[2011/07/20 07:54:01 | 000,376,189 | ---- | M] () -- C:\Users\Mike\Desktop\MiniToolBox.exe
[2011/07/20 05:36:36 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/20 05:36:36 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/20 05:29:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/20 05:29:10 | 3208,187,904 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/19 16:03:12 | 000,730,384 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/19 16:03:12 | 000,626,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/19 16:03:12 | 000,107,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/19 15:15:58 | 000,000,000 | ---- | M] () -- C:\Users\Mike\defogger_reenable
[2011/07/19 15:15:02 | 000,050,477 | ---- | M] () -- C:\Users\Mike\Desktop\Defogger.exe
[2011/07/19 13:54:49 | 000,000,662 | ---- | M] () -- C:\Users\Mike\Documents\cc_20110719_135445.reg
[2011/07/19 08:00:32 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011/07/19 06:21:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2011/07/17 23:11:05 | 000,000,017 | ---- | M] () -- C:\Users\Mike\AppData\Local\resmon.resmoncfg
[2011/07/16 23:20:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/07/16 23:09:57 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2011/07/15 08:41:55 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/07/14 10:48:54 | 000,413,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/07/10 13:39:47 | 000,285,280 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys
[2011/07/10 13:39:45 | 001,263,200 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpm273.sys
[2011/07/10 13:39:45 | 000,970,336 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2011/07/09 23:58:29 | 000,001,175 | ---- | M] () -- C:\Users\Mike\Documents\gpu.hfm
[2011/07/09 10:15:41 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2011/07/09 07:49:37 | 000,000,611 | ---- | M] () -- C:\Users\Mike\Documents\hfm.hfm
[2011/07/07 07:47:23 | 000,000,578 | ---- | M] () -- C:\Users\Mike\Desktop\fahgpu.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/04 08:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/07/04 08:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/07/04 08:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/07/04 08:43:28 | 2719,589,376 | ---- | M] () -- C:\Users\Mike\Desktop\Fleur Archive Folder Outlook Backup 05-26-11.pst
[2011/07/04 08:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/07/04 08:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/07/04 08:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/07/04 08:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/07/04 08:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/07/04 08:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/06/23 17:13:59 | 000,743,066 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/23 17:09:54 | 000,002,166 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk
[2011/06/23 11:37:43 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011/06/23 11:37:43 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011/06/23 10:14:42 | 000,277,088 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2011/06/23 10:12:16 | 000,029,929 | ---- | M] () -- C:\Users\Mike\Documents\BKD-7361325773.pdf
[2011/06/22 08:59:45 | 000,229,128 | ---- | M] () -- C:\Windows\hpwins23.dat
[2011/06/20 16:45:04 | 000,000,136 | ---- | M] () -- C:\Windows\SysWow64\cpuz.ini
[2011/06/20 16:45:03 | 001,187,840 | ---- | M] (CPUID) -- C:\Windows\SysWow64\cpuz141.exe
[2011/06/20 14:57:04 | 000,002,893 | ---- | M] () -- C:\Users\Mike\Desktop\HFM.NET.lnk
[2011/06/20 14:30:13 | 000,000,541 | ---- | M] () -- C:\Users\Mike\Desktop\fah6.lnk
[2011/06/20 14:07:38 | 000,001,079 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk
[2011/06/20 14:05:10 | 006,918,144 | ---- | M] () -- C:\Users\Mike\PCPE_3.0.msi
[2011/06/20 13:10:03 | 000,139,106 | ---- | M] () -- C:\Users\Mike\Documents\cc_20110620_130959.reg
[2011/06/20 12:33:01 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/06/20 11:03:46 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/06/20 11:03:46 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/20 07:54:00 | 000,376,189 | ---- | C] () -- C:\Users\Mike\Desktop\MiniToolBox.exe
[2011/07/19 15:15:58 | 000,000,000 | ---- | C] () -- C:\Users\Mike\defogger_reenable
[2011/07/19 15:15:33 | 000,050,477 | ---- | C] () -- C:\Users\Mike\Desktop\Defogger.exe
[2011/07/19 13:54:47 | 000,000,662 | ---- | C] () -- C:\Users\Mike\Documents\cc_20110719_135445.reg
[2011/07/19 06:21:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2011/07/17 23:11:05 | 000,000,017 | ---- | C] () -- C:\Users\Mike\AppData\Local\resmon.resmoncfg
[2011/07/17 16:42:41 | 000,074,344 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011/07/16 23:09:56 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011/07/16 11:15:28 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011/07/07 08:23:20 | 000,001,175 | ---- | C] () -- C:\Users\Mike\Documents\gpu.hfm
[2011/07/07 07:47:02 | 000,000,578 | ---- | C] () -- C:\Users\Mike\Desktop\fahgpu.lnk
[2011/07/04 08:43:00 | 2719,589,376 | ---- | C] () -- C:\Users\Mike\Desktop\Fleur Archive Folder Outlook Backup 05-26-11.pst
[2011/06/23 17:13:59 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/23 17:09:54 | 000,002,166 | ---- | C] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung New PC Studio.lnk
[2011/06/23 11:37:37 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011/06/23 11:37:37 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011/06/23 10:12:16 | 000,029,929 | ---- | C] () -- C:\Users\Mike\Documents\BKD-7361325773.pdf
[2011/06/22 08:58:27 | 000,001,054 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2011/06/22 08:56:30 | 000,229,128 | ---- | C] () -- C:\Windows\hpwins23.dat
[2011/06/22 08:56:30 | 000,002,075 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2011/06/20 16:45:04 | 000,000,136 | ---- | C] () -- C:\Windows\SysWow64\cpuz.ini
[2011/06/20 14:59:51 | 000,000,611 | ---- | C] () -- C:\Users\Mike\Documents\hfm.hfm
[2011/06/20 14:57:04 | 000,002,893 | ---- | C] () -- C:\Users\Mike\Desktop\HFM.NET.lnk
[2011/06/20 14:30:02 | 000,000,541 | ---- | C] () -- C:\Users\Mike\Desktop\fah6.lnk
[2011/06/20 14:07:38 | 000,001,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk
[2011/06/20 14:05:10 | 006,918,144 | ---- | C] () -- C:\Users\Mike\PCPE_3.0.msi
[2011/06/20 13:10:00 | 000,139,106 | ---- | C] () -- C:\Users\Mike\Documents\cc_20110620_130959.reg
[2011/06/20 12:33:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/06/20 11:03:37 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/06/20 11:03:33 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/06/20 11:01:09 | 3208,187,904 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/20 08:44:15 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/06/20 08:44:15 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/06/20 08:14:05 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/06/20 08:10:54 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011/05/24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/20 23:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/03/17 13:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/08/27 03:04:14 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/11/13 06:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2007/12/04 05:20:30 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2007/06/07 05:25:42 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini
========== LOP Check ==========
[2011/07/10 13:39:47 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\131648A8-6D3B-4CCD-B64A-2CA493CBD58F
[2011/07/10 13:39:47 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\2B3D7F9E-25C5-42FD-8B7D-5E219E7B0443
[2011/06/23 10:19:57 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Acronis
[2011/07/12 10:57:15 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Auslogics
[2011/07/07 07:46:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Folding@home-gpu
[2011/06/27 13:12:39 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\GlarySoft
[2011/07/20 08:01:34 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\HFM
[2011/06/27 09:28:21 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\IObit
[2011/06/20 16:38:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\poclbm
[2011/06/23 17:08:12 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Samsung
[2010/01/01 22:20:00 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\SystemRequirementsLab
[2011/07/16 11:32:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\TeamViewer
[2011/06/20 13:21:35 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\WinPatrol
[2009/07/14 01:08:49 | 000,029,130 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2011/06/21 10:55:56 | 000,712,976 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2011/06/21 10:55:56 | 000,712,976 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2011/06/21 10:55:56 | 000,712,976 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2011/06/21 10:55:56 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2011/06/21 10:55:56 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2011/06/21 10:55:56 | 000,924,632 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2009/07/13 21:39:12 | 000,073,728 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2010/11/20 08:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation)
< c:|Fun4IM;true;true;true; /FP >
< c:|Bandoo;true;true;true; /FP >
< c:|Searchqu;true;true;true; /FP >
< c:|iLivid;true;true;true; /FP >
< c:|whitesmoke;true;true;true; /FP >
< c:|sweetIM;true;true;true; /FP >
< |Fun4IM /RS >
< |Bandoo /FP >
< |Searchqu /RS >
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\\: ISearchQueryHelper
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AB310581-AC80-11D1-8DF3-00C04FB6EF63}\\: ISearchQueryHelper
< |iLivid /RS >
< |whitesmoke /RS >
< |sweetIM /RS >
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >