Solved Res://C:\Windows\system32\shdoclc.dll/navcancl.htm Internet Explorer Issue

dozzyo9080 · May 8, 2011

I would prefer to attach these logfiles because they are very long.

dozzyo9080 · May 8, 2011

OTL.Txt (1)

OTL logfile created on: 5/8/2011 6:03:45 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Austin ROCKS\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 30.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 60.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 66.51 Gb Total Space | 7.85 Gb Free Space | 11.81% Space Free | Partition Type: NTFS
Drive D: | 66.54 Gb Total Space | 16.10 Gb Free Space | 24.20% Space Free | Partition Type: NTFS

Computer Name: AUSTINROCKS-PC | User Name: Austin ROCKS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
PRC - [2011/04/30 14:44:48 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
PRC - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/08/15 17:09:55 | 000,136,312 | ---- | M] (Google Inc.) -- C:\Users\Austin ROCKS\AppData\Local\Flock\Update\FlockUpdate.exe
PRC - [2010/05/25 11:51:02 | 000,929,792 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2010/04/27 10:44:52 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2010/04/27 10:43:26 | 000,147,563 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
PRC - [2010/01/07 15:38:08 | 005,950,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneNss.exe
PRC - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/06/11 11:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
PRC - [2008/01/20 19:25:07 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\inetinfo.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/12/10 20:15:00 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/01/01 14:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Austin ROCKS\AppData\Roaming\Google\Google Talk\googletalk.exe

========== Modules (SafeList) ==========

MOD - [2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2011/03/26 12:57:48 | 000,215,930 | ---- | M] () -- C:\Windows\System32\iqbfwlkqb\shim_ihfmzsso.dll
MOD - [2011/03/26 12:57:47 | 002,038,925 | ---- | M] () -- C:\Windows\System32\iqbfwlkqb\mcsc_cnawcrqc.dll
MOD - [2011/03/26 12:57:46 | 000,237,927 | ---- | M] () -- C:\Windows\System32\iqbfwlkqb\mcapp_hbdnrvkr.dll
MOD - [2011/02/16 23:23:50 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
MOD - [2010/11/04 11:51:35 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\GdiPlus.dll
MOD - [2010/08/31 08:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009/04/10 23:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
MOD - [2009/04/10 23:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009/04/10 23:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009/04/10 23:28:22 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2008/01/20 19:24:58 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
MOD - [2008/01/20 19:24:46 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2008/01/20 19:24:13 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008/01/20 19:23:54 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
MOD - [2008/01/20 19:23:53 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/05 18:49:17 | 003,274,328 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_3f211bc.dll -- (Akamai)
SRV - [2011/04/17 16:00:39 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/26 12:57:49 | 000,237,712 | ---- | M] () [Auto | Running] -- C:\Windows\System32\iqbfwlkqb\svcboot_qsgffroe.dll -- (svcboot_qsgffroe)
SRV - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe -- (NSL)
SRV - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/28 14:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/05/25 11:51:02 | 000,929,792 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2010/05/02 14:34:28 | 005,027,328 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files\wLite\wService.exe -- (wxpSvc)
SRV - [2010/04/27 10:44:52 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2010/04/27 10:43:26 | 000,147,563 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS)
SRV - [2010/04/21 10:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 10:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/01/07 15:38:18 | 000,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/01/07 15:38:08 | 005,950,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2009/10/11 14:03:24 | 003,319,160 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/04/10 23:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008/09/08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/06/11 11:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/01/20 19:25:27 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2008/01/20 19:25:08 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSvc)
SRV - [2008/01/20 19:25:07 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/12/10 20:15:00 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/11/02 05:36:18 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/05/08 17:40:46 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{49C29E98-6305-4BB9-80E0-B63FDF051C93}\MpKsle0125d7b.sys -- (MpKsle0125d7b)
DRV - [2010/10/24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/09/05 19:53:49 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SYSTEM32\DRIVERS\NVSTOR32.SYS -- (nvstor32)
DRV - [2010/07/28 09:13:58 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010/04/06 18:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010/04/06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010/04/06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2010/04/06 18:32:32 | 000,022,024 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcombus.sys -- (BTCOMBUS)
DRV - [2010/04/06 18:32:28 | 000,025,992 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcomport.sys -- (BTCOM)
DRV - [2010/01/12 13:03:34 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/12/23 11:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/08/21 21:24:04 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/08/13 16:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 16:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/06/17 14:02:40 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2009/04/10 21:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2009/03/30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/07 21:23:54 | 000,030,136 | ---- | M] (Resplendence Software Projects Sp.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\rspSanity32.sys -- (rspSanity)
DRV - [2009/02/27 16:50:32 | 000,499,200 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/24 04:55:50 | 000,030,464 | ---- | M] (CamTrax Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CamSpaceJoy.sys -- (CamSpaceJoy)
DRV - [2008/08/24 04:55:48 | 000,014,848 | ---- | M] (CamTrax Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CamSpaceBus.sys -- (CamSpaceBus)
DRV - [2008/06/11 11:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/03/06 15:22:24 | 000,019,456 | ---- | M] (FreeBT (www.freebt.net)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fbtusb.sys -- (FreeBT)
DRV - [2008/01/28 22:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/20 19:25:19 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2008/01/20 19:23:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007/10/12 01:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/04/16 10:28:02 | 000,194,362 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2004/10/24 08:11:00 | 000,028,800 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PPortJoy.sys -- (PPortJoystick)
DRV - [2004/10/24 08:11:00 | 000,013,952 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PPJoyBus.sys -- (PPJoyBus)
DRV - [2001/05/07 03:56:02 | 000,019,805 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html

IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z008&form=ZGAPHP
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 2F 4F 63 65 C2 CA 01 [binary data]
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

dozzyo9080 · May 8, 2011

OTL.Txt (2)

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?rls=ig"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
FF - prefs.js..extensions.enabledItems: GameTapPlayer@gametap.com:4.3.0.5908
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {203FB6B2-2E1E-4474-863B-4C483ECCE78E}:1.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: support@easy-hideip.com:1.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/08/05 13:37:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ [2011/04/19 11:05:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/05 19:49:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 14:45:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/16 16:46:52 | 000,000,000 | ---D | M]

[2010/01/09 15:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Extensions
[2011/04/16 17:14:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions
[2010/07/25 12:21:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/10 09:40:11 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2010/09/19 14:42:39 | 000,000,000 | ---D | M] (GameTap) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\GameTapPlayer@gametap.com
[2010/08/06 17:39:02 | 000,000,000 | ---D | M] (Hide IP Easy) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\support@easy-hideip.com
[2011/04/16 17:14:54 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\YPlayer@yummy.net
[2010/02/28 19:25:23 | 000,004,554 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\aim-search.xml
[2010/11/11 12:07:48 | 000,001,919 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\bing-zugo.xml
[2010/02/28 18:51:00 | 000,001,827 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\bing.xml
[2010/09/05 17:10:10 | 000,000,903 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\conduit.xml
[2011/05/01 21:23:45 | 000,001,018 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\facebook.xml
[2010/07/31 08:49:28 | 000,002,463 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\safesearch.xml
[2011/03/26 18:56:13 | 000,001,050 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\siteadvisor.xml
[2010/01/29 19:23:24 | 000,001,720 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\youtube-video-search.xml
[2011/05/07 20:51:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/05 21:19:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/04/01 14:12:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/05/07 20:51:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/05 19:49:33 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
() (No name found) -- C:\USERS\AUSTIN ROCKS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLMAA4WF.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2011/03/26 12:57:42 | 002,160,866 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\1522053.dll
[2011/04/30 14:44:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/08/24 02:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/03 15:24:34 | 001,961,984 | ---- | M] (Total Immersion) -- C:\Program Files\Mozilla Firefox\plugins\NPDFusionWebFirefox.dll
[2011/04/30 14:44:56 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2009/09/21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2011/04/16 14:11:50 | 000,001,949 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2011/05/08 17:10:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
O3 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [YouCam Mirage] D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] D:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [EADM] C:\Program Files\Electronic Arts\EADM\EADMUI\EADMUI.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [googletalk] C:\Users\Austin ROCKS\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2010/05/17 09:54:30 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (GTGina.dll) - File not found
O24 - Desktop WallPaper: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/08 17:50:45 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
[2011/05/08 17:17:41 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/08 17:17:41 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\temp
[2011/05/08 17:11:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/08 16:52:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/08 14:14:21 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/08 14:14:21 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/08 14:14:21 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/08 14:14:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/08 14:13:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/08 14:03:03 | 000,083,968 | ---- | C] (eSage Lab) -- C:\Users\Austin ROCKS\Desktop\remover.exe
[2011/05/07 15:48:29 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/05/07 15:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/06 19:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy
[2011/05/06 19:54:33 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\Documents\My Recordings
[2011/05/06 19:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2011/05/06 19:50:53 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\SynthMaker
[2011/05/06 19:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 5
[2011/05/06 19:10:29 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Acoustica
[2011/05/06 19:10:24 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\System32\Wnaspint.dll
[2011/05/06 18:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Mixcraft 5
[2011/05/04 20:12:00 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\vlc
[2011/05/01 17:44:02 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\BOXEE
[2011/05/01 17:44:01 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boxee
[2011/05/01 17:38:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2011/05/01 17:38:35 | 000,000,000 | ---D | C] -- C:\Program Files\Cyberlink
[2011/05/01 16:19:48 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\Documents\Avatar
[2011/05/01 15:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CL-Eye Driver
[2011/04/24 19:37:17 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\.minecraft
[2011/04/22 16:22:42 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary Build
[2011/04/21 20:21:12 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\SKIDROW
[2011/04/20 18:57:55 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/04/19 11:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boonka
[2011/04/19 11:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\Boonka
[2011/04/19 11:05:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST
[2011/04/19 11:05:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST\0102000.006
[2011/04/19 11:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Safe Web Lite
[2011/04/19 11:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011/04/18 19:36:21 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\GameHouse
[2011/04/18 19:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2011/04/18 18:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bejeweled 3
[2011/04/16 21:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2011/04/16 21:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrisOnline
[2011/04/16 18:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/04/16 18:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/04/16 16:48:02 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\DejobaansEasiest
[2011/04/12 19:36:03 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Beat Hazard
[2011/04/11 21:13:10 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\funkitron
[2011/04/10 19:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ballistik
[2011/04/10 19:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sandlot Shared
[2011/04/10 19:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Ballistik

========== Files - Modified Within 30 Days ==========

[2011/05/08 18:05:02 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000UA.job
[2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
[2011/05/08 17:11:17 | 000,205,208 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/05/08 17:10:43 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/08 17:09:36 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011/05/08 17:09:36 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/05/08 17:09:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/05/08 17:09:27 | 000,001,056 | ---- | M] () -- C:\Windows\System32\bscs.ini
[2011/05/08 17:09:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 17:09:25 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/08 17:09:21 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 17:09:13 | 000,205,208 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/05/08 17:09:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/08 16:08:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/08 16:01:17 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AEE52817-BCA4-4726-894D-DCF29517B5AB}.job
[2011/05/08 15:05:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000Core.job
[2011/05/08 14:08:13 | 004,343,905 | R--- | M] () -- C:\Users\Austin ROCKS\Desktop\ComboFix.exe
[2011/05/08 09:41:49 | 000,001,275 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome.lnk
[2011/05/08 09:32:09 | 000,001,646 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\CamSpace.lnk
[2011/05/08 09:28:59 | 000,000,857 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\JDiskReport.lnk
[2011/05/08 09:27:35 | 000,000,517 | ---- | M] () -- C:\Users\Public\Desktop\IrisOnline.lnk
[2011/05/07 18:23:50 | 000,791,742 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/07 18:23:50 | 000,173,926 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/07 16:08:26 | 000,011,976 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\hijackthislog 5-7-11 1
[2011/05/07 15:52:22 | 000,002,497 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\HiJackThis.lnk
[2011/05/07 13:31:44 | 000,002,041 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/07 08:18:46 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/06 19:10:29 | 000,000,779 | ---- | M] () -- C:\Users\Public\Desktop\Mixcraft 5.lnk
[2011/05/06 17:38:16 | 000,008,592 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Local\d3d9caps.dat
[2011/05/06 17:38:05 | 000,000,552 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Local\d3d8caps.dat
[2011/05/05 18:20:40 | 000,134,656 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Mommy's day card.pub
[2011/05/04 20:20:07 | 000,079,872 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/01 17:38:44 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk
[2011/04/28 20:16:31 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2011/04/24 19:10:35 | 000,002,252 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
[2011/04/24 15:14:57 | 000,021,504 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Backup of Dear Mrs.wbk
[2011/04/24 13:34:22 | 000,112,659 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\i apoligize easter.jpg
[2011/04/22 16:22:46 | 000,002,081 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome Canary Build.lnk
[2011/04/22 16:22:45 | 000,002,119 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome Canary Build.lnk
[2011/04/22 10:23:14 | 000,041,472 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 11 Test.wbk
[2011/04/19 11:28:19 | 000,001,620 | ---- | M] () -- C:\Users\Public\Desktop\Boonka.lnk
[2011/04/19 10:57:28 | 000,000,045 | ---- | M] () -- C:\Users\Austin ROCKS\jagex_runescape_preferences.dat
[2011/04/18 19:07:16 | 000,000,647 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Bejeweled 3.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/04/16 14:10:50 | 000,000,832 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/16 14:10:50 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/16 10:17:26 | 000,388,072 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/10 19:01:09 | 000,001,678 | ---- | M] () -- C:\Users\Public\Desktop\Ballistik.lnk
[2011/04/10 14:39:07 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/10 08:31:13 | 000,000,094 | -H-- | M] () -- C:\Windows\System32\spv1_WCssg.ini
[2011/04/09 15:28:45 | 000,096,768 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 10 quiz.wbk
[2011/04/08 23:13:43 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll

========== Files Created - No Company Name ==========

[2011/05/08 14:14:21 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/08 14:14:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/08 14:14:21 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/08 14:14:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/08 14:14:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/08 14:07:48 | 004,343,905 | R--- | C] () -- C:\Users\Austin ROCKS\Desktop\ComboFix.exe
[2011/05/07 16:08:26 | 000,011,976 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\hijackthislog 5-7-11 1
[2011/05/07 15:48:29 | 000,002,497 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\HiJackThis.lnk
[2011/05/07 12:55:11 | 000,000,104 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Recycle Bin.lnk
[2011/05/06 19:10:29 | 000,000,779 | ---- | C] () -- C:\Users\Public\Desktop\Mixcraft 5.lnk
[2011/05/06 17:38:05 | 000,000,552 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\d3d8caps.dat
[2011/05/03 19:55:51 | 000,134,656 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Mommy's day card.pub
[2011/05/01 17:38:44 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk
[2011/04/24 15:14:56 | 000,021,504 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Backup of Dear Mrs.wbk
[2011/04/24 13:34:22 | 000,112,659 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\i apoligize easter.jpg
[2011/04/22 16:22:45 | 000,002,119 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome Canary Build.lnk
[2011/04/22 16:22:45 | 000,002,081 | ---- | C] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome Canary Build.lnk
[2011/04/22 10:23:14 | 000,041,472 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 11 Test.wbk
[2011/04/20 18:57:59 | 000,002,041 | ---- | C] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/20 18:57:59 | 000,001,275 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome.lnk
[2011/04/20 18:54:27 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000UA.job
[2011/04/20 18:54:25 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000Core.job
[2011/04/19 11:28:19 | 000,001,620 | ---- | C] () -- C:\Users\Public\Desktop\Boonka.lnk
[2011/04/19 11:05:15 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NST\0102000.006\isolate.ini
[2011/04/18 19:07:16 | 000,000,647 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Bejeweled 3.lnk
[2011/04/16 21:14:12 | 000,000,517 | ---- | C] () -- C:\Users\Public\Desktop\IrisOnline.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | C] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/04/16 20:11:15 | 000,001,595 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
[2011/04/16 14:10:50 | 000,000,820 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/10 19:01:09 | 000,001,678 | ---- | C] () -- C:\Users\Public\Desktop\Ballistik.lnk
[2011/04/10 08:31:13 | 000,000,094 | -H-- | C] () -- C:\Windows\System32\spv1_WCssg.ini
[2011/04/09 13:23:49 | 000,096,768 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 10 quiz.wbk
[2011/03/25 20:54:32 | 000,000,177 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\prefs.bin
[2011/03/25 20:51:11 | 000,000,299 | ---- | C] () -- C:\Windows\EReg515.dat
[2011/03/25 20:47:04 | 000,000,157 | ---- | C] () -- C:\Windows\disney.ini
[2011/03/25 20:46:56 | 000,000,189 | ---- | C] () -- C:\Windows\disneysy.ini
[2011/03/02 20:37:04 | 000,000,049 | ---- | C] () -- C:\Windows\GSTAR.INI
[2011/03/02 20:29:11 | 000,000,077 | ---- | C] () -- C:\Windows\WinFrotz.INI
[2011/01/07 19:05:48 | 000,000,524 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010/11/25 22:19:35 | 000,003,584 | ---- | C] () -- C:\Windows\System32\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/11 17:31:41 | 000,352,648 | ---- | C] () -- C:\Windows\System32\SysCheck2.dll
[2010/10/02 22:27:58 | 000,138,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/10/02 22:27:57 | 000,138,056 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\PnkBstrK.sys
[2010/10/02 22:27:42 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/10/02 22:27:35 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/10/02 22:27:29 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010/09/09 15:17:38 | 000,000,112 | ---- | C] () -- C:\ProgramData\s2jCFlE77.dat
[2010/09/05 18:47:10 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010/08/14 15:47:00 | 000,074,752 | ---- | C] () -- C:\Windows\System32\CLEyeDevices.dll
[2010/08/09 19:44:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\BSPRINT.INI
[2010/08/05 13:38:21 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/07/05 16:20:32 | 000,000,025 | ---- | C] () -- C:\Windows\OverlayXP.ini
[2010/07/02 17:33:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/22 13:52:28 | 000,001,056 | ---- | C] () -- C:\Windows\System32\bscs.ini
[2010/06/16 20:19:00 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys
[2010/05/27 07:00:04 | 000,077,824 | ---- | C] () -- C:\Windows\System32\CamTraxAPI.dll
[2010/05/18 08:46:10 | 000,052,114 | ---- | C] () -- C:\Windows\System32\ptun.exe
[2010/05/17 17:19:34 | 000,005,025 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\Temp17.html
[2010/05/17 17:03:13 | 000,001,293 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\Temp1.html
[2010/04/27 10:43:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BsMobileCSps.dll
[2010/04/17 12:12:31 | 000,000,256 | ---- | C] () -- C:\Windows\usbfhom.dll
[2010/04/17 09:00:34 | 000,002,753 | ---- | C] () -- C:\Windows\System32\wbers.dat
[2010/04/16 13:26:30 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/04/15 20:10:31 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010/04/09 20:03:10 | 000,000,037 | ---- | C] () -- C:\Windows\marscam.ini
[2010/04/06 18:33:10 | 000,025,864 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/02/09 10:14:31 | 000,205,208 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/02/09 10:10:27 | 000,205,208 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/02/08 15:45:53 | 000,000,250 | ---- | C] () -- C:\Windows\gmer.ini
[2010/02/08 15:45:49 | 000,585,791 | ---- | C] () -- C:\Windows\gmer.dll
[2010/02/08 15:45:49 | 000,581,632 | ---- | C] () -- C:\Windows\gmer.exe
[2010/01/22 10:04:30 | 000,081,920 | ---- | C] () -- C:\Windows\System32\BsVistaCommon.dll
[2009/12/05 14:32:17 | 000,000,101 | ---- | C] () -- C:\Windows\PowerPlugs Player.INI
[2009/12/05 14:19:52 | 000,000,025 | ---- | C] () -- C:\Windows\System32\WinPPAddress.ini
[2009/12/05 14:18:05 | 000,131,072 | ---- | C] () -- C:\Windows\System32\TransSaveStatus.dll
[2009/12/05 14:17:47 | 000,000,832 | ---- | C] () -- C:\Windows\TransMusicClips.ini
[2009/10/18 16:38:02 | 000,044,544 | ---- | C] () -- C:\Windows\System32\ANIGIF.DLL
[2009/10/16 18:22:26 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/10/03 20:22:16 | 000,174,860 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/09/21 18:26:09 | 000,001,361 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2009/09/20 20:39:15 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009/09/10 19:06:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/10 19:06:10 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/10 19:05:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/23 11:17:25 | 000,008,592 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\d3d9caps.dat
[2009/08/05 08:15:26 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/30 21:07:12 | 000,000,019 | ---- | C] () -- C:\Windows\KNP.INI
[2009/07/15 19:29:19 | 000,025,205 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\UserTile.png
[2009/07/08 18:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2009/06/29 18:33:18 | 000,000,930 | ---- | C] () -- C:\Windows\WININIT.INI
[2009/06/29 18:33:14 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2009/06/14 13:42:16 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2009/06/08 21:15:25 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/06/08 21:07:20 | 000,079,872 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/08 21:06:33 | 000,000,000 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\wklnhst.dat
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/02/18 23:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,388,072 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:35:28 | 000,000,041 | ---- | C] () -- C:\Windows\System32\mqtgsvc.exe.cfg
[2006/11/02 03:33:01 | 000,791,742 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,173,926 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/11 00:18:48 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2001/10/12 10:58:20 | 000,028,672 | ---- | C] () -- C:\Windows\System32\mr310exd.dll
[2001/10/12 10:57:18 | 000,036,864 | ---- | C] () -- C:\Windows\System32\mr310exv.dll
[2000/12/07 10:13:58 | 000,015,164 | ---- | C] () -- C:\Windows\mr310twc.ini

========== LOP Check ==========

dozzyo9080 · May 8, 2011

OTL.Txt (3)

[2011/04/24 19:39:32 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\.minecraft
[2010/03/13 11:58:40 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\4Media Software Studio
[2010/02/28 19:24:44 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\acccore
[2011/05/06 19:10:29 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Acoustica
[2010/06/16 19:29:59 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Armagetron
[2009/06/07 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Atari
[2011/01/26 21:41:12 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Audacity
[2011/03/25 22:07:37 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Austin Hibbs
[2011/05/07 17:13:19 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Azureus
[2011/04/12 19:41:56 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Beat Hazard
[2011/02/10 14:31:17 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\BitComet
[2011/02/10 14:11:04 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\BitTorrent
[2010/09/05 14:06:51 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Blender Foundation
[2011/05/01 17:44:02 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\BOXEE
[2010/09/19 11:15:02 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Broken Rules
[2010/10/03 21:46:58 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/03/10 21:18:33 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\com.adobe.ExMan
[2010/03/09 21:01:23 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\com.dz.DeskTube.DC1B0EDA241604E0F9349CA56BDAFF9C08B50063.1
[2009/11/25 20:39:23 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1
[2011/03/29 17:51:29 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\CoSoSys
[2010/01/03 21:31:41 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Crayon Physics Deluxe
[2010/02/05 17:56:55 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\DNA
[2011/04/11 21:13:10 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\funkitron
[2010/07/09 20:00:35 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Gizmoz
[2010/08/05 18:15:08 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Hide IP NG
[2010/08/06 17:37:27 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\HideIPEasy
[2010/03/06 13:00:06 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\HTML Executable
[2010/04/05 19:25:20 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\ICAClient
[2009/11/16 20:02:59 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Ideas From the Deep
[2011/04/16 16:19:50 | 000,000,000 | -H-D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\ijjigame
[2010/08/09 14:18:27 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\IObit
[2009/08/10 19:27:46 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\iWin
[2010/08/23 19:35:36 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\JGoodies
[2010/10/22 20:05:37 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Lost Marble
[2010/02/28 22:32:17 | 000,000,000 | -HSD | M] -- C:\Users\Austin ROCKS\AppData\Roaming\lowsec
[2009/06/09 18:52:24 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Ludia
[2010/09/19 18:07:39 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\MotioninJoy
[2010/08/13 16:22:21 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Notepad++
[2009/11/26 20:34:17 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\NPLUTO Corporation
[2009/08/17 06:46:42 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Ohana Games
[2009/10/16 18:25:30 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Opera
[2010/03/29 16:45:56 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\OVData
[2010/09/18 13:10:20 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\PACE Anti-Piracy
[2009/07/15 19:29:19 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\PeerNetworking
[2010/04/18 15:59:18 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\PlayFirst
[2010/11/11 12:08:12 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Radical Software Ltd
[2010/09/09 14:48:11 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Raptr
[2011/01/10 23:45:41 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Rovio
[2010/03/13 16:51:46 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Sony
[2010/03/13 16:43:10 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Sony Setup
[2010/05/17 09:40:28 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\SpeedBit
[2010/10/04 20:25:23 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/10/22 19:05:47 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Stardock
[2011/05/06 19:50:53 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\SynthMaker
[2009/10/08 20:13:07 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Template
[2011/04/24 19:14:57 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\TuneUpMedia
[2009/07/19 10:43:18 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Unity
[2011/05/08 14:21:43 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\uTorrent
[2010/10/22 21:51:13 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Verbot5
[2009/11/15 14:49:17 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\WildTangent
[2011/05/08 17:07:52 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/05/08 16:01:17 | 000,000,406 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AEE52817-BCA4-4726-894D-DCF29517B5AB}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006/09/18 14:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/09/10 09:21:36 | 000,002,203 | ---- | M] () -- C:\bdlog.txt
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/09/04 18:09:20 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/05/08 17:17:39 | 000,136,258 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/03/02 20:11:05 | 000,000,132 | ---- | M] () -- C:\Delapp.bat
[2009/07/30 21:07:06 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/29 18:05:30 | 000,000,716 | -H-- | M] () -- C:\IPH.PH
[2008/09/04 18:06:23 | 000,000,165 | ---- | M] () -- C:\Labelprint.log
[2009/07/30 21:07:06 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/08 14:49:13 | 007,315,936 | ---- | M] (Microsoft Corporation) -- C:\mse.exe
[2009/11/20 14:31:37 | 000,012,342 | ---- | M] () -- C:\newhead.bmp
[2010/03/13 17:32:18 | 000,000,596 | ---- | M] () -- C:\nsinst.log
[2009/07/12 21:20:03 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2009/07/12 21:20:03 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2009/07/12 21:20:03 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2009/07/12 21:20:03 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{0dc3028f-6f0c-11de-8c43-001d72b1eb83}.TM.blf
[2009/07/12 21:20:03 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{0dc3028f-6f0c-11de-8c43-001d72b1eb83}.TMContainer00000000000000000001.regtrans-ms
[2009/07/12 21:20:03 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{0dc3028f-6f0c-11de-8c43-001d72b1eb83}.TMContainer00000000000000000002.regtrans-ms
[2011/05/08 17:09:04 | 2191,319,040 | -HS- | M] () -- C:\pagefile.sys
[2006/10/11 00:20:29 | 000,000,163 | ---- | M] () -- C:\power2go.log
[2011/03/25 22:39:14 | 000,000,000 | ---- | M] () -- C:\report.txt
[2008/09/04 17:50:24 | 000,000,520 | ---- | M] () -- C:\RHDSetup.log
[2011/04/23 18:16:44 | 000,130,628 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_23.04.2011_18.14.36_log.txt

< %systemroot%\Fonts\*.com >
[2006/11/02 05:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 05:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 05:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/09/13 14:18:43 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 14:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 05:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2009/07/10 13:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2009/09/17 19:27:03 | 000,001,634 | -H-- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2010/03/04 22:44:37 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/20 20:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 20:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 20:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 03:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 03:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >
[2010/12/11 16:33:40 | 000,002,850 | ---- | M] () -- C:\Windows\System32\scratchthumbs.db

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/03/26 14:24:26 | 000,000,446 | -HS- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/05/08 14:08:13 | 004,343,905 | R--- | M] () -- C:\Users\Austin ROCKS\Desktop\ComboFix.exe
[2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
[2010/09/01 15:33:49 | 000,083,968 | ---- | M] (eSage Lab) -- C:\Users\Austin ROCKS\Desktop\remover.exe
[2009/09/08 17:09:45 | 001,649,152 | ---- | M] (Macromedia, Inc.) -- C:\Users\Austin ROCKS\Desktop\The N Game.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >
[2010/04/09 20:12:46 | 000,012,106 | ---- | M] () -- C:\Windows\mr310twc.src

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2011/02/21 14:56:32 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2011/02/21 14:56:03 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2010/09/06 08:45:24 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2010/09/06 08:45:24 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2011/02/21 14:56:03 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/06/07 15:18:43 | 000,000,402 | -HS- | M] () -- C:\Users\Austin ROCKS\Favorites\desktop.ini
[2011/05/07 15:31:08 | 000,000,358 | ---- | M] () -- C:\Users\Austin ROCKS\Favorites\PSPVC PSP Video Converter.lnk
[2011/05/07 15:31:08 | 000,000,358 | ---- | M] () -- C:\Users\Austin ROCKS\Favorites\PSPVC on Twitter.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2009/06/14 13:42:16 | 000,005,115 | ---- | M] () -- C:\ProgramData\N360BUOptions.ini
[2011/05/08 17:09:13 | 000,205,208 | ---- | M] () -- C:\ProgramData\nvModes.001

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Files - Unicode (All) ==========
[2010/04/23 18:47:42 | 000,000,000 | ---D | M](C:\Users\Austin ROCKS\Favorites\??sorted Bookmarks) -- C:\Users\Austin ROCKS\Favorites\륈ƣsorted Bookmarks

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\AppPatch\Custom\Custom] -> \Device\__max++>\^ -> Mount

dozzyo9080 · May 8, 2011

OTL.Txt (4)

Point
[C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22EE.tmp\ZAP22EE.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp\ZAP2DF2.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp\ZAP5C42.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp\ZAP81A.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC86D.tmp\ZAPC86D.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp\ZAPE752.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp\ZAPEEF0.tmp] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\assembly\tmp\tmp] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ehome\CreateDisc\style\style] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ftpcache\ftpcache] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Globalization\Globalization] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Help\Corporate\Corporate] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\12.0.6425] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\12.0.6425] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\12.0.6425] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\0B739D9D248E031459889B848E6709A4\10.0.1600\10.0.1600] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\108B43C0CEA676640B35306AE7D24051\1.0.0\1.0.0] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A2100000030\8.1.2\8.1.2] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\8F93D65EF9A24B440B867AE2540A376E\4.31.9\4.31.9] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\D55AEDAA438CBCB4893AB4D8C1814FEE\2.6.0\2.6.0] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\LiveKernelReports\LiveKernelReports] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Microsoft.NET\authman\authman] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ModemLogs\ModemLogs] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\nap\configuration\configuration] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Panther\setup.exe\setup.exe] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\PCHEALTH\ERRORREP\QHEADLES\QHEADLES] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\PCHEALTH\ERRORREP\QSIGNOFF\QSIGNOFF] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\PLA\Templates\Templates] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\registration\CRMLog\CRMLog] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SchCache\SchCache] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\security\templates\templates] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm\PnrpSqm] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\Tfs_DAV] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Media Center Programs\Media Center Programs] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\Description Documents\Description Documents] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Recent\Recent] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\Templates] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\Desktop\Desktop] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\Documents\Documents] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\Downloads\Downloads] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\Favorites\Favorites] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\Links\Links] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\Music\Music] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\Pictures\Pictures] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\Saved Games\Saved Games] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\LocalService\Videos\Videos] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\SCPD\SCPD] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Zune\NSS\1.0\SCPD\SCPD] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Media Center Programs\Media Center Programs] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Crypto\Keys\Keys] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Recent\Recent] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\Templates] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\Desktop\Desktop] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\Documents\Documents] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\Downloads\Downloads] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\Favorites\Favorites] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\Links\Links] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\Music\Music] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\Pictures\Pictures] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\Saved Games\Saved Games] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\ServiceProfiles\NetworkService\Videos\Videos] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\AuthCabs\Downloaded\Downloaded] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\AuthCabs\Redir\9482F4B4-E343-43B6-B170-9A65BC822C77\9482F4B4-E343-43B6-B170-9A65BC822C77] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.16922_none_c5603d92a849343f\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.16922_none_c5603d92a849343f] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.21122_none_c5e9b27fc167074b\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.21122_none_c5e9b27fc167074b] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.18326_none_c74a7d60a56c2a8c\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.18326_none_c74a7d60a56c2a8c] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.22515_none_c7ddebb3be829235\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.22515_none_c7ddebb3be829235] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.18106_none_c9469106a28244f5\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.18106_none_c9469106a28244f5] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.22218_none_c9c75e79bba6335e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.22218_none_c9c75e79bba6335e] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6000.21125_none_395fe8aa98b803ee\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6000.21125_none_395fe8aa98b803ee] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6001.22518_none_3b5421de95d38ed8\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6001.22518_none_3b5421de95d38ed8] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6002.22223_none_3d2ac2689306813a\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6002.22223_none_3d2ac2689306813a] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.16926_none_7abd15c3656ef988\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.16926_none_7abd15c3656ef988] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.21125_none_7b458a667e8db33d\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.21125_none_7b458a667e8db33d] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.18330_none_7c9282c162a30e60\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.18330_none_7c9282c162a30e60] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.22518_none_7d39c39a7ba93e27\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.22518_none_7d39c39a7ba93e27] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.18111_none_7e8f96b15fb84220\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.18111_none_7e8f96b15fb84220] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.22223_none_7f10642478dc3089\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.22223_none_7f10642478dc3089] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6001.22522_none_044c3353295315ad\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6001.22522_none_044c3353295315ad] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.16927_none_d7f7c2a8f95f038d\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.16927_none_d7f7c2a8f95f038d] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.21127_none_d8813796127cd699\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.21127_none_d8813796127cd699] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.18331_none_d9cd2fa6f6931865\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.18331_none_d9cd2fa6f6931865] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.22522_none_da629e8e0fa7b2bc\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.22522_none_da629e8e0fa7b2bc] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.18112_none_dbca4396f3a84c25\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.18112_none_dbca4396f3a84c25] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.22225_none_dc4c11540ccb53e5\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.22225_none_dc4c11540ccb53e5] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.16838_none_f831274072c7bd51\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.16838_none_f831274072c7bd51] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.21033_none_f8b59abb8bea11aa\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.21033_none_f8b59abb8bea11aa] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.18234_none_fa1364be6ff1e8e6\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.18234_none_fa1364be6ff1e8e6] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.22403_none_fabc72e988f818ad\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.22403_none_fabc72e988f818ad] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.18034_none_fbf9d88c6d183b31\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.18034_none_fbf9d88c6d183b31] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.22131_none_fc80747986388ef6\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.22131_none_fc80747986388ef6] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18828_none_1f9f0ad307e417b8\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18828_none_1f9f0ad307e417b8] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.22918_none_2033778a20f99b91\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.22918_none_2033778a20f99b91] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18828_none_df29752df0984135\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18828_none_df29752df0984135] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22918_none_dfbde1e509adc50e\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22918_none_dfbde1e509adc50e] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18828_none_477df2c3c3f546b9\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18828_none_477df2c3c3f546b9] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22918_none_48125f7add0aca92\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22918_none_48125f7add0aca92] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18828_none_730a6a836066d9d5\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18828_none_730a6a836066d9d5] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.22918_none_739ed73a797c5dae\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.22918_none_739ed73a797c5dae] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18828_none_2a68b619b00f4043\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18828_none_2a68b619b00f4043] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.22918_none_2afd22d0c924c41c\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.22918_none_2afd22d0c924c41c] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18828_none_fe6d9ff4cfd2c3a3\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18828_none_fe6d9ff4cfd2c3a3] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.22918_none_ff020cabe8e8477c\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.22918_none_ff020cabe8e8477c] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\PostRebootEventCache\PostRebootEventCache] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\SoftwareDistribution\ScanFile\ScanFile] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\Sun\Java\Deployment\Deployment] -> \Device\__max++>\^ -> Mount Point
[C:\Windows\winsxs\InstallTemp\InstallTemp] -> \Device\__max++>\^ -> Mount Point

========== Alternate Data Streams ==========

@Alternate Data Stream - 994 bytes -> C:\ProgramData\Microsoft:OLBKRfpNXStKMvDk6t12iFptILL
@Alternate Data Stream - 961 bytes -> C:\ProgramData\Microsoft:kKyVfD2bYcajNCyAYux48yji
@Alternate Data Stream - 244 bytes -> C:\ProgramData\TEMP

78A4613
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:CD060F93
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:302A9871
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:22741C1F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP

1B5B4F1
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0
@Alternate Data Stream - 1144 bytes -> C:\Users\Austin ROCKS\AppData\Local\KL5lm5EnlueG3p:6ZOYIgRlPoX9xGy5wccVGUNogb
@Alternate Data Stream - 1124 bytes -> C:\Program Files\Common Files\microsoft shared:Ob1lGszUA7B3UAbkVzUXdVbrPj
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP

13A698F

< End of report >

dozzyo9080 · May 8, 2011

is there any more logfiles?

Broni · May 8, 2011

I would prefer to attach these logfiles because they are very long.

I would not.

is there any more logfiles?

We can't stop until we know for sure, your computer is totally clean.
Do you want to have computer half-clean and come back here two days later?
I guess not.

On a top of everything, you're infected with "max++"

Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK.

"%userprofile%\desktop\win32kdiag.exe" -f -r

When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

dozzyo9080 · May 8, 2011

Win32kDiag

Running from: C:\Users\Austin ROCKS\Desktop\win32kdiag.exe

Log file at : C:\Users\Austin ROCKS\Desktop\Win32kDiag.txt

Removing all found mount points.

Attempting to reset file permissions.

WARNING: Could not get backup privileges!

Searching 'C:\Windows'...

Found mount point : C:\Windows\AppPatch\Custom\Custom

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\AppPatch\Custom\Custom

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22EE.tmp\ZAP22EE.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22EE.tmp\ZAP22EE.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp\ZAP2DF2.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp\ZAP2DF2.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp\ZAP5C42.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp\ZAP5C42.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp\ZAP81A.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp\ZAP81A.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC86D.tmp\ZAPC86D.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC86D.tmp\ZAPC86D.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp\ZAPE752.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp\ZAPE752.tmp

Found mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp\ZAPEEF0.tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp\ZAPEEF0.tmp

Found mount point : C:\Windows\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\assembly\tmp\tmp

Cannot access: C:\Windows\bthservsdp.dat

Attempting to restore permissions of : C:\Windows\bthservsdp.dat

Found mount point : C:\Windows\ehome\CreateDisc\style\style

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ehome\CreateDisc\style\style

Found mount point : C:\Windows\ftpcache\ftpcache

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ftpcache\ftpcache

Found mount point : C:\Windows\Globalization\Globalization

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Globalization\Globalization

Found mount point : C:\Windows\Help\Corporate\Corporate

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Help\Corporate\Corporate

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\12.0.6425

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\12.0.6425

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\00002109511090400000000000F01FEC\12.0.4518\12.0.4518

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\12.0.6425

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.6425\12.0.6425

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\12.0.6425

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\00002159FA0090400000000000F01FEC\12.0.6425\12.0.6425

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\0B739D9D248E031459889B848E6709A4\10.0.1600\10.0.1600

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\0B739D9D248E031459889B848E6709A4\10.0.1600\10.0.1600

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\108B43C0CEA676640B35306AE7D24051\1.0.0\1.0.0

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\108B43C0CEA676640B35306AE7D24051\1.0.0\1.0.0

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A2100000030\8.1.2\8.1.2

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7448A2100000030\8.1.2\8.1.2

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\8F93D65EF9A24B440B867AE2540A376E\4.31.9\4.31.9

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\8F93D65EF9A24B440B867AE2540A376E\4.31.9\4.31.9

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\D55AEDAA438CBCB4893AB4D8C1814FEE\2.6.0\2.6.0

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\D55AEDAA438CBCB4893AB4D8C1814FEE\2.6.0\2.6.0

Found mount point : C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0\1.0.0

Found mount point : C:\Windows\LiveKernelReports\LiveKernelReports

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\LiveKernelReports\LiveKernelReports

Found mount point : C:\Windows\Microsoft.NET\authman\authman

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Microsoft.NET\authman\authman

Found mount point : C:\Windows\ModemLogs\ModemLogs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ModemLogs\ModemLogs

Found mount point : C:\Windows\nap\configuration\configuration

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\nap\configuration\configuration

Found mount point : C:\Windows\Panther\setup.exe\setup.exe

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Panther\setup.exe\setup.exe

Found mount point : C:\Windows\PCHEALTH\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\PCHEALTH\ERRORREP\QHEADLES\QHEADLES

Found mount point : C:\Windows\PCHEALTH\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\PCHEALTH\ERRORREP\QSIGNOFF\QSIGNOFF

Found mount point : C:\Windows\PLA\Templates\Templates

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\PLA\Templates\Templates

Found mount point : C:\Windows\registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\registration\CRMLog\CRMLog

Found mount point : C:\Windows\SchCache\SchCache

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SchCache\SchCache

Found mount point : C:\Windows\security\templates\templates

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\security\templates\templates

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm\PnrpSqm

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\PnrpSqm\PnrpSqm

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\Tfs_DAV

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\Tfs_DAV

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Media Center Programs\Media Center Programs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Media Center Programs\Media Center Programs

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\Description Documents\Description Documents

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\Description Documents\Description Documents

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Recent\Recent

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Recent\Recent

Found mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\Templates

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\Templates

Found mount point : C:\Windows\ServiceProfiles\LocalService\Desktop\Desktop

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\Desktop\Desktop

Found mount point : C:\Windows\ServiceProfiles\LocalService\Documents\Documents

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\Documents\Documents

Found mount point : C:\Windows\ServiceProfiles\LocalService\Downloads\Downloads

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\Downloads\Downloads

Found mount point : C:\Windows\ServiceProfiles\LocalService\Favorites\Favorites

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\Favorites\Favorites

Found mount point : C:\Windows\ServiceProfiles\LocalService\Links\Links

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\Links\Links

Found mount point : C:\Windows\ServiceProfiles\LocalService\Music\Music

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\Music\Music

Found mount point : C:\Windows\ServiceProfiles\LocalService\Pictures\Pictures

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\Pictures\Pictures

Found mount point : C:\Windows\ServiceProfiles\LocalService\Saved Games\Saved Games

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\Saved Games\Saved Games

Found mount point : C:\Windows\ServiceProfiles\LocalService\Videos\Videos

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\LocalService\Videos\Videos

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\GameExplorer\GameExplorer

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\SCPD\SCPD

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\SCPD\SCPD

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Zune\NSS\1.0\SCPD\SCPD

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Zune\NSS\1.0\SCPD\SCPD

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Media Center Programs\Media Center Programs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Media Center Programs\Media Center Programs

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Crypto\Keys\Keys

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Crypto\Keys\Keys

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Quick Launch

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\Certificates

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\CRLs

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\CTLs

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Network Shortcuts

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Printer Shortcuts\Printer Shortcuts

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Recent\Recent

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Recent\Recent

Found mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\Templates

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\Templates

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Desktop\Desktop

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\Desktop\Desktop

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Documents\Documents

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\Documents\Documents

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Downloads\Downloads

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\Downloads\Downloads

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Favorites\Favorites

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\Favorites\Favorites

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Links\Links

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\Links\Links

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Music\Music

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\Music\Music

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Pictures\Pictures

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\Pictures\Pictures

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Saved Games\Saved Games

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\Saved Games\Saved Games

Found mount point : C:\Windows\ServiceProfiles\NetworkService\Videos\Videos

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\ServiceProfiles\NetworkService\Videos\Videos

Found mount point : C:\Windows\SoftwareDistribution\AuthCabs\Downloaded\Downloaded

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\AuthCabs\Downloaded\Downloaded

Found mount point : C:\Windows\SoftwareDistribution\AuthCabs\Redir\9482F4B4-E343-43B6-B170-9A65BC822C77\9482F4B4-E343-43B6-B170-9A65BC822C77

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\AuthCabs\Redir\9482F4B4-E343-43B6-B170-9A65BC822C77\9482F4B4-E343-43B6-B170-9A65BC822C77

Found mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.16922_none_c5603d92a849343f\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.16922_none_c5603d92a849343f

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.16922_none_c5603d92a849343f\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.16922_none_c5603d92a849343f

Found mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.21122_none_c5e9b27fc167074b\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.21122_none_c5e9b27fc167074b

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.21122_none_c5e9b27fc167074b\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6000.21122_none_c5e9b27fc167074b

Found mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.18326_none_c74a7d60a56c2a8c\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.18326_none_c74a7d60a56c2a8c

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.18326_none_c74a7d60a56c2a8c\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.18326_none_c74a7d60a56c2a8c

Found mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.22515_none_c7ddebb3be829235\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.22515_none_c7ddebb3be829235

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.22515_none_c7ddebb3be829235\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6001.22515_none_c7ddebb3be829235

Found mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.18106_none_c9469106a28244f5\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.18106_none_c9469106a28244f5

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.18106_none_c9469106a28244f5\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.18106_none_c9469106a28244f5

Found mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.22218_none_c9c75e79bba6335e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.22218_none_c9c75e79bba6335e

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\048167a0e1ade3ad1df23834faa1532e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.22218_none_c9c75e79bba6335e\x86_microsoft-windows-msasn1_31bf3856ad364e35_6.0.6002.22218_none_c9c75e79bba6335e

Found mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16901_none_6a4b28f6b6fb9243

Found mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21101_none_6ad49de3d019654f

Found mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18304_none_6c34687ab41f6f39

Found mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22489_none_6c6c8757cd796d3e

Found mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18082_none_6dc25a6eb1887137

Found mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\1a0b7baeebffa6ce5672fb92bf0f43c5\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22191_none_6e402703caaf139b

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6000.21125_none_395fe8aa98b803ee\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6000.21125_none_395fe8aa98b803ee

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6000.21125_none_395fe8aa98b803ee\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6000.21125_none_395fe8aa98b803ee

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6001.22518_none_3b5421de95d38ed8\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6001.22518_none_3b5421de95d38ed8

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6001.22518_none_3b5421de95d38ed8\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6001.22518_none_3b5421de95d38ed8

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6002.22223_none_3d2ac2689306813a\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6002.22223_none_3d2ac2689306813a

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6002.22223_none_3d2ac2689306813a\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6002.22223_none_3d2ac2689306813a

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.16926_none_7abd15c3656ef988\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.16926_none_7abd15c3656ef988

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.16926_none_7abd15c3656ef988\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.16926_none_7abd15c3656ef988

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.21125_none_7b458a667e8db33d\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.21125_none_7b458a667e8db33d

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.21125_none_7b458a667e8db33d\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.21125_none_7b458a667e8db33d

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.18330_none_7c9282c162a30e60\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.18330_none_7c9282c162a30e60

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.18330_none_7c9282c162a30e60\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.18330_none_7c9282c162a30e60

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.22518_none_7d39c39a7ba93e27\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.22518_none_7d39c39a7ba93e27

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.22518_none_7d39c39a7ba93e27\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.22518_none_7d39c39a7ba93e27

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.18111_none_7e8f96b15fb84220\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.18111_none_7e8f96b15fb84220

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.18111_none_7e8f96b15fb84220\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.18111_none_7e8f96b15fb84220

Found mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.22223_none_7f10642478dc3089\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.22223_none_7f10642478dc3089

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\b3da37d1490a6f1e10a887a163a78ba5\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.22223_none_7f10642478dc3089\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.22223_none_7f10642478dc3089

Found mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6001.22522_none_044c3353295315ad\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6001.22522_none_044c3353295315ad

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6001.22522_none_044c3353295315ad\x86_microsoft-windows-smbserver-common_31bf3856ad364e35_6.0.6001.22522_none_044c3353295315ad

Found mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.16927_none_d7f7c2a8f95f038d\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.16927_none_d7f7c2a8f95f038d

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.16927_none_d7f7c2a8f95f038d\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.16927_none_d7f7c2a8f95f038d

Found mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.21127_none_d8813796127cd699\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.21127_none_d8813796127cd699

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.21127_none_d8813796127cd699\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6000.21127_none_d8813796127cd699

Found mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.18331_none_d9cd2fa6f6931865\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.18331_none_d9cd2fa6f6931865

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.18331_none_d9cd2fa6f6931865\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.18331_none_d9cd2fa6f6931865

Found mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.22522_none_da629e8e0fa7b2bc\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.22522_none_da629e8e0fa7b2bc

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.22522_none_da629e8e0fa7b2bc\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6001.22522_none_da629e8e0fa7b2bc

Found mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.18112_none_dbca4396f3a84c25\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.18112_none_dbca4396f3a84c25

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.18112_none_dbca4396f3a84c25\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.18112_none_dbca4396f3a84c25

Found mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.22225_none_dc4c11540ccb53e5\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.22225_none_dc4c11540ccb53e5

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\e299352e102f0c24faf167d1ff954d68\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.22225_none_dc4c11540ccb53e5\x86_microsoft-windows-smbserver-v2_31bf3856ad364e35_6.0.6002.22225_none_dc4c11540ccb53e5

Found mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.16838_none_f831274072c7bd51\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.16838_none_f831274072c7bd51

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.16838_none_f831274072c7bd51\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.16838_none_f831274072c7bd51

Found mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.21033_none_f8b59abb8bea11aa\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.21033_none_f8b59abb8bea11aa

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.21033_none_f8b59abb8bea11aa\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6000.21033_none_f8b59abb8bea11aa

Found mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.18234_none_fa1364be6ff1e8e6\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.18234_none_fa1364be6ff1e8e6

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.18234_none_fa1364be6ff1e8e6\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.18234_none_fa1364be6ff1e8e6

Found mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.22403_none_fabc72e988f818ad\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.22403_none_fabc72e988f818ad

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.22403_none_fabc72e988f818ad\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6001.22403_none_fabc72e988f818ad

Found mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.18034_none_fbf9d88c6d183b31\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.18034_none_fbf9d88c6d183b31

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.18034_none_fbf9d88c6d183b31\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.18034_none_fbf9d88c6d183b31

Found mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.22131_none_fc80747986388ef6\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.22131_none_fc80747986388ef6

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\f01c4bbfa608298ce96317823815654c\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.22131_none_fc80747986388ef6\x86_microsoft-windows-wmspdmod_31bf3856ad364e35_6.0.6002.22131_none_fc80747986388ef6

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18828_none_97be9dffeca028c3\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18828_none_97be9dffeca028c3

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18828_none_97be9dffeca028c3\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18828_none_97be9dffeca028c3

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.22918_none_98530ab705b5ac9c\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.22918_none_98530ab705b5ac9c

dozzyo9080 · May 8, 2011

Win32kDiag continued

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.22918_none_98530ab705b5ac9c\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.22918_none_98530ab705b5ac9c

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_8.0.6001.18828_none_72152c3467aecde7\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_8.0.6001.18828_none_72152c3467aecde7

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_8.0.6001.18828_none_72152c3467aecde7\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_8.0.6001.18828_none_72152c3467aecde7

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_8.0.6001.22918_none_72a998eb80c451c0\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_8.0.6001.22918_none_72a998eb80c451c0

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_8.0.6001.22918_none_72a998eb80c451c0\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_8.0.6001.22918_none_72a998eb80c451c0

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18828_none_e4c479a1b7a94f56

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22918_none_e558e658d0bed32f

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18828_none_572bf29d6d53701d\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18828_none_572bf29d6d53701d

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18828_none_572bf29d6d53701d\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18828_none_572bf29d6d53701d

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.22918_none_57c05f548668f3f6\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.22918_none_57c05f548668f3f6

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.22918_none_57c05f548668f3f6\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.22918_none_57c05f548668f3f6

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18828_none_1f9f0ad307e417b8\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18828_none_1f9f0ad307e417b8

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18828_none_1f9f0ad307e417b8\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18828_none_1f9f0ad307e417b8

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.22918_none_2033778a20f99b91\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.22918_none_2033778a20f99b91

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.22918_none_2033778a20f99b91\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.22918_none_2033778a20f99b91

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18828_none_42c21070504ca20e\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18828_none_42c21070504ca20e

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18828_none_42c21070504ca20e\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18828_none_42c21070504ca20e

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.22918_none_43567d27696225e7\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.22918_none_43567d27696225e7

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.22918_none_43567d27696225e7\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.22918_none_43567d27696225e7

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18828_none_df29752df0984135\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18828_none_df29752df0984135

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18828_none_df29752df0984135\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18828_none_df29752df0984135

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22918_none_dfbde1e509adc50e\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22918_none_dfbde1e509adc50e

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22918_none_dfbde1e509adc50e\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22918_none_dfbde1e509adc50e

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18828_none_f61e98c037ffb88c

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22918_none_f6b3057751153c65

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18828_none_730a6a836066d9d5\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18828_none_730a6a836066d9d5

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18828_none_730a6a836066d9d5\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18828_none_730a6a836066d9d5

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.22918_none_739ed73a797c5dae\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.22918_none_739ed73a797c5dae

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.22918_none_739ed73a797c5dae\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.22918_none_739ed73a797c5dae

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18828_none_2a68b619b00f4043\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18828_none_2a68b619b00f4043

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18828_none_2a68b619b00f4043\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18828_none_2a68b619b00f4043

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.22918_none_2afd22d0c924c41c\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.22918_none_2afd22d0c924c41c

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.22918_none_2afd22d0c924c41c\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.22918_none_2afd22d0c924c41c

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18828_none_123d862d2fd4be39

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22918_none_12d1f2e448ea4212

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18828_none_1a01ee5029f95321\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18828_none_1a01ee5029f95321

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18828_none_1a01ee5029f95321\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18828_none_1a01ee5029f95321

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22918_none_1a965b07430ed6fa\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22918_none_1a965b07430ed6fa

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22918_none_1a965b07430ed6fa\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22918_none_1a965b07430ed6fa

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18828_none_2a7f307da25a6db3\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18828_none_2a7f307da25a6db3

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18828_none_2a7f307da25a6db3\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18828_none_2a7f307da25a6db3

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22918_none_2b139d34bb6ff18c\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22918_none_2b139d34bb6ff18c

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22918_none_2b139d34bb6ff18c\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22918_none_2b139d34bb6ff18c

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18828_none_a8ac3b48744f86de

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22918_none_a940a7ff8d650ab7

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18828_none_fe6d9ff4cfd2c3a3\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18828_none_fe6d9ff4cfd2c3a3

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18828_none_fe6d9ff4cfd2c3a3\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18828_none_fe6d9ff4cfd2c3a3

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.22918_none_ff020cabe8e8477c\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.22918_none_ff020cabe8e8477c

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.22918_none_ff020cabe8e8477c\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.22918_none_ff020cabe8e8477c

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18828_none_477df2c3c3f546b9\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18828_none_477df2c3c3f546b9

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18828_none_477df2c3c3f546b9\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18828_none_477df2c3c3f546b9

Found mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22918_none_48125f7add0aca92\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22918_none_48125f7add0aca92

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\Download\fa8c2d28d4f83f2d821668f4c68d7ffc\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22918_none_48125f7add0aca92\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22918_none_48125f7add0aca92

Found mount point : C:\Windows\SoftwareDistribution\PostRebootEventCache\PostRebootEventCache

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\PostRebootEventCache\PostRebootEventCache

Found mount point : C:\Windows\SoftwareDistribution\ScanFile\ScanFile

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\SoftwareDistribution\ScanFile\ScanFile

Found mount point : C:\Windows\Sun\Java\Deployment\Deployment

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\Sun\Java\Deployment\Deployment

Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl

Attempting to restore permissions of : C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl

Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl

Attempting to restore permissions of : C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl

Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl

Attempting to restore permissions of : C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl

Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl

Attempting to restore permissions of : C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl

Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTkerberos.etl

Attempting to restore permissions of : C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTkerberos.etl

Found mount point : C:\Windows\winsxs\InstallTemp\InstallTemp

Mount point destination : \Device\__max++>\^

Removing mount point : C:\Windows\winsxs\InstallTemp\InstallTemp

Finished!

dozzyo9080 · May 8, 2011

I have had this problem for over three weeks now BTW. Is this a virus??

dozzyo9080 · May 8, 2011

Thank you for your help, however. I wouldn't of been able to do any of this without u. I couldn't find anything on this on other forums. This issue doesn't seem to happen to many people according to what i found searching. So thank you. I didn't mean to seem rude in my comments.

dozzyo9080 · May 8, 2011

it still is not fixed. I would like some more help please.

Broni · May 8, 2011

Good

Re-run OTL with the very same custom script as in my reply #48.
Only one log will be produced.

dozzyo9080 · May 8, 2011

OTL. Txt 2 (1)

OTL logfile created on: 5/8/2011 7:47:14 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Austin ROCKS\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 54.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 61.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 66.51 Gb Total Space | 6.66 Gb Free Space | 10.02% Space Free | Partition Type: NTFS
Drive D: | 66.54 Gb Total Space | 15.62 Gb Free Space | 23.47% Space Free | Partition Type: NTFS

Computer Name: AUSTINROCKS-PC | User Name: Austin ROCKS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
PRC - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
PRC - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/08/15 17:09:55 | 000,136,312 | ---- | M] (Google Inc.) -- C:\Users\Austin ROCKS\AppData\Local\Flock\Update\FlockUpdate.exe
PRC - [2010/05/25 11:51:02 | 000,929,792 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2010/04/27 10:44:52 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2010/04/27 10:43:26 | 000,147,563 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
PRC - [2010/01/07 15:38:08 | 005,950,704 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneNss.exe
PRC - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/06/11 11:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
PRC - [2008/01/20 19:25:07 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\inetinfo.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/12/10 20:15:00 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/01/01 14:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Austin ROCKS\AppData\Roaming\Google\Google Talk\googletalk.exe

========== Modules (SafeList) ==========

MOD - [2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2011/03/26 12:57:48 | 000,215,930 | ---- | M] () -- C:\Windows\System32\iqbfwlkqb\shim_ihfmzsso.dll
MOD - [2011/03/26 12:57:47 | 002,038,925 | ---- | M] () -- C:\Windows\System32\iqbfwlkqb\mcsc_cnawcrqc.dll
MOD - [2011/03/26 12:57:46 | 000,237,927 | ---- | M] () -- C:\Windows\System32\iqbfwlkqb\mcapp_hbdnrvkr.dll
MOD - [2010/08/31 08:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2008/01/20 19:24:46 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2008/01/20 19:23:54 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/05 18:49:17 | 003,274,328 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_3f211bc.dll -- (Akamai)
SRV - [2011/04/17 16:00:39 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/26 12:57:49 | 000,237,712 | ---- | M] () [Auto | Running] -- C:\Windows\System32\iqbfwlkqb\svcboot_qsgffroe.dll -- (svcboot_qsgffroe)
SRV - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe -- (NSL)
SRV - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/28 14:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/05/25 11:51:02 | 000,929,792 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2010/05/02 14:34:28 | 005,027,328 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files\wLite\wService.exe -- (wxpSvc)
SRV - [2010/04/27 10:44:52 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2010/04/27 10:43:26 | 000,147,563 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS)
SRV - [2010/04/21 10:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 10:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/01/07 15:38:18 | 000,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/01/07 15:38:08 | 005,950,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2009/10/11 14:03:24 | 003,319,160 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/04/10 23:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008/09/08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/06/11 11:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/01/20 19:25:27 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2008/01/20 19:25:08 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSvc)
SRV - [2008/01/20 19:25:07 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/12/10 20:15:00 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/11/02 05:36:18 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/05/08 17:40:46 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{49C29E98-6305-4BB9-80E0-B63FDF051C93}\MpKsle0125d7b.sys -- (MpKsle0125d7b)
DRV - [2010/10/24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/09/05 19:53:49 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SYSTEM32\DRIVERS\NVSTOR32.SYS -- (nvstor32)
DRV - [2010/07/28 09:13:58 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010/04/06 18:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010/04/06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010/04/06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2010/04/06 18:32:32 | 000,022,024 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcombus.sys -- (BTCOMBUS)
DRV - [2010/04/06 18:32:28 | 000,025,992 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcomport.sys -- (BTCOM)
DRV - [2010/01/12 13:03:34 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/12/23 11:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/08/21 21:24:04 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/08/13 16:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 16:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/06/17 14:02:40 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2009/04/10 21:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2009/03/30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/07 21:23:54 | 000,030,136 | ---- | M] (Resplendence Software Projects Sp.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\rspSanity32.sys -- (rspSanity)
DRV - [2009/02/27 16:50:32 | 000,499,200 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/24 04:55:50 | 000,030,464 | ---- | M] (CamTrax Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CamSpaceJoy.sys -- (CamSpaceJoy)
DRV - [2008/08/24 04:55:48 | 000,014,848 | ---- | M] (CamTrax Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CamSpaceBus.sys -- (CamSpaceBus)
DRV - [2008/06/11 11:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/03/06 15:22:24 | 000,019,456 | ---- | M] (FreeBT (www.freebt.net)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fbtusb.sys -- (FreeBT)
DRV - [2008/01/28 22:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/20 19:25:19 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2008/01/20 19:23:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007/10/12 01:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/04/16 10:28:02 | 000,194,362 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2004/10/24 08:11:00 | 000,028,800 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PPortJoy.sys -- (PPortJoystick)
DRV - [2004/10/24 08:11:00 | 000,013,952 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PPJoyBus.sys -- (PPJoyBus)
DRV - [2001/05/07 03:56:02 | 000,019,805 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html

IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z008&form=ZGAPHP
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 2F 4F 63 65 C2 CA 01 [binary data]
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?rls=ig"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
FF - prefs.js..extensions.enabledItems: GameTapPlayer@gametap.com:4.3.0.5908
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {203FB6B2-2E1E-4474-863B-4C483ECCE78E}:1.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: support@easy-hideip.com:1.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/08/05 13:37:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ [2011/04/19 11:05:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/05 19:49:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 14:45:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/16 16:46:52 | 000,000,000 | ---D | M]

[2010/01/09 15:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Extensions
[2011/04/16 17:14:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions
[2010/07/25 12:21:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/10 09:40:11 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2010/09/19 14:42:39 | 000,000,000 | ---D | M] (GameTap) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\GameTapPlayer@gametap.com
[2010/08/06 17:39:02 | 000,000,000 | ---D | M] (Hide IP Easy) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\support@easy-hideip.com
[2011/04/16 17:14:54 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\YPlayer@yummy.net
[2010/02/28 19:25:23 | 000,004,554 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\aim-search.xml
[2010/11/11 12:07:48 | 000,001,919 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\bing-zugo.xml
[2010/02/28 18:51:00 | 000,001,827 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\bing.xml
[2010/09/05 17:10:10 | 000,000,903 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\conduit.xml
[2011/05/01 21:23:45 | 000,001,018 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\facebook.xml
[2010/07/31 08:49:28 | 000,002,463 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\safesearch.xml
[2011/03/26 18:56:13 | 000,001,050 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\siteadvisor.xml
[2010/01/29 19:23:24 | 000,001,720 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\youtube-video-search.xml
[2011/05/07 20:51:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/05 21:19:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/04/01 14:12:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/05/07 20:51:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/05 19:49:33 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
() (No name found) -- C:\USERS\AUSTIN ROCKS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLMAA4WF.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2011/03/26 12:57:42 | 002,160,866 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\1522053.dll
[2011/04/30 14:44:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/08/24 02:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/03 15:24:34 | 001,961,984 | ---- | M] (Total Immersion) -- C:\Program Files\Mozilla Firefox\plugins\NPDFusionWebFirefox.dll
[2011/04/30 14:44:56 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2009/09/21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2011/04/16 14:11:50 | 000,001,949 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2011/05/08 17:10:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
O3 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [YouCam Mirage] D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] D:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [EADM] C:\Program Files\Electronic Arts\EADM\EADMUI\EADMUI.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [googletalk] C:\Users\Austin ROCKS\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2010/05/17 09:54:30 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (GTGina.dll) - File not found
O24 - Desktop WallPaper: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.bdmpeg - C:\Windows\System32\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.3IV2 - C:\Windows\System32\3ivxVfWCodec.dll (3ivx Technologies Pty. Ltd.)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dmb1 - m3jpeg32.dll File not found
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.MJPG - m3jpeg32.dll File not found
Drivers32: vidc.mpeg - C:\Windows\System32\bdmpegv.dll ()
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/05/08 17:50:45 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
[2011/05/08 17:17:41 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/08 17:17:41 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\temp
[2011/05/08 17:11:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/08 16:52:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/08 14:14:21 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/08 14:14:21 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/08 14:14:21 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/08 14:14:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/08 14:13:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/08 14:03:03 | 000,083,968 | ---- | C] (eSage Lab) -- C:\Users\Austin ROCKS\Desktop\remover.exe
[2011/05/07 15:48:29 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/05/07 15:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/06 19:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy
[2011/05/06 19:54:33 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\Documents\My Recordings
[2011/05/06 19:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2011/05/06 19:50:53 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\SynthMaker
[2011/05/06 19:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 5
[2011/05/06 19:10:29 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Acoustica
[2011/05/06 19:10:24 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\System32\Wnaspint.dll
[2011/05/06 18:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Mixcraft 5
[2011/05/04 20:12:00 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\vlc
[2011/05/01 17:44:02 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\BOXEE
[2011/05/01 17:44:01 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boxee
[2011/05/01 17:38:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2011/05/01 17:38:35 | 000,000,000 | ---D | C] -- C:\Program Files\Cyberlink
[2011/05/01 16:19:48 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\Documents\Avatar
[2011/05/01 15:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CL-Eye Driver
[2011/04/24 19:37:17 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\.minecraft
[2011/04/22 16:22:42 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary Build
[2011/04/21 20:21:12 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\SKIDROW
[2011/04/20 18:57:55 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/04/19 11:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boonka
[2011/04/19 11:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\Boonka
[2011/04/19 11:05:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST
[2011/04/19 11:05:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST\0102000.006
[2011/04/19 11:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Safe Web Lite
[2011/04/19 11:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011/04/18 19:36:21 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\GameHouse
[2011/04/18 19:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2011/04/18 18:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bejeweled 3
[2011/04/16 21:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2011/04/16 21:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrisOnline
[2011/04/16 18:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/04/16 18:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/04/16 16:48:02 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\DejobaansEasiest
[2011/04/12 19:36:03 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Beat Hazard
[2011/04/11 21:13:10 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\funkitron
[2011/04/10 19:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ballistik
[2011/04/10 19:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sandlot Shared
[2011/04/10 19:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Ballistik

========== Files - Modified Within 30 Days ==========

dozzyo9080 · May 8, 2011

OTL. Txt 2 (2)

[2011/05/08 19:09:17 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 19:09:17 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 19:08:05 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AEE52817-BCA4-4726-894D-DCF29517B5AB}.job
[2011/05/08 19:08:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/08 19:05:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000UA.job
[2011/05/08 18:50:43 | 000,047,616 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Win32kDiag.exe
[2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
[2011/05/08 17:11:17 | 000,205,208 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/05/08 17:10:43 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/08 17:09:36 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011/05/08 17:09:36 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/05/08 17:09:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/05/08 17:09:27 | 000,001,056 | ---- | M] () -- C:\Windows\System32\bscs.ini
[2011/05/08 17:09:25 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/08 17:09:13 | 000,205,208 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/05/08 17:09:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/08 15:05:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000Core.job
[2011/05/08 14:08:13 | 004,343,905 | R--- | M] () -- C:\Users\Austin ROCKS\Desktop\ComboFix.exe
[2011/05/08 09:41:49 | 000,001,275 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome.lnk
[2011/05/08 09:32:09 | 000,001,646 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\CamSpace.lnk
[2011/05/08 09:28:59 | 000,000,857 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\JDiskReport.lnk
[2011/05/08 09:27:35 | 000,000,517 | ---- | M] () -- C:\Users\Public\Desktop\IrisOnline.lnk
[2011/05/07 18:23:50 | 000,791,742 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/07 18:23:50 | 000,173,926 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/07 16:08:26 | 000,011,976 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\hijackthislog 5-7-11 1
[2011/05/07 15:52:22 | 000,002,497 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\HiJackThis.lnk
[2011/05/07 13:31:44 | 000,002,041 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/07 08:18:46 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/06 19:10:29 | 000,000,779 | ---- | M] () -- C:\Users\Public\Desktop\Mixcraft 5.lnk
[2011/05/06 17:38:16 | 000,008,592 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Local\d3d9caps.dat
[2011/05/06 17:38:05 | 000,000,552 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Local\d3d8caps.dat
[2011/05/05 18:20:40 | 000,134,656 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Mommy's day card.pub
[2011/05/04 20:20:07 | 000,079,872 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/01 17:38:44 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk
[2011/04/28 20:16:31 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2011/04/24 19:10:35 | 000,002,252 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
[2011/04/24 15:14:57 | 000,021,504 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Backup of Dear Mrs.wbk
[2011/04/24 13:34:22 | 000,112,659 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\i apoligize easter.jpg
[2011/04/22 16:22:46 | 000,002,081 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome Canary Build.lnk
[2011/04/22 16:22:45 | 000,002,119 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome Canary Build.lnk
[2011/04/22 10:23:14 | 000,041,472 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 11 Test.wbk
[2011/04/19 11:28:19 | 000,001,620 | ---- | M] () -- C:\Users\Public\Desktop\Boonka.lnk
[2011/04/19 10:57:28 | 000,000,045 | ---- | M] () -- C:\Users\Austin ROCKS\jagex_runescape_preferences.dat
[2011/04/18 19:07:16 | 000,000,647 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Bejeweled 3.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/04/16 14:10:50 | 000,000,832 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/16 14:10:50 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/16 10:17:26 | 000,388,072 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/10 19:01:09 | 000,001,678 | ---- | M] () -- C:\Users\Public\Desktop\Ballistik.lnk
[2011/04/10 14:39:07 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/10 08:31:13 | 000,000,094 | -H-- | M] () -- C:\Windows\System32\spv1_WCssg.ini
[2011/04/09 15:28:45 | 000,096,768 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 10 quiz.wbk
[2011/04/08 23:13:43 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll

========== Files Created - No Company Name ==========

[2011/05/08 18:50:36 | 000,047,616 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Win32kDiag.exe
[2011/05/08 14:14:21 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/08 14:14:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/08 14:14:21 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/08 14:14:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/08 14:14:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/08 14:07:48 | 004,343,905 | R--- | C] () -- C:\Users\Austin ROCKS\Desktop\ComboFix.exe
[2011/05/07 16:08:26 | 000,011,976 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\hijackthislog 5-7-11 1
[2011/05/07 15:48:29 | 000,002,497 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\HiJackThis.lnk
[2011/05/07 12:55:11 | 000,000,104 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Recycle Bin.lnk
[2011/05/06 19:10:29 | 000,000,779 | ---- | C] () -- C:\Users\Public\Desktop\Mixcraft 5.lnk
[2011/05/06 17:38:05 | 000,000,552 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\d3d8caps.dat
[2011/05/03 19:55:51 | 000,134,656 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Mommy's day card.pub
[2011/05/01 17:38:44 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk
[2011/04/24 15:14:56 | 000,021,504 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Backup of Dear Mrs.wbk
[2011/04/24 13:34:22 | 000,112,659 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\i apoligize easter.jpg
[2011/04/22 16:22:45 | 000,002,119 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome Canary Build.lnk
[2011/04/22 16:22:45 | 000,002,081 | ---- | C] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome Canary Build.lnk
[2011/04/22 10:23:14 | 000,041,472 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 11 Test.wbk
[2011/04/20 18:57:59 | 000,002,041 | ---- | C] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/20 18:57:59 | 000,001,275 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome.lnk
[2011/04/20 18:54:27 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000UA.job
[2011/04/20 18:54:25 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000Core.job
[2011/04/19 11:28:19 | 000,001,620 | ---- | C] () -- C:\Users\Public\Desktop\Boonka.lnk
[2011/04/19 11:05:15 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NST\0102000.006\isolate.ini
[2011/04/18 19:07:16 | 000,000,647 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Bejeweled 3.lnk
[2011/04/16 21:14:12 | 000,000,517 | ---- | C] () -- C:\Users\Public\Desktop\IrisOnline.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | C] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/04/16 20:11:15 | 000,001,595 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
[2011/04/16 14:10:50 | 000,000,820 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/10 19:01:09 | 000,001,678 | ---- | C] () -- C:\Users\Public\Desktop\Ballistik.lnk
[2011/04/10 08:31:13 | 000,000,094 | -H-- | C] () -- C:\Windows\System32\spv1_WCssg.ini
[2011/04/09 13:23:49 | 000,096,768 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 10 quiz.wbk
[2011/03/25 20:54:32 | 000,000,177 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\prefs.bin
[2011/03/25 20:51:11 | 000,000,299 | ---- | C] () -- C:\Windows\EReg515.dat
[2011/03/25 20:47:04 | 000,000,157 | ---- | C] () -- C:\Windows\disney.ini
[2011/03/25 20:46:56 | 000,000,189 | ---- | C] () -- C:\Windows\disneysy.ini
[2011/03/02 20:37:04 | 000,000,049 | ---- | C] () -- C:\Windows\GSTAR.INI
[2011/03/02 20:29:11 | 000,000,077 | ---- | C] () -- C:\Windows\WinFrotz.INI
[2011/01/07 19:05:48 | 000,000,524 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010/11/25 22:19:35 | 000,003,584 | ---- | C] () -- C:\Windows\System32\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/11 17:31:41 | 000,352,648 | ---- | C] () -- C:\Windows\System32\SysCheck2.dll
[2010/10/02 22:27:58 | 000,138,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/10/02 22:27:57 | 000,138,056 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\PnkBstrK.sys
[2010/10/02 22:27:42 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/10/02 22:27:35 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/10/02 22:27:29 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010/09/09 15:17:38 | 000,000,112 | ---- | C] () -- C:\ProgramData\s2jCFlE77.dat
[2010/09/05 18:47:10 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010/08/14 15:47:00 | 000,074,752 | ---- | C] () -- C:\Windows\System32\CLEyeDevices.dll
[2010/08/09 19:44:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\BSPRINT.INI
[2010/08/05 13:38:21 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/07/05 16:20:32 | 000,000,025 | ---- | C] () -- C:\Windows\OverlayXP.ini
[2010/07/02 17:33:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/22 13:52:28 | 000,001,056 | ---- | C] () -- C:\Windows\System32\bscs.ini
[2010/06/16 20:19:00 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys
[2010/05/27 07:00:04 | 000,077,824 | ---- | C] () -- C:\Windows\System32\CamTraxAPI.dll
[2010/05/18 08:46:10 | 000,052,114 | ---- | C] () -- C:\Windows\System32\ptun.exe
[2010/05/17 17:19:34 | 000,005,025 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\Temp17.html
[2010/05/17 17:03:13 | 000,001,293 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\Temp1.html
[2010/04/27 10:43:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BsMobileCSps.dll
[2010/04/17 12:12:31 | 000,000,256 | ---- | C] () -- C:\Windows\usbfhom.dll
[2010/04/17 09:00:34 | 000,002,753 | ---- | C] () -- C:\Windows\System32\wbers.dat
[2010/04/16 13:26:30 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/04/15 20:10:31 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010/04/09 20:03:10 | 000,000,037 | ---- | C] () -- C:\Windows\marscam.ini
[2010/04/06 18:33:10 | 000,025,864 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/02/09 10:14:31 | 000,205,208 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/02/09 10:10:27 | 000,205,208 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/02/08 15:45:53 | 000,000,250 | ---- | C] () -- C:\Windows\gmer.ini
[2010/02/08 15:45:49 | 000,585,791 | ---- | C] () -- C:\Windows\gmer.dll
[2010/02/08 15:45:49 | 000,581,632 | ---- | C] () -- C:\Windows\gmer.exe
[2010/01/22 10:04:30 | 000,081,920 | ---- | C] () -- C:\Windows\System32\BsVistaCommon.dll
[2009/12/05 14:32:17 | 000,000,101 | ---- | C] () -- C:\Windows\PowerPlugs Player.INI
[2009/12/05 14:19:52 | 000,000,025 | ---- | C] () -- C:\Windows\System32\WinPPAddress.ini
[2009/12/05 14:18:05 | 000,131,072 | ---- | C] () -- C:\Windows\System32\TransSaveStatus.dll
[2009/12/05 14:17:47 | 000,000,832 | ---- | C] () -- C:\Windows\TransMusicClips.ini
[2009/10/18 16:38:02 | 000,044,544 | ---- | C] () -- C:\Windows\System32\ANIGIF.DLL
[2009/10/16 18:22:26 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/10/03 20:22:16 | 000,174,860 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/09/21 18:26:09 | 000,001,361 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2009/09/20 20:39:15 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009/09/10 19:06:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/10 19:06:10 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/10 19:05:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/23 11:17:25 | 000,008,592 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\d3d9caps.dat
[2009/08/05 08:15:26 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/30 21:07:12 | 000,000,019 | ---- | C] () -- C:\Windows\KNP.INI
[2009/07/15 19:29:19 | 000,025,205 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\UserTile.png
[2009/07/08 18:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2009/06/29 18:33:18 | 000,000,930 | ---- | C] () -- C:\Windows\WININIT.INI
[2009/06/29 18:33:14 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2009/06/14 13:42:16 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2009/06/08 21:15:25 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/06/08 21:07:20 | 000,079,872 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/08 21:06:33 | 000,000,000 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\wklnhst.dat
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/02/18 23:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,388,072 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:35:28 | 000,000,041 | ---- | C] () -- C:\Windows\System32\mqtgsvc.exe.cfg
[2006/11/02 03:33:01 | 000,791,742 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,173,926 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/11 00:18:48 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2001/10/12 10:58:20 | 000,028,672 | ---- | C] () -- C:\Windows\System32\mr310exd.dll
[2001/10/12 10:57:18 | 000,036,864 | ---- | C] () -- C:\Windows\System32\mr310exv.dll
[2000/12/07 10:13:58 | 000,015,164 | ---- | C] () -- C:\Windows\mr310twc.ini

========== LOP Check ==========

[2011/04/24 19:39:32 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\.minecraft
[2010/03/13 11:58:40 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\4Media Software Studio
[2010/02/28 19:24:44 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\acccore
[2011/05/06 19:10:29 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Acoustica
[2010/06/16 19:29:59 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Armagetron
[2009/06/07 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Atari
[2011/01/26 21:41:12 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Audacity
[2011/03/25 22:07:37 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Austin Hibbs
[2011/05/07 17:13:19 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Azureus
[2011/04/12 19:41:56 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Beat Hazard
[2011/02/10 14:31:17 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\BitComet
[2011/02/10 14:11:04 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\BitTorrent
[2010/09/05 14:06:51 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Blender Foundation
[2011/05/01 17:44:02 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\BOXEE
[2010/09/19 11:15:02 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Broken Rules
[2010/10/03 21:46:58 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/03/10 21:18:33 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\com.adobe.ExMan
[2010/03/09 21:01:23 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\com.dz.DeskTube.DC1B0EDA241604E0F9349CA56BDAFF9C08B50063.1
[2009/11/25 20:39:23 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1
[2011/03/29 17:51:29 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\CoSoSys
[2010/01/03 21:31:41 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Crayon Physics Deluxe
[2010/02/05 17:56:55 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\DNA
[2011/04/11 21:13:10 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\funkitron
[2010/07/09 20:00:35 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Gizmoz
[2010/08/05 18:15:08 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Hide IP NG
[2010/08/06 17:37:27 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\HideIPEasy
[2010/03/06 13:00:06 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\HTML Executable
[2010/04/05 19:25:20 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\ICAClient
[2009/11/16 20:02:59 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Ideas From the Deep
[2011/04/16 16:19:50 | 000,000,000 | -H-D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\ijjigame
[2010/08/09 14:18:27 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\IObit
[2009/08/10 19:27:46 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\iWin
[2010/08/23 19:35:36 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\JGoodies
[2010/10/22 20:05:37 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Lost Marble
[2010/02/28 22:32:17 | 000,000,000 | -HSD | M] -- C:\Users\Austin ROCKS\AppData\Roaming\lowsec
[2009/06/09 18:52:24 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Ludia
[2010/09/19 18:07:39 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\MotioninJoy
[2010/08/13 16:22:21 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Notepad++
[2009/11/26 20:34:17 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\NPLUTO Corporation
[2009/08/17 06:46:42 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Ohana Games
[2009/10/16 18:25:30 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Opera
[2010/03/29 16:45:56 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\OVData
[2010/09/18 13:10:20 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\PACE Anti-Piracy
[2009/07/15 19:29:19 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\PeerNetworking
[2010/04/18 15:59:18 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\PlayFirst
[2010/11/11 12:08:12 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Radical Software Ltd
[2010/09/09 14:48:11 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Raptr
[2011/01/10 23:45:41 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Rovio
[2010/03/13 16:51:46 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Sony
[2010/03/13 16:43:10 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Sony Setup
[2010/05/17 09:40:28 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\SpeedBit
[2010/10/04 20:25:23 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/10/22 19:05:47 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Stardock
[2011/05/06 19:50:53 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\SynthMaker
[2009/10/08 20:13:07 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Template
[2011/04/24 19:14:57 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\TuneUpMedia
[2009/07/19 10:43:18 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Unity
[2011/05/08 14:21:43 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\uTorrent
[2010/10/22 21:51:13 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\Verbot5
[2009/11/15 14:49:17 | 000,000,000 | ---D | M] -- C:\Users\Austin ROCKS\AppData\Roaming\WildTangent
[2011/05/08 17:07:52 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/05/08 19:08:05 | 000,000,406 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AEE52817-BCA4-4726-894D-DCF29517B5AB}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006/09/18 14:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/09/10 09:21:36 | 000,002,203 | ---- | M] () -- C:\bdlog.txt
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/09/04 18:09:20 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/05/08 17:17:39 | 000,136,258 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/03/02 20:11:05 | 000,000,132 | ---- | M] () -- C:\Delapp.bat
[2009/07/30 21:07:06 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/03/29 18:05:30 | 000,000,716 | -H-- | M] () -- C:\IPH.PH
[2008/09/04 18:06:23 | 000,000,165 | ---- | M] () -- C:\Labelprint.log
[2009/07/30 21:07:06 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/07/08 14:49:13 | 007,315,936 | ---- | M] (Microsoft Corporation) -- C:\mse.exe
[2009/11/20 14:31:37 | 000,012,342 | ---- | M] () -- C:\newhead.bmp
[2010/03/13 17:32:18 | 000,000,596 | ---- | M] () -- C:\nsinst.log
[2009/07/12 21:20:03 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2009/07/12 21:20:03 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2009/07/12 21:20:03 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2009/07/12 21:20:03 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{0dc3028f-6f0c-11de-8c43-001d72b1eb83}.TM.blf
[2009/07/12 21:20:03 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{0dc3028f-6f0c-11de-8c43-001d72b1eb83}.TMContainer00000000000000000001.regtrans-ms
[2009/07/12 21:20:03 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{0dc3028f-6f0c-11de-8c43-001d72b1eb83}.TMContainer00000000000000000002.regtrans-ms
[2011/05/08 17:09:04 | 2191,319,040 | -HS- | M] () -- C:\pagefile.sys
[2006/10/11 00:20:29 | 000,000,163 | ---- | M] () -- C:\power2go.log
[2011/03/25 22:39:14 | 000,000,000 | ---- | M] () -- C:\report.txt
[2008/09/04 17:50:24 | 000,000,520 | ---- | M] () -- C:\RHDSetup.log
[2011/04/23 18:16:44 | 000,130,628 | ---- | M] () -- C:\TDSSKiller.2.4.21.0_23.04.2011_18.14.36_log.txt

< %systemroot%\Fonts\*.com >
[2006/11/02 05:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 05:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 05:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/09/13 14:18:43 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 14:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 05:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2009/07/10 13:15:46 | 000,306,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2009/09/17 19:27:03 | 000,001,634 | -H-- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2010/03/04 22:44:37 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/20 20:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 20:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 20:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 03:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 03:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >
[2010/12/11 16:33:40 | 000,002,850 | ---- | M] () -- C:\Windows\System32\scratchthumbs.db

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/03/26 14:24:26 | 000,000,446 | -HS- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/05/08 14:08:13 | 004,343,905 | R--- | M] () -- C:\Users\Austin ROCKS\Desktop\ComboFix.exe
[2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
[2010/09/01 15:33:49 | 000,083,968 | ---- | M] (eSage Lab) -- C:\Users\Austin ROCKS\Desktop\remover.exe
[2009/09/08 17:09:45 | 001,649,152 | ---- | M] (Macromedia, Inc.) -- C:\Users\Austin ROCKS\Desktop\The N Game.exe
[2011/05/08 18:50:43 | 000,047,616 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Win32kDiag.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >
[2010/04/09 20:12:46 | 000,012,106 | ---- | M] () -- C:\Windows\mr310twc.src

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2011/02/21 14:56:32 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2011/02/21 14:56:03 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2010/09/06 08:45:24 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2010/09/06 08:45:24 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2011/02/21 14:56:03 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/06/07 15:18:43 | 000,000,402 | -HS- | M] () -- C:\Users\Austin ROCKS\Favorites\desktop.ini
[2011/05/07 15:31:08 | 000,000,358 | ---- | M] () -- C:\Users\Austin ROCKS\Favorites\PSPVC PSP Video Converter.lnk
[2011/05/07 15:31:08 | 000,000,358 | ---- | M] () -- C:\Users\Austin ROCKS\Favorites\PSPVC on Twitter.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2009/06/14 13:42:16 | 000,005,115 | ---- | M] () -- C:\ProgramData\N360BUOptions.ini
[2011/05/08 17:09:13 | 000,205,208 | ---- | M] () -- C:\ProgramData\nvModes.001

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >

========== Files - Unicode (All) ==========
[2010/04/23 18:47:42 | 000,000,000 | ---D | M](C:\Users\Austin ROCKS\Favorites\??sorted Bookmarks) -- C:\Users\Austin ROCKS\Favorites\륈ƣsorted Bookmarks

========== Alternate Data Streams ==========

@Alternate Data Stream - 994 bytes -> C:\ProgramData\Microsoft:OLBKRfpNXStKMvDk6t12iFptILL
@Alternate Data Stream - 961 bytes -> C:\ProgramData\Microsoft:kKyVfD2bYcajNCyAYux48yji
@Alternate Data Stream - 244 bytes -> C:\ProgramData\TEMP

78A4613
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:CD060F93
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:302A9871
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:22741C1F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP

1B5B4F1
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0
@Alternate Data Stream - 1144 bytes -> C:\Users\Austin ROCKS\AppData\Local\KL5lm5EnlueG3p:6ZOYIgRlPoX9xGy5wccVGUNogb
@Alternate Data Stream - 1124 bytes -> C:\Program Files\Common Files\microsoft shared:Ob1lGszUA7B3UAbkVzUXdVbrPj
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP

13A698F

< End of report >

Broni · May 8, 2011

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code:

:OTL
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
[2010/11/11 12:07:48 | 000,001,919 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\bing-zugo.xml
[2010/07/31 08:49:28 | 000,002,463 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\safesearch.xml
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
MOD - [2011/03/26 12:57:48 | 000,215,930 | ---- | M] () -- C:\Windows\System32\iqbfwlkqb\shim_ihfmzsso.dll
MOD - [2011/03/26 12:57:47 | 002,038,925 | ---- | M] () -- C:\Windows\System32\iqbfwlkqb\mcsc_cnawcrqc.dll
MOD - [2011/03/26 12:57:46 | 000,237,927 | ---- | M] () -- C:\Windows\System32\iqbfwlkqb\mcapp_hbdnrvkr.dll
SRV - [2011/03/26 12:57:49 | 000,237,712 | ---- | M] () [Auto | Running] -- C:\Windows\System32\iqbfwlkqb\svcboot_qsgffroe.dll -- (svcboot_qsgffroe)
O4 - Startup: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = File not found
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: aol.com ([free] http in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1694092186-2221604420-1700606534-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: GinaDLL - (GTGina.dll) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
@Alternate Data Stream - 994 bytes -> C:\ProgramData\Microsoft:OLBKRfpNXStKMvDk6t12iFptILL
@Alternate Data Stream - 961 bytes -> C:\ProgramData\Microsoft:kKyVfD2bYcajNCyAYux48yji
@Alternate Data Stream - 244 bytes -> C:\ProgramData\TEMP:D78A4613
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:CD060F93
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:302A9871
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:22741C1F
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0
@Alternate Data Stream - 1144 bytes -> C:\Users\Austin ROCKS\AppData\Local\KL5lm5EnlueG3p:6ZOYIgRlPoX9xGy5wccVGUNogb
@Alternate Data Stream - 1124 bytes -> C:\Program Files\Common Files\microsoft shared:Ob1lGszUA7B3UAbkVzUXdVbrPj
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:D13A698F

:Services

:Reg

:Files
C:\Windows\System32\iqbfwlkqb

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
You will get a log that shows the results of the fix. Please post it.
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply. Only one log will be created.

dozzyo9080 · May 8, 2011

OTL fix log

========== OTL ==========
Prefs.js: "Secure Search" removed from browser.search.defaultenginename
C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\bing-zugo.xml moved successfully.
C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\safesearch.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{381FFDE8-2394-4f90-B10D-FC6124A40F8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{381FFDE8-2394-4f90-B10D-FC6124A40F8C}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{61539ECD-CC67-4437-A03C-9AACCBD14326} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61539ECD-CC67-4437-A03C-9AACCBD14326}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{338B4DFE-2E2C-4338-9E41-E176D497299E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{61539ECD-CC67-4437-A03C-9AACCBD14326} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61539ECD-CC67-4437-A03C-9AACCBD14326}\ not found.
Error: Unable to stop service svcboot_qsgffroe!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\svcboot_qsgffroe deleted successfully.
C:\Windows\System32\iqbfwlkqb\svcboot_qsgffroe.dll moved successfully.
C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk moved successfully.
Registry key HKEY_USERS\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com\free\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ not found.
Registry value HKEY_USERS\S-1-5-21-1694092186-2221604420-1700606534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\GinaDLL:GTGina.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\ProgramData\Microsoft:OLBKRfpNXStKMvDk6t12iFptILL deleted successfully.
ADS C:\ProgramData\Microsoft:kKyVfD2bYcajNCyAYux48yji deleted successfully.
ADS C:\ProgramData\TEMP

78A4613 deleted successfully.
ADS C:\ProgramData\TEMP:CD060F93 deleted successfully.
ADS C:\ProgramData\TEMP:302A9871 deleted successfully.
ADS C:\ProgramData\TEMP:22741C1F deleted successfully.
ADS C:\ProgramData\TEMP

1B5B4F1 deleted successfully.
ADS C:\ProgramData\TEMP:A9662AE0 deleted successfully.
ADS C:\Users\Austin ROCKS\AppData\Local\KL5lm5EnlueG3p:6ZOYIgRlPoX9xGy5wccVGUNogb deleted successfully.
ADS C:\Program Files\Common Files\microsoft shared:Ob1lGszUA7B3UAbkVzUXdVbrPj deleted successfully.
ADS C:\ProgramData\TEMP

13A698F deleted successfully.
========== SERVICES/DRIVERS ==========

OTL by OldTimer - Version 3.2.22.3 log created on 05082011_201354

Broni · May 8, 2011

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply. Only one log will be created.

There were still some "baddies" in your log. I need to see, if they're gone.

dozzyo9080 · May 9, 2011

otl

OTL logfile created on: 5/8/2011 8:23:55 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Austin ROCKS\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 42.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 66.51 Gb Total Space | 8.32 Gb Free Space | 12.50% Space Free | Partition Type: NTFS
Drive D: | 66.54 Gb Total Space | 13.40 Gb Free Space | 20.15% Space Free | Partition Type: NTFS

Computer Name: AUSTINROCKS-PC | User Name: Austin ROCKS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
PRC - [2011/04/28 18:14:52 | 017,529,856 | ---- | M] (Electronic Arts) -- C:\Program Files\Electronic Arts\EADM\EADMUI\EADMUI.exe
PRC - [2011/04/16 17:39:31 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011/02/18 12:35:22 | 000,162,912 | ---- | M] (CyberLink Corp.) -- D:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe
PRC - [2011/02/18 12:35:22 | 000,136,488 | ---- | M] (CyberLink) -- D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe
PRC - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
PRC - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/09/19 18:08:16 | 000,081,408 | ---- | M] (www.motioninjoy.com) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
PRC - [2010/05/25 11:51:02 | 000,929,792 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2010/04/27 10:44:52 | 000,102,503 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2010/04/27 10:43:26 | 000,147,563 | ---- | M] (IVT Corporation) -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
PRC - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/06/19 02:52:00 | 006,244,896 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/06/11 11:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
PRC - [2008/01/20 19:25:26 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
PRC - [2008/01/20 19:25:07 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\inetinfo.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/12/10 20:15:00 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/01/01 14:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Users\Austin ROCKS\AppData\Roaming\Google\Google Talk\googletalk.exe

========== Modules (SafeList) ==========

MOD - [2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/31 08:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/05 18:49:17 | 003,274,328 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_3f211bc.dll -- (Akamai)
SRV - [2011/04/17 16:00:39 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/11/23 19:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe -- (NSL)
SRV - [2010/11/11 12:26:42 | 000,206,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/07/28 14:36:52 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/05/25 11:51:02 | 000,929,792 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2010/05/02 14:34:28 | 005,027,328 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files\wLite\wService.exe -- (wxpSvc)
SRV - [2010/04/27 10:44:52 | 000,102,503 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2010/04/27 10:43:26 | 000,147,563 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS)
SRV - [2010/04/21 10:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 10:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/01/07 15:38:18 | 000,447,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/01/07 15:38:08 | 005,950,704 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2009/10/11 14:03:24 | 003,319,160 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009/04/10 23:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008/09/08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/06/11 11:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/01/20 19:25:27 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2008/01/20 19:25:08 | 000,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\WMSvc.exe -- (WMSvc)
SRV - [2008/01/20 19:25:07 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/12/10 20:15:00 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/11/02 05:36:18 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)

========== Driver Services (SafeList) ==========

DRV - [2011/05/08 20:22:12 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{49C29E98-6305-4BB9-80E0-B63FDF051C93}\MpKsl18f81128.sys -- (MpKsl18f81128)
DRV - [2010/10/24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/09/05 19:53:49 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SYSTEM32\DRIVERS\NVSTOR32.SYS -- (nvstor32)
DRV - [2010/07/28 09:13:58 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010/04/06 18:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010/04/06 18:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010/04/06 18:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2010/04/06 18:32:32 | 000,022,024 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcombus.sys -- (BTCOMBUS)
DRV - [2010/04/06 18:32:28 | 000,025,992 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcomport.sys -- (BTCOM)
DRV - [2010/01/12 13:03:34 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/12/23 11:32:26 | 000,086,016 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2009/08/21 21:24:04 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/08/13 16:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 16:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/06/17 14:02:40 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2009/04/10 21:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) RMCAST (Pgm)
DRV - [2009/03/30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009/03/07 21:23:54 | 000,030,136 | ---- | M] (Resplendence Software Projects Sp.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\rspSanity32.sys -- (rspSanity)
DRV - [2009/02/27 16:50:32 | 000,499,200 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/24 04:55:50 | 000,030,464 | ---- | M] (CamTrax Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CamSpaceJoy.sys -- (CamSpaceJoy)
DRV - [2008/08/24 04:55:48 | 000,014,848 | ---- | M] (CamTrax Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CamSpaceBus.sys -- (CamSpaceBus)
DRV - [2008/06/11 11:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/03/06 15:22:24 | 000,019,456 | ---- | M] (FreeBT (www.freebt.net)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fbtusb.sys -- (FreeBT)
DRV - [2008/01/28 22:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/20 19:25:19 | 000,126,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mqac.sys -- (MQAC)
DRV - [2008/01/20 19:23:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007/10/12 01:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/04/16 10:28:02 | 000,194,362 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2004/10/24 08:11:00 | 000,028,800 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PPortJoy.sys -- (PPortJoystick)
DRV - [2004/10/24 08:11:00 | 000,013,952 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PPJoyBus.sys -- (PPJoyBus)
DRV - [2001/05/07 03:56:02 | 000,019,805 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z008&form=ZGAPHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 2F 4F 63 65 C2 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?rls=ig"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
FF - prefs.js..extensions.enabledItems: GameTapPlayer@gametap.com:4.3.0.5908
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {203FB6B2-2E1E-4474-863B-4C483ECCE78E}:1.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: support@easy-hideip.com:1.0
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/08/05 13:37:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ [2011/04/19 11:05:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/05/05 19:49:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 14:45:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/16 16:46:52 | 000,000,000 | ---D | M]

[2010/01/09 15:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Extensions
[2011/04/16 17:14:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions
[2010/07/25 12:21:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/10 09:40:11 | 000,000,000 | ---D | M] (Redirect Remover) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\{fe0258ab-4f74-43a1-8781-bcdf340f9ee9}
[2010/09/19 14:42:39 | 000,000,000 | ---D | M] (GameTap) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\GameTapPlayer@gametap.com
[2010/08/06 17:39:02 | 000,000,000 | ---D | M] (Hide IP Easy) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\support@easy-hideip.com
[2011/04/16 17:14:54 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Users\Austin ROCKS\AppData\Roaming\mozilla\Firefox\Profiles\zlmaa4wf.default\extensions\YPlayer@yummy.net
[2010/02/28 19:25:23 | 000,004,554 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\aim-search.xml
[2010/02/28 18:51:00 | 000,001,827 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\bing.xml
[2010/09/05 17:10:10 | 000,000,903 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\conduit.xml
[2011/05/01 21:23:45 | 000,001,018 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\facebook.xml
[2011/03/26 18:56:13 | 000,001,050 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\siteadvisor.xml
[2010/01/29 19:23:24 | 000,001,720 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Roaming\Mozilla\Firefox\Profiles\zlmaa4wf.default\searchplugins\youtube-video-search.xml
[2011/05/07 20:51:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/05 21:19:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/04/01 14:12:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/05/07 20:51:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
[2011/05/05 19:49:33 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
() (No name found) -- C:\USERS\AUSTIN ROCKS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZLMAA4WF.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2011/03/26 12:57:42 | 002,160,866 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\1522053.dll
[2011/04/30 14:44:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/08/24 02:31:30 | 000,773,120 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/03/03 15:24:34 | 001,961,984 | ---- | M] (Total Immersion) -- C:\Program Files\Mozilla Firefox\plugins\NPDFusionWebFirefox.dll
[2011/04/30 14:44:56 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2009/09/21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2011/04/16 14:11:50 | 000,001,949 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2011/05/08 17:10:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [YouCam Mirage] D:\Program Files\CyberLink\YouCam\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] D:\Program Files\CyberLink\YouCam\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [EADM] C:\Program Files\Electronic Arts\EADM\EADMUI\EADMUI.exe (Electronic Arts)
O4 - HKCU..\Run: [googletalk] C:\Users\Austin ROCKS\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2010/05/17 09:54:30 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/08 20:13:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/08 17:50:45 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
[2011/05/08 17:17:41 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/08 17:17:41 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\temp
[2011/05/08 17:11:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/08 16:52:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/08 14:14:21 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/08 14:14:21 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/08 14:14:21 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/08 14:14:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/08 14:13:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/08 14:03:03 | 000,083,968 | ---- | C] (eSage Lab) -- C:\Users\Austin ROCKS\Desktop\remover.exe
[2011/05/07 20:50:58 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/05/07 20:50:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/05/07 20:50:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/05/07 18:20:43 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/05/07 15:48:29 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/05/07 15:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/06 19:55:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy
[2011/05/06 19:54:33 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\Documents\My Recordings
[2011/05/06 19:51:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2011/05/06 19:50:53 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\SynthMaker
[2011/05/06 19:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acoustica Mixcraft 5
[2011/05/06 19:10:29 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Acoustica
[2011/05/06 19:10:24 | 000,057,344 | ---- | C] (NexiTech, Inc.) -- C:\Windows\System32\Wnaspint.dll
[2011/05/06 18:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Mixcraft 5
[2011/05/04 20:12:00 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\vlc
[2011/05/01 17:44:02 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\BOXEE
[2011/05/01 17:44:01 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boxee
[2011/05/01 17:38:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2011/05/01 17:38:35 | 000,000,000 | ---D | C] -- C:\Program Files\Cyberlink
[2011/05/01 16:19:48 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\Documents\Avatar
[2011/05/01 15:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CL-Eye Driver
[2011/04/24 19:37:17 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\.minecraft
[2011/04/22 16:22:42 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary Build
[2011/04/21 20:21:12 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\SKIDROW
[2011/04/20 18:57:55 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/04/19 11:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boonka
[2011/04/19 11:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\Boonka
[2011/04/19 11:05:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST
[2011/04/19 11:05:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NST\0102000.006
[2011/04/19 11:05:14 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Safe Web Lite
[2011/04/19 11:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011/04/18 19:36:21 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\GameHouse
[2011/04/18 19:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2011/04/18 18:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Bejeweled 3
[2011/04/16 21:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2011/04/16 21:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrisOnline
[2011/04/16 18:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/04/16 18:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/04/16 17:25:09 | 001,547,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011/04/16 16:48:02 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Local\DejobaansEasiest
[2011/04/15 19:46:00 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/04/15 19:45:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/04/15 19:45:35 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/04/15 19:45:34 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/04/15 19:45:34 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/04/15 19:45:32 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/04/15 19:45:30 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/04/15 19:45:29 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/04/15 19:45:28 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/04/15 19:45:28 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/04/15 19:45:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/04/15 19:45:26 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/04/15 19:45:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/04/15 19:45:26 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/04/15 19:45:26 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/04/15 19:45:26 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/04/15 19:45:26 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/04/15 19:45:25 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/04/15 19:45:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/04/15 19:44:43 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/04/15 19:44:37 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/04/15 19:44:10 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/04/15 19:44:02 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/04/15 19:43:42 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/04/15 19:43:41 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/04/12 19:36:03 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\Beat Hazard
[2011/04/11 21:13:10 | 000,000,000 | ---D | C] -- C:\Users\Austin ROCKS\AppData\Roaming\funkitron
[2011/04/10 19:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ballistik
[2011/04/10 19:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sandlot Shared
[2011/04/10 19:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Ballistik

========== Files - Modified Within 30 Days ==========

[2011/05/08 20:21:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 20:21:23 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 20:21:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011/05/08 20:21:17 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/05/08 20:21:12 | 000,205,208 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/05/08 20:21:09 | 000,001,056 | ---- | M] () -- C:\Windows\System32\bscs.ini
[2011/05/08 20:21:02 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/08 20:20:55 | 000,205,208 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/05/08 20:20:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/08 20:08:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/08 20:05:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks

dozzyo9080 · May 9, 2011

\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000UA.job
[2011/05/08 19:08:05 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AEE52817-BCA4-4726-894D-DCF29517B5AB}.job
[2011/05/08 18:50:43 | 000,047,616 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Win32kDiag.exe
[2011/05/08 17:50:53 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Austin ROCKS\Desktop\OTL.exe
[2011/05/08 17:10:43 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/08 17:09:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/05/08 15:05:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000Core.job
[2011/05/08 14:08:13 | 004,343,905 | R--- | M] () -- C:\Users\Austin ROCKS\Desktop\ComboFix.exe
[2011/05/08 09:41:49 | 000,001,275 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome.lnk
[2011/05/08 09:32:09 | 000,001,646 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\CamSpace.lnk
[2011/05/08 09:28:59 | 000,000,857 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\JDiskReport.lnk
[2011/05/08 09:27:35 | 000,000,517 | ---- | M] () -- C:\Users\Public\Desktop\IrisOnline.lnk
[2011/05/07 18:23:50 | 000,791,742 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/07 18:23:50 | 000,173,926 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/07 16:08:26 | 000,011,976 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\hijackthislog 5-7-11 1
[2011/05/07 15:52:22 | 000,002,497 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\HiJackThis.lnk
[2011/05/07 13:31:44 | 000,002,041 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/07 08:18:46 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/06 19:10:29 | 000,000,779 | ---- | M] () -- C:\Users\Public\Desktop\Mixcraft 5.lnk
[2011/05/06 17:38:16 | 000,008,592 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Local\d3d9caps.dat
[2011/05/06 17:38:05 | 000,000,552 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Local\d3d8caps.dat
[2011/05/05 18:20:40 | 000,134,656 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Mommy's day card.pub
[2011/05/04 20:20:07 | 000,079,872 | ---- | M] () -- C:\Users\Austin ROCKS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/01 17:38:44 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk
[2011/04/28 20:16:31 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2011/04/24 19:10:35 | 000,002,252 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
[2011/04/24 15:14:57 | 000,021,504 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Backup of Dear Mrs.wbk
[2011/04/24 13:34:22 | 000,112,659 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\i apoligize easter.jpg
[2011/04/22 16:22:46 | 000,002,081 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome Canary Build.lnk
[2011/04/22 16:22:45 | 000,002,119 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome Canary Build.lnk
[2011/04/22 10:23:14 | 000,041,472 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 11 Test.wbk
[2011/04/19 11:28:19 | 000,001,620 | ---- | M] () -- C:\Users\Public\Desktop\Boonka.lnk
[2011/04/19 10:57:28 | 000,000,045 | ---- | M] () -- C:\Users\Austin ROCKS\jagex_runescape_preferences.dat
[2011/04/18 19:07:16 | 000,000,647 | ---- | M] () -- C:\Users\Austin ROCKS\Desktop\Bejeweled 3.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/04/16 14:10:50 | 000,000,832 | ---- | M] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/04/16 14:10:50 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/16 10:17:26 | 000,388,072 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/14 05:08:11 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/04/14 05:08:10 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/04/14 05:08:09 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/04/14 05:07:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/04/10 19:01:09 | 000,001,678 | ---- | M] () -- C:\Users\Public\Desktop\Ballistik.lnk
[2011/04/10 14:39:07 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/10 08:31:13 | 000,000,094 | -H-- | M] () -- C:\Windows\System32\spv1_WCssg.ini
[2011/04/09 15:28:45 | 000,096,768 | ---- | M] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 10 quiz.wbk
[2011/04/08 23:13:43 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll

========== Files Created - No Company Name ==========

[2011/05/08 18:50:36 | 000,047,616 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Win32kDiag.exe
[2011/05/08 14:14:21 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/08 14:14:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/08 14:14:21 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/08 14:14:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/08 14:14:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/08 14:07:48 | 004,343,905 | R--- | C] () -- C:\Users\Austin ROCKS\Desktop\ComboFix.exe
[2011/05/07 16:08:26 | 000,011,976 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\hijackthislog 5-7-11 1
[2011/05/07 15:48:29 | 000,002,497 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\HiJackThis.lnk
[2011/05/07 12:55:11 | 000,000,104 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Recycle Bin.lnk
[2011/05/06 19:10:29 | 000,000,779 | ---- | C] () -- C:\Users\Public\Desktop\Mixcraft 5.lnk
[2011/05/06 17:38:05 | 000,000,552 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\d3d8caps.dat
[2011/05/03 19:55:51 | 000,134,656 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Mommy's day card.pub
[2011/05/01 17:38:44 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink YouCam.lnk
[2011/04/24 15:14:56 | 000,021,504 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Backup of Dear Mrs.wbk
[2011/04/24 13:34:22 | 000,112,659 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\i apoligize easter.jpg
[2011/04/22 16:22:45 | 000,002,119 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome Canary Build.lnk
[2011/04/22 16:22:45 | 000,002,081 | ---- | C] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome Canary Build.lnk
[2011/04/22 10:23:14 | 000,041,472 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 11 Test.wbk
[2011/04/20 18:57:59 | 000,002,041 | ---- | C] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/04/20 18:57:59 | 000,001,275 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Google Chrome.lnk
[2011/04/20 18:54:27 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000UA.job
[2011/04/20 18:54:25 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1694092186-2221604420-1700606534-1000Core.job
[2011/04/19 11:28:19 | 000,001,620 | ---- | C] () -- C:\Users\Public\Desktop\Boonka.lnk
[2011/04/19 11:05:15 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NST\0102000.006\isolate.ini
[2011/04/18 19:07:16 | 000,000,647 | ---- | C] () -- C:\Users\Austin ROCKS\Desktop\Bejeweled 3.lnk
[2011/04/16 21:14:12 | 000,000,517 | ---- | C] () -- C:\Users\Public\Desktop\IrisOnline.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2011/04/16 20:11:17 | 000,001,595 | ---- | C] () -- C:\Users\Austin ROCKS\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2011/04/16 20:11:15 | 000,001,595 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
[2011/04/16 14:10:50 | 000,000,820 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/10 19:01:09 | 000,001,678 | ---- | C] () -- C:\Users\Public\Desktop\Ballistik.lnk
[2011/04/10 08:31:13 | 000,000,094 | -H-- | C] () -- C:\Windows\System32\spv1_WCssg.ini
[2011/04/09 13:23:49 | 000,096,768 | ---- | C] () -- C:\Users\Austin ROCKS\Documents\Backup of Chapter 10 quiz.wbk
[2011/03/25 20:54:32 | 000,000,177 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\prefs.bin
[2011/03/25 20:51:11 | 000,000,299 | ---- | C] () -- C:\Windows\EReg515.dat
[2011/03/25 20:47:04 | 000,000,157 | ---- | C] () -- C:\Windows\disney.ini
[2011/03/25 20:46:56 | 000,000,189 | ---- | C] () -- C:\Windows\disneysy.ini
[2011/03/02 20:37:04 | 000,000,049 | ---- | C] () -- C:\Windows\GSTAR.INI
[2011/03/02 20:29:11 | 000,000,077 | ---- | C] () -- C:\Windows\WinFrotz.INI
[2011/01/07 19:05:48 | 000,000,524 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010/11/25 22:19:35 | 000,003,584 | ---- | C] () -- C:\Windows\System32\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/11 17:31:41 | 000,352,648 | ---- | C] () -- C:\Windows\System32\SysCheck2.dll
[2010/10/02 22:27:58 | 000,138,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/10/02 22:27:57 | 000,138,056 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\PnkBstrK.sys
[2010/10/02 22:27:42 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010/10/02 22:27:35 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010/10/02 22:27:29 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010/09/09 15:17:38 | 000,000,112 | ---- | C] () -- C:\ProgramData\s2jCFlE77.dat
[2010/09/05 18:47:10 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010/08/14 15:47:00 | 000,074,752 | ---- | C] () -- C:\Windows\System32\CLEyeDevices.dll
[2010/08/09 19:44:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\BSPRINT.INI
[2010/08/05 13:38:21 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010/07/05 16:20:32 | 000,000,025 | ---- | C] () -- C:\Windows\OverlayXP.ini
[2010/07/02 17:33:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/22 13:52:28 | 000,001,056 | ---- | C] () -- C:\Windows\System32\bscs.ini
[2010/06/16 20:19:00 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys
[2010/05/27 07:00:04 | 000,077,824 | ---- | C] () -- C:\Windows\System32\CamTraxAPI.dll
[2010/05/18 08:46:10 | 000,052,114 | ---- | C] () -- C:\Windows\System32\ptun.exe
[2010/05/17 17:19:34 | 000,005,025 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\Temp17.html
[2010/05/17 17:03:13 | 000,001,293 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\Temp1.html
[2010/04/27 10:43:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BsMobileCSps.dll
[2010/04/17 12:12:31 | 000,000,256 | ---- | C] () -- C:\Windows\usbfhom.dll
[2010/04/17 09:00:34 | 000,002,753 | ---- | C] () -- C:\Windows\System32\wbers.dat
[2010/04/16 13:26:30 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010/04/15 20:10:31 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010/04/09 20:03:10 | 000,000,037 | ---- | C] () -- C:\Windows\marscam.ini
[2010/04/06 18:33:10 | 000,025,864 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/02/09 10:14:31 | 000,205,208 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/02/09 10:10:27 | 000,205,208 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/02/08 15:45:53 | 000,000,250 | ---- | C] () -- C:\Windows\gmer.ini
[2010/02/08 15:45:49 | 000,585,791 | ---- | C] () -- C:\Windows\gmer.dll
[2010/02/08 15:45:49 | 000,581,632 | ---- | C] () -- C:\Windows\gmer.exe
[2010/01/22 10:04:30 | 000,081,920 | ---- | C] () -- C:\Windows\System32\BsVistaCommon.dll
[2009/12/05 14:32:17 | 000,000,101 | ---- | C] () -- C:\Windows\PowerPlugs Player.INI
[2009/12/05 14:19:52 | 000,000,025 | ---- | C] () -- C:\Windows\System32\WinPPAddress.ini
[2009/12/05 14:18:05 | 000,131,072 | ---- | C] () -- C:\Windows\System32\TransSaveStatus.dll
[2009/12/05 14:17:47 | 000,000,832 | ---- | C] () -- C:\Windows\TransMusicClips.ini
[2009/10/18 16:38:02 | 000,044,544 | ---- | C] () -- C:\Windows\System32\ANIGIF.DLL
[2009/10/16 18:22:26 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/10/03 20:22:16 | 000,174,860 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/09/21 18:26:09 | 000,001,361 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2009/09/20 20:39:15 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2009/09/10 19:06:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/10 19:06:10 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/10 19:05:43 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/08/23 11:17:25 | 000,008,592 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\d3d9caps.dat
[2009/08/05 08:15:26 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/30 21:07:12 | 000,000,019 | ---- | C] () -- C:\Windows\KNP.INI
[2009/07/15 19:29:19 | 000,025,205 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\UserTile.png
[2009/07/08 18:03:02 | 000,058,880 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2009/06/29 18:33:18 | 000,000,930 | ---- | C] () -- C:\Windows\WININIT.INI
[2009/06/29 18:33:14 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2009/06/14 13:42:16 | 000,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2009/06/08 21:15:25 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/06/08 21:07:20 | 000,079,872 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/08 21:06:33 | 000,000,000 | ---- | C] () -- C:\Users\Austin ROCKS\AppData\Roaming\wklnhst.dat
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/02/18 23:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\System32\OpenQuicktimeLib.dll
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,388,072 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:35:28 | 000,000,041 | ---- | C] () -- C:\Windows\System32\mqtgsvc.exe.cfg
[2006/11/02 03:33:01 | 000,791,742 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,173,926 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/11 00:18:48 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2001/10/12 10:58:20 | 000,028,672 | ---- | C] () -- C:\Windows\System32\mr310exd.dll
[2001/10/12 10:57:18 | 000,036,864 | ---- | C] () -- C:\Windows\System32\mr310exv.dll
[2000/12/07 10:13:58 | 000,015,164 | ---- | C] () -- C:\Windows\mr310twc.ini

< End of report >

Broni · May 9, 2011

Looks good

Any current issues?

Last scans....

1. Download Security Check from HERE, and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Download Temp File Cleaner (TFC)

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

3. Please run a free online scan with the ESET Online Scanner

Disable your antivirus program
Tick the box next to YES, I accept the Terms of Use
Click Start
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push List of found threats
Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
NOTE. If Eset won't find any threats, it won't produce any log.

dozzyo9080 · May 9, 2011

I have to go.

G2G see u on saturday. Sorry

Broni · May 9, 2011

OK. Keep it clean until then. No dangerous activities, please.

dozzyo9080 · May 9, 2011

Broni said:
OK. Keep it clean until then. No dangerous activities, please.

ok

Broni · May 9, 2011

See ya......

Solved Res://C:\Windows\system32\shdoclc.dll/navcancl.htm Internet Explorer Issue

Posts: 120 +0

Posts: 120 +0

Posts: 120 +0

Posts: 120 +0

Posts: 120 +0

Posts: 120 +0

Posts: 56,041 +516

Posts: 120 +0

Posts: 120 +0

Posts: 120 +0

Posts: 120 +0

Posts: 120 +0

Posts: 56,041 +516

Posts: 120 +0

Posts: 120 +0

Posts: 56,041 +516

Posts: 120 +0

Posts: 56,041 +516

Posts: 120 +0

Posts: 120 +0

Posts: 56,041 +516

Posts: 120 +0

Posts: 56,041 +516

Posts: 120 +0

Posts: 56,041 +516

Similar threads