/11/28 20:31:59 | 000,054,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2007/11/28 20:31:59 | 000,034,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2007/11/28 20:31:59 | 000,046,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2007/11/28 20:31:59 | 000,172,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2010/08/21 23:31:43 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006/06/15 11:24:15 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2006/06/15 11:24:15 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2006/06/15 11:24:15 | 000,001,077 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2006/09/11 15:39:34 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll (Packard Bell)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems)
O4 - HKLM..\Run: [USBToolTip] c:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [HKCU] C:\Users\Kieran\AppData\Roaming\winlog\server.exe ()
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab (CDownloadCtrl Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell - "" = AutoRun
O33 - MountPoints2\{50e4b98a-a3ae-11df-ae5b-002197257c11}\Shell\AutoRun\command - "" = E:\Startme.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/08/23 22:45:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/08/23 22:35:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/23 22:34:53 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\erunt
[2010/08/22 22:05:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 12:19:20 | 000,472,064 | ---- | C] ( ) -- C:\Users\Kieran\Desktop\RootRepeal.exe
[2010/08/22 00:05:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/08/21 23:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/08/21 23:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/21 23:22:26 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/19 16:48:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Random
[2010/08/19 16:48:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Games
[2010/08/19 16:47:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Vids n Pics
[2010/08/17 11:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/08/15 16:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\IWONGEI
[2010/08/15 04:11:56 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2010/08/15 02:41:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Downloads
[2010/08/15 02:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/08/14 02:09:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\IGN_DLM
[2010/08/14 02:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Download Manager
[2010/08/14 00:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2010/08/13 22:11:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\RCube
[2010/08/11 08:53:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010/08/09 16:27:12 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Sony Ericsson
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2010/08/09 15:22:57 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/08/09 15:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/08/09 15:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/08/09 15:19:57 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Apple
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/08/09 15:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:17:08 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010/08/09 15:12:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2010/08/09 14:55:19 | 000,114,728 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdm.sys
[2010/08/09 14:55:19 | 000,109,864 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018unic.sys
[2010/08/09 14:55:19 | 000,106,208 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mgmt.sys
[2010/08/09 14:55:19 | 000,104,744 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018obex.sys
[2010/08/09 14:55:19 | 000,086,824 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018bus.sys
[2010/08/09 14:55:19 | 000,026,024 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018nd5.sys
[2010/08/09 14:55:19 | 000,015,016 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018mdfl.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018whnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018wh.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cmnt.sys
[2010/08/09 14:55:19 | 000,012,200 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cm.sys
[2010/08/09 14:55:19 | 000,010,792 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\s1018cr.sys
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2010/08/09 14:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010/08/09 14:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Tibia
[2010/08/08 21:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\directx
[2010/07/26 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\dvdcss
[2010/07/26 11:45:11 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/26 11:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\ImTOO
[2010/07/26 11:23:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/07/26 11:22:51 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/07/26 01:19:37 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Mods
[2010/07/25 00:32:51 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:24 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/25 00:29:04 | 000,000,000 | RH-D | C] -- C:\Users\Kieran\AppData\Roaming\SecuROM
[2010/07/24 23:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010/07/21 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/07/21 16:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\FinalMediaPlayer
[2010/07/21 16:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com
[2010/07/20 20:33:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\VIDEO_TS
[2010/07/20 19:55:54 | 000,000,000 | ---D | C] -- C:\Program Files\BreakPoint Software
[2010/07/20 19:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Noel Danjou
[2010/07/20 19:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/07/20 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Adobe
[2010/07/20 17:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/07/19 22:45:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\InstantCDDVD
[2010/07/19 22:44:58 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\Pinnacle
[2010/07/19 22:44:49 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Pinnacle
[2010/07/19 22:42:57 | 000,045,056 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emVFW.dll
[2010/07/19 22:42:57 | 000,032,768 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emProp.ax
[2010/07/19 22:42:57 | 000,024,269 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emStream.sys
[2010/07/19 22:42:57 | 000,009,739 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\emUSD.dll
[2010/07/19 22:42:57 | 000,005,245 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emFilter.sys
[2010/07/19 22:42:57 | 000,004,493 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emScan.sys
[2010/07/19 22:42:56 | 000,100,957 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\System32\drivers\emDevice.sys
[2010/07/19 22:42:56 | 000,073,728 | ---- | C] (Pinnacle Systems) -- C:\Windows\System32\PCLECoInst.dll
[2010/07/19 22:41:58 | 000,884,736 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMUIRes.dll
[2010/07/19 22:41:58 | 000,012,288 | ---- | C] (Fellowes, Inc.) -- C:\Windows\System32\LMLRes.dll
[2010/07/19 22:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2010/07/19 21:32:28 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\PunkBuster
[2010/07/19 21:32:17 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\EA SPORTS(TM) FIFA Online
[2010/07/19 18:43:55 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2010/07/19 18:43:41 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Downloaded Installations
[2010/07/18 23:35:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/18 23:35:38 | 000,000,000 | ---D | C] -- C:\Program Files\Datel
[2010/07/18 23:27:45 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\WinRAR
[2010/07/18 23:27:36 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/07/18 23:04:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\GameTuts
[2010/07/18 22:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2010/07/18 22:52:37 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2010/07/18 22:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2010/07/18 22:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2010/07/18 22:52:26 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Real
[2010/07/18 22:51:52 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/07/18 22:51:49 | 000,000,000 | ---D | C] -- C:\Program Files\OxelonMedia
[2010/07/18 21:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2010/07/18 21:10:29 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft Help
[2010/07/18 20:46:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/07/18 19:42:25 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010/07/18 19:41:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
[2010/07/18 19:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\GameTracker
[2010/07/18 19:35:47 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO
[2010/07/18 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/07/18 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Mozilla
[2010/07/18 19:35:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Xfire
[2010/07/18 19:35:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010/07/18 19:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Xfire
[2010/07/18 19:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/07/18 19:33:46 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010/07/18 15:37:39 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music
[2010/07/18 15:30:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Desktop\Music Idisgo
[2010/07/18 15:21:25 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Macromedia
[2010/07/18 15:20:42 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Tracing
[2010/07/18 15:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/07/18 15:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/07/18 15:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/07/18 15:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/07/18 15:12:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/07/18 15:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/07/18 15:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/07/18 15:06:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/07/18 15:02:46 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Adobe
[2010/07/18 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Google
[2010/07/18 14:51:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Symantec
[2010/07/18 14:43:14 | 000,000,000 | ---D | C] -- C:\Users\Kieran\Documents\My Google Gadgets
[2010/07/18 14:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/07/18 14:43:02 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Google
[2010/07/18 14:42:40 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Packard Bell
[2010/07/18 14:42:38 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Symantec
[2010/07/18 14:42:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/07/18 14:42:14 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Searches
[2010/07/18 14:42:07 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Identities
[2010/07/18 14:42:05 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Contacts
[2010/07/18 14:42:04 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\VirtualStore
[2010/07/18 14:36:20 | 000,000,000 | --SD | C] -- C:\Users\Kieran\AppData\Roaming\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Videos
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Saved Games
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Pictures
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Music
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Links
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Favorites
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Downloads
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Documents
[2010/07/18 14:36:20 | 000,000,000 | R--D | C] -- C:\Users\Kieran\Desktop
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Temporary Internet Files
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Templates
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Start Menu
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\SendTo
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Recent
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\PrintHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\NetHood
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Videos
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Pictures
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Documents\My Music
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\My Documents
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Local Settings
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\History
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Cookies
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -HSD | C] -- C:\Users\Kieran\AppData\Local\Application Data
[2010/07/18 14:36:20 | 000,000,000 | -H-D | C] -- C:\Users\Kieran\AppData
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Temp
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Local\Microsoft
[2010/07/18 14:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kieran\AppData\Roaming\Media Center Programs
[2010/07/18 14:29:21 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/07/18 14:27:20 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2007/03/12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll

========== Files - Modified Within 90 Days ==========

[2010/08/23 22:55:23 | 002,621,440 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT
[2010/08/23 22:48:31 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/08/23 22:48:30 | 000,035,757 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/08/23 22:48:07 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/08/23 22:48:07 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/08/23 22:47:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/23 22:47:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/23 22:47:56 | 000,000,314 | -HS- | M] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/23 22:47:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/23 22:47:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/23 22:47:50 | 3220,406,272 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/23 22:46:58 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/08/23 22:46:58 | 000,065,536 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/08/23 22:37:13 | 000,703,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/23 22:37:13 | 000,608,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/23 22:37:13 | 000,108,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/23 22:34:32 | 000,513,320 | ---- | M] () -- C:\Users\Kieran\Desktop\erunt.zip
[2010/08/23 22:31:14 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/08/23 17:30:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/08/23 17:20:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/08/23 01:15:25 | 002,814,309 | -H-- | M] () -- C:\Users\Kieran\AppData\Local\IconCache.db
[2010/08/22 22:05:14 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\OTL.exe
[2010/08/22 12:20:07 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | M] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:12 | 000,464,491 | ---- | M] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,680 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/08/22 00:14:42 | 000,000,552 | ---- | M] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:26 | 317,705,964 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:56 | 000,293,376 | ---- | M] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:46 | 000,050,477 | ---- | M] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/21 23:22:36 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Kieran\Desktop\TFC.exe
[2010/08/21 03:57:28 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010/08/21 03:08:31 | 000,022,528 | ---- | M] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/21 00:44:05 | 000,224,960 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/08/21 00:39:01 | 000,137,944 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/08/20 23:43:36 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/08/17 11:35:54 | 000,001,837 | ---- | M] () -- C:\Users\Kieran\Desktop\HijackThis.lnk
[2010/08/14 00:51:39 | 000,022,328 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/08/13 09:22:46 | 000,324,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/08/12 00:35:07 | 000,063,977 | -H-- | M] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2010/08/09 16:27:06 | 000,002,008 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,057,344 | RHS- | M] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:05 | 000,001,689 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:42 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:07 | 000,000,887 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:11:07 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/20 08:08:54 | 000,080,544 | ---- | M] () -- C:\Users\Kieran\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/19 22:44:42 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 20:21:24 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:52:37 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/07/18 22:51:50 | 000,000,573 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | M] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 19:42:25 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:35:53 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 19:35:19 | 000,000,799 | ---- | M] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:20:06 | 000,000,946 | ---- | M] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | M] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 14:54:16 | 000,524,288 | -HS- | M] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:52:15 | 000,124,464 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2010/07/18 14:52:15 | 000,010,635 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2010/07/18 14:52:15 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2010/07/18 14:36:20 | 000,000,020 | -HS- | M] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:33:20 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/07/09 20:00:32 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll

========== Files Created - No Company Name ==========

[2010/08/23 22:34:30 | 000,513,320 | ---- | C] () -- C:\Users\Kieran\Desktop\erunt.zip
[2010/08/22 12:20:07 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\defogger_reenable
[2010/08/22 12:19:45 | 000,000,000 | ---- | C] () -- C:\Users\Kieran\Desktop\settings.dat
[2010/08/22 12:19:09 | 000,464,491 | ---- | C] () -- C:\Users\Kieran\Desktop\RootRepeal.zip
[2010/08/22 00:14:42 | 000,000,552 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d8caps.dat
[2010/08/22 00:05:08 | 317,705,964 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/08/22 00:01:53 | 000,293,376 | ---- | C] () -- C:\Users\Kieran\Desktop\lzvqqrw3.exe
[2010/08/21 23:57:45 | 000,050,477 | ---- | C] () -- C:\Users\Kieran\Desktop\Defogger.exe
[2010/08/17 11:35:54 | 000,001,837 | ---- | C] () -- C:\Users\Kieran\Desktop\HijackThis.lnk
[2010/08/09 16:27:06 | 000,002,008 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
[2010/08/09 16:04:57 | 000,000,314 | -HS- | C] () -- C:\Windows\tasks\TLKVMEJNOI.job
[2010/08/09 16:04:56 | 000,057,344 | RHS- | C] () -- C:\Windows\System32\bootstr2.dll
[2010/08/09 15:22:04 | 000,001,689 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/08/09 14:51:03 | 000,000,747 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Tibia.lnk
[2010/08/08 21:37:39 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/08/08 21:35:31 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/08 21:35:31 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/08/08 21:35:31 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/07/21 16:28:08 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\Final Media Player Update Checker.job
[2010/07/21 16:28:07 | 000,000,887 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalMediaPlayer.lnk
[2010/07/20 19:12:23 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010/07/20 19:11:07 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Desktop\AMCap.lnk
[2010/07/20 19:09:33 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/07/19 22:44:42 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Instant DVD Recorder.lnk
[2010/07/19 22:41:58 | 000,138,752 | ---- | C] () -- C:\Windows\System32\MASE32.DLL
[2010/07/19 22:41:58 | 000,136,192 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL
[2010/07/19 22:41:58 | 000,057,856 | ---- | C] () -- C:\Windows\System32\MASD32.DLL
[2010/07/19 22:41:57 | 000,196,096 | ---- | C] () -- C:\Windows\System32\MACD32.DLL
[2010/07/19 22:41:57 | 000,027,648 | ---- | C] () -- C:\Windows\System32\MA32.DLL
[2010/07/19 22:41:24 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/07/19 21:32:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/07/19 18:39:42 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/07/19 18:39:42 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/07/19 18:39:39 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2010/07/19 18:33:29 | 000,000,424 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job
[2010/07/18 22:53:15 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer SP.lnk
[2010/07/18 22:51:50 | 000,000,573 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Oxelon Media Converter.lnk
[2010/07/18 22:51:50 | 000,000,549 | ---- | C] () -- C:\Users\Public\Desktop\Oxelon Media Converter.lnk
[2010/07/18 20:26:43 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010/07/18 19:42:48 | 000,137,944 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/07/18 19:42:47 | 000,022,328 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\PnkBstrK.sys
[2010/07/18 19:42:32 | 000,224,960 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/07/18 19:42:25 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010/07/18 19:42:25 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/07/18 19:35:19 | 000,000,799 | ---- | C] () -- C:\Users\Kieran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,787 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk
[2010/07/18 19:35:19 | 000,000,763 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010/07/18 19:33:46 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/07/18 15:36:20 | 000,000,941 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/07/18 15:34:23 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010/07/18 15:28:16 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010/07/18 15:20:38 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk
[2010/07/18 15:12:48 | 000,001,988 | ---- | C] () -- C:\Users\Kieran\Desktop\Windows Live Messenger .lnk
[2010/07/18 15:09:12 | 000,022,528 | ---- | C] () -- C:\Users\Kieran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/18 15:07:32 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/07/18 15:07:31 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/07/18 15:07:25 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/07/18 15:01:42 | 000,000,946 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/18 14:57:14 | 000,035,757 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/07/18 14:44:27 | 000,000,548 | ---- | C] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Kieran.job
[2010/07/18 14:43:44 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\Recovery DVD Creator-Kieran.job
[2010/07/18 14:36:21 | 000,000,680 | ---- | C] () -- C:\Users\Kieran\AppData\Local\d3d9caps.dat
[2010/07/18 14:36:20 | 002,621,440 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010/07/18 14:36:20 | 000,524,288 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/07/18 14:36:20 | 000,262,144 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG1
[2010/07/18 14:36:20 | 000,065,536 | -HS- | C] () -- C:\Users\Kieran\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/07/18 14:36:20 | 000,000,258 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/07/18 14:36:20 | 000,000,240 | ---- | C] () -- C:\Users\Kieran\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/07/18 14:36:20 | 000,000,020 | -HS- | C] () -- C:\Users\Kieran\ntuser.ini
[2010/07/18 14:36:20 | 000,000,000 | -H-- | C] () -- C:\Users\Kieran\ntuser.dat.LOG2
[2010/07/18 14:30:55 | 3220,406,272 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/03/05 06:54:58 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/04/08 03:16:43 | 000,063,977 | -H-- | C] () -- C:\Users\Kieran\AppData\Roaming\cglogs.dat
[2004/02/27 16:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini

========== LOP Check ==========

[2010/08/21 03:58:47 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2010/07/18 23:35:45 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Datel
[2010/07/21 20:08:17 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\FinalMediaPlayer
[2010/08/21 03:29:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTracker
[2010/07/18 23:04:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GameTuts
[2010/08/15 04:09:12 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\GetRightToGo
[2010/07/26 11:45:11 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\ImTOO
[2010/07/18 22:51:56 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\OxelonMC
[2010/08/09 15:17:08 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony
[2010/08/09 15:18:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Sony Setup
[2010/08/09 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Kieran\AppData\Roaming\Tibia
[2005/09/01 04:55:35 | 000,000,000 | RHSD | M] -- C:\Users\Kieran\AppData\Roaming\winlog
[2010/08/23 22:48:07 | 000,000,388 | ---- | M] () -- C:\Windows\Tasks\Final Media Player Update Checker.job
[2010/08/23 17:30:01 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-Kieran.job
[2010/08/23 22:47:00 | 000,029,032 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/08/23 22:47:56 | 000,000,314 | -HS- | M] () -- C:\Windows\Tasks\TLKVMEJNOI.job
[2010/08/23 22:31:14 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CDD8B57C-9F49-4B3B-8078-A97F1399FBB5}.job

========== Purity Check ==========


< End of report >
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am

Re: HiJackThis Logs.

Unread postby Bezzy2829 » August 23rd, 2010, 6:00 pm

2010-08-14 Trojan.Llac.Fzb
2010-08-14 Found nothing
2010-08-13 Found nothing
2010-08-14 Found nothing
2010-08-13 Found nothing
2010-08-14 Found nothing
2010-08-13 Found nothing
2010-08-14 Found nothing
2010-08-14 Found nothing
2010-08-13 Found nothing
2010-08-14 Found nothing
2010-08-14 Found nothing
2010-08-14 Found nothing
2010-08-14 Found nothing
2010-08-14 BackDoor.Cybergate.1
2010-08-13 Found nothing
2010-08-13 Found nothing
2010-08-13 Found nothing
2010-08-14 Found nothing
Bezzy2829
Regular Member
 
Posts: 19
Joined: August 17th, 2010, 6:30 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 308 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware