I had a problem a few days ago. My internet explorer runs on its own once in a while to many different sites and uses a lot of memory. I am running on Vista home 64bit.
Apologies if I have not provided enough details.
Thank you in advance.
Whiteglint
0
Newbie Poster
Recommended Answers
Jump to PostHi and welcome to the Daniweb forums :).
==========
Jump to PostYou probably have virus in your computer... Download Malwarebytes Anti-Malware and run a scan to confirm it...
If it does found it, please proceed to instruction link posted by crunchie to completely remove them... He'll help you out till you done
Jump to PostYou probably have virus in your computer... Download Malwarebytes Anti-Malware and run a scan to confirm it...
If it does found it, please proceed to instruction link posted by crunchie to completely remove them... He'll help you out till you doneThe link provided by Crunchie includes Malwarebytes' Anti-Malware as …
Jump to Post@jholland
I know... just reminding the poster if he doesn't see the link given my crunchie...
Jump to PostHow could one miss it? If that was your intention, then why not mention all the requirements from the linked post?
All 21 Replies
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
flagstar
111
Practically a Master Poster
You probably have virus in your computer... Download Malwarebytes Anti-Malware and run a scan to confirm it...
If it does found it, please proceed to instruction link posted by crunchie to completely remove them... He'll help you out till you done
jholland1964
650
Posting Expert
Team Colleague
Featured Poster
You probably have virus in your computer... Download Malwarebytes Anti-Malware and run a scan to confirm it...
If it does found it, please proceed to instruction link posted by crunchie to completely remove them... He'll help you out till you done
The link provided by Crunchie includes Malwarebytes' Anti-Malware as ONE of the steps. That link is where to begin.
flagstar
111
Practically a Master Poster
@jholland
I know... just reminding the poster if he doesn't see the link given my crunchie...
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
How could one miss it? If that was your intention, then why not mention all the requirements from the linked post?
flagstar
111
Practically a Master Poster
@crunchie sorry if I'm being rude and all
truthfully, I did almost miss the link given by you. It was like a signature at first glance... If this also happen to the poster as well, might as well reminding him. sadly I don't want to write that detailed from the link so I just give first clue for virus infection and proceed if it do happen.
Sorry again for being rude..
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
No problem, although it is hard to mistake the link for my signature.
Sunnyrepairs
0
Newbie Poster
Scan your computer for viruses and remove all the detected ones.
a.oprea
0
Junior Poster in Training
You got a virus :)
Whiteglint
0
Newbie Poster
Ok, I followed all the instructions without any problems. Here are the logs:
---MalwareBytes’ Anti-Malware log :
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Database version: 7153
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
7/16/2011 11:35:34 AM
mbam-log-2011-07-16 (11-35-29).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 424312
Time elapsed: 1 hour(s), 22 minute(s), 14 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5
Memory Processes Infected:
c:\Windows\Dwofua.exe (Trojan.FraudPack.Gen) -> 7496 -> No action taken.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\5SK3BLHWHC (Trojan.FakeAlert.SA) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\B7GGEY1ZRR (Trojan.FakeAlert.SA) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tar (Worm.KoobFace) -> No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\5SK3BLHWHC (Trojan.FraudPack.Gen) -> Value: 5SK3BLHWHC -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FXWD6M2DFK (Trojan.FraudPack.Gen) -> Value: FXWD6M2DFK -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\B7GGEY1ZRR (Trojan.FakeAlert.SA) -> Value: B7GGEY1ZRR -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\Dwofua.exe (Trojan.FraudPack.Gen) -> No action taken.
c:\Windows\System32\sshnas21.dll (Trojan.FraudPack.Gen) -> No action taken.
c:\Windows\SysWOW64\sshnas21.dll (Trojan.FraudPack.Gen) -> No action taken.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> No action taken.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> No action taken.
---GMER One.log:
nothing??
---GMER Two.log:
GMER 1.0.15.15640 - http://www.gmer.net
Rootkit scan 2011-07-16 06:13:00
Windows 6.0.6001 Service Pack 1
Running: dce0zp2y.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x05 0xE3 0x83 0x13 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAE 0xB4 0x88 0xAB ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xEC 0x96 0xE4 0x30 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x33 0x2C 0x43 0x77 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAE 0xB4 0x88 0xAB ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xEC 0x96 0xE4 0x30 ...
---- EOF - GMER 1.0.15 ----
---DDS ScanLogs:
DDS (Ver_2011-07-14.01) - NTFS_AMD64
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_25
Run by Alan at 11:39:53 on 2011-07-16
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
C:\Program Files (x86)\Razer\Nostromo\t2Hid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
C:\Users\Alan\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe,
BHO: IDMIEHlprObj Class: {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll
BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\Alan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
mRun: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
mRun: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
mRun: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
mRun: [FAStartup] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AWMOUS~1.LNK - C:\Program Files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FA73B1B9-D6F0-4420-AEB4-B3C973B2A115} - hxxp://update.hitsplay.com:8080/UniUpdTool/system/NCLauncher.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{114452DD-2E54-444A-AA9E-FFF600AFD69F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{6A70854C-ED62-4540-9C8E-2D22EE47E79C} : NameServer = 203.144.207.29,203.144.207.49
TCP: Interfaces\{6A70854C-ED62-4540-9C8E-2D22EE47E79C} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll
LSA: Notification Packages = scecli FAPassSync
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
x64-Run: [AlienFX Controller] "C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe"
x64-Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-System: EnableLUA = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - LocalServer32 - <no file>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\0hgijj3b.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: C:\Users\Alan\AppData\Local\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Users\Alan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2010/11/04 19:36:05];C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2008-10-17 146928]
R2 FAService;FAService;C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2009-5-10 2360584]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2011-7-5 88864]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k60x64.sys [2010-9-19 257200]
R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;C:\Windows\System32\drivers\hidkmdf.sys [2011-4-30 6656]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\System32\drivers\itecir.sys [2010-3-8 67104]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2008-6-26 4735488]
R3 T2Fltr;Razer Nostromo;C:\Windows\System32\drivers\T2Fltr.sys [2011-4-30 22912]
R3 VJoystick;Virtual JoyStick KMDF HID Minidriver;C:\Windows\System32\drivers\VJoystick.sys [2011-4-30 13312]
R3 VKbms;Virtual HID Minidriver;C:\Windows\System32\drivers\VKbms.sys [2011-4-30 13312]
S2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2009-5-19 14136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-25 238848]
S3 jl;jl;C:\Windows\System32\jl64.sys [2010-10-22 30840]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]
S3 SaiK0CCB;SaiK0CCB;C:\Windows\System32\drivers\SaiK0CCB.sys [2010-11-12 171016]
S3 SaiU0CCB;SaiU0CCB;C:\Windows\System32\drivers\SaiU0CCB.sys [2010-11-12 41096]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 ahcix64;ahcix64;C:\Windows\System32\drivers\ahcix64.sys [2008-8-5 146944]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-10-27 93184]
S4 mv61xx;mv61xx;C:\Windows\System32\drivers\mv61xx.sys [2008-8-5 163736]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\BitTorrent.exe="C:\Program Files (x86)\BitTorrent\BitTorrent.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2011-07-06 12:52:42 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-06 12:52:42 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-07-01 03:31:30 50867144 ----a-w- C:\Windows\System32\mrt.exe
2011-07-01 02:54:42 49089992 ----a-w- C:\Windows\SysWow64\MRT.exe
2011-06-25 12:06:37 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-06-25 12:06:37 215128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-06-07 13:40:37 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-05-24 12:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-18 13:24:12 2760704 ----a-w- C:\Windows\System32\win32k.sys
2011-05-16 15:26:32 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-05-16 15:26:32 157472 ----a-w- C:\Windows\SysWow64\javaws.exe
2011-05-16 15:26:32 145184 ----a-w- C:\Windows\SysWow64\javaw.exe
2011-05-16 15:26:32 145184 ----a-w- C:\Windows\SysWow64\java.exe
2011-05-16 15:03:50 189728 ----a-w- C:\Windows\System32\javaws.exe
2011-05-16 15:03:50 171808 ----a-w- C:\Windows\System32\javaw.exe
2011-05-16 15:03:50 171808 ----a-w- C:\Windows\System32\java.exe
2011-05-16 15:03:49 521448 ----a-w- C:\Windows\System32\deployJava1.dll
2011-05-10 01:06:08 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2011-05-10 01:06:08 4517664 ----a-w- C:\Windows\System32\usbaaplrc.dll
2011-05-02 16:35:51 975360 ----a-w- C:\Windows\System32\inetcomm.dll
2011-05-02 15:58:28 738816 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-04-29 15:25:27 344576 ----a-w- C:\Windows\System32\schannel.dll
2011-04-29 14:54:10 276992 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-04-29 13:12:26 176128 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-04-29 13:12:20 144896 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-04-29 13:11:56 135168 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-04-29 13:11:55 274432 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-04-29 13:11:52 105984 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-04-22 19:05:34 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
2011-04-21 15:29:00 1032704 ----a-w- C:\Windows\System32\wininet.dll
2011-04-21 15:28:37 1427968 ----a-w- C:\Windows\System32\urlmon.dll
2011-04-21 15:27:10 208896 ----a-w- C:\Windows\System32\occache.dll
2011-04-21 15:26:01 1129984 ----a-w- C:\Windows\System32\mstime.dll
2011-04-21 15:25:32 759808 ----a-w- C:\Windows\System32\mshtmled.dll
2011-04-21 15:25:31 5702144 ----a-w- C:\Windows\System32\mshtml.dll
2011-04-21 15:25:29 590848 ----a-w- C:\Windows\System32\msfeeds.dll
2011-04-21 15:24:48 32256 ----a-w- C:\Windows\System32\jsproxy.dll
2011-04-21 15:24:29 7016960 ----a-w- C:\Windows\System32\ieframe.dll
2011-04-21 15:24:29 375296 ----a-w- C:\Windows\System32\iertutil.dll
2011-04-21 15:24:29 249856 ----a-w- C:\Windows\System32\iepeers.dll
2011-04-21 15:24:26 86528 ----a-w- C:\Windows\System32\ieencode.dll
2011-04-21 15:24:25 480256 ----a-w- C:\Windows\System32\iedkcs32.dll
2011-04-21 15:24:25 422400 ----a-w- C:\Windows\System32\ieapfltr.dll
2011-04-21 15:24:25 267776 ----a-w- C:\Windows\System32\ieaksie.dll
2011-04-21 15:00:34 833024 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-04-21 15:00:21 1174528 ----a-w- C:\Windows\SysWow64\urlmon.dll
2011-04-21 14:59:25 146432 ----a-w- C:\Windows\SysWow64\occache.dll
2011-04-21 14:58:50 671232 ----a-w- C:\Windows\SysWow64\mstime.dll
2011-04-21 14:58:36 477184 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2011-04-21 14:58:36 3593728 ----a-w- C:\Windows\SysWow64\mshtml.dll
2011-04-21 14:58:34 467456 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2011-04-21 14:58:04 28160 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2011-04-21 14:57:48 78336 ----a-w- C:\Windows\SysWow64\ieencode.dll
2011-04-21 14:57:48 6078976 ----a-w- C:\Windows\SysWow64\ieframe.dll
2011-04-21 14:57:48 389120 ----a-w- C:\Windows\SysWow64\iedkcs32.dll
2011-04-21 14:57:48 380928 ----a-w- C:\Windows\SysWow64\ieapfltr.dll
2011-04-21 14:57:48 270848 ----a-w- C:\Windows\SysWow64\iertutil.dll
2011-04-21 14:57:48 193024 ----a-w- C:\Windows\SysWow64\iepeers.dll
2011-04-21 14:57:47 230400 ----a-w- C:\Windows\SysWow64\ieaksie.dll
2011-04-21 13:59:55 485376 ----a-w- C:\Windows\System32\html.iec
2011-04-21 13:42:48 407552 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-04-21 13:34:37 1383424 ----a-w- C:\Windows\System32\mshtml.tlb
2011-04-21 13:28:42 389632 ----a-w- C:\Windows\SysWow64\html.iec
2011-04-21 13:08:37 1383424 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 11:41:37.99 ===============
---attach:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-07-14.01)
.
.
Motherboard: Alienware | |
Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz | CPU 1 | 1597/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 73.421 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 5.906 GiB free.
E: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_8086&DEV_D155&SUBSYS_00000000&REV_11\3&11583659&0&40
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_8086&DEV_D155&SUBSYS_00000000&REV_11\3&11583659&0&40
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_8086&DEV_D156&SUBSYS_00000000&REV_11\3&11583659&0&41
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_8086&DEV_D156&SUBSYS_00000000&REV_11\3&11583659&0&41
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_8086&DEV_D157&SUBSYS_00000000&REV_11\3&11583659&0&42
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_8086&DEV_D157&SUBSYS_00000000&REV_11\3&11583659&0&42
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_8086&DEV_D158&SUBSYS_00000000&REV_11\3&11583659&0&43
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_8086&DEV_D158&SUBSYS_00000000&REV_11\3&11583659&0&43
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_8086&DEV_D150&SUBSYS_00000000&REV_11\3&11583659&0&80
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_8086&DEV_D150&SUBSYS_00000000&REV_11\3&11583659&0&80
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_8086&DEV_D151&SUBSYS_00000000&REV_11\3&11583659&0&81
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_8086&DEV_D151&SUBSYS_00000000&REV_11\3&11583659&0&81
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02A21028&REV_12\4&2316B28A&0&3AF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_02A21028&REV_12\4&2316B28A&0&3AF0
Service:
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_02A21028&REV_12\4&2316B28A&0&3BF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_02A21028&REV_12\4&2316B28A&0&3BF0
Service:
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_3B30&SUBSYS_02A21028&REV_05\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_3B30&SUBSYS_02A21028&REV_05\3&11583659&0&FB
Service:
.
Class GUID:
Description:
Device ID: ACPI\SMO8800\1
Manufacturer:
Name:
PNP Device ID: ACPI\SMO8800\1
Service:
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: facap, FastAccess Video Capture
Device ID: ROOT\IMAGE\0000
Manufacturer: Sensible Vision
Name: facap, FastAccess Video Capture
PNP Device ID: ROOT\IMAGE\0000
Service: FACAP
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
?Torrent
A.V.A
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Adobe Shockwave Player 11.5
Alienware TactX(TM) Mouse CI 1.00
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auto Mouse 1.3
Battlefield: Bad Company? 2
BitTorrent
Bonjour
BulletStorm
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
CCleaner
Command Center
CyberLink PowerDVD 8
CyberLink YouCam
dBpoweramp Music Converter
Dead Rising 2
Dev-C++ 5 beta 9 release (4.9.9.2)
DVD Decrypter (Remove Only)
Emil Chronicle Online
ETHER VAPOR
EX3
Google Chrome
Granado Espada
HiJackThis
HOMEFRONT
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel PROSet Wireless
Intel(R) Network Connections 14.2.100.0
Intel(R) PROSet/Wireless WiFi Driver
iTunes
Java Auto Updater
Java(TM) 6 Update 25
Java(TM) 6 Update 25 (64-bit)
K-Lite Codec Pack 6.5.0 (Full)
Killing Floor
Killing Floor Mod: Defence Alliance 2
Left 4 Dead 2
Malwarebytes' Anti-Malware version 1.51.1.1800
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XNA Framework Redistributable 3.1
Mozilla Firefox (3.6.14)
MSVCRT
Need for Speed(TM) Hot Pursuit
NVIDIA Control Panel 266.58
NVIDIA Graphics Driver 266.58
NVIDIA Install Application
NVIDIA PhysX
PunkBuster Services
QuickTime
Razer Nostromo
SD Gundam Capsule Fighter Online
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Skype Toolbars
Skype? 5.1
StarCraft II
Steam
System Requirements Lab
Team Fortress 2
TeamSpeak 3 Client
Tixati
Total War: SHOGUN 2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Videora iPad Converter 6
VLC media player 1.1.4
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Messenger
Windows Live Upload Tool
Windows Media Player Firefox Plugin
WinRAR 4.00 beta 1 (64-bit)
.
==== End Of File ===========================
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
Ok. First of all, MBA-M log shows that you took no action on the files that were found. Can you confirm that, or did you have MBA-M remove the files found?
====
Download OTL to your Desktop.
* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT
* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
Whiteglint
0
Newbie Poster
After the scan MBA-M removed the files found.
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
No worries.
OTL?
Whiteglint
0
Newbie Poster
OTL logfile created on: 7/16/2011 10:07:23 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Alan\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 37.19% Memory free
8.19 Gb Paging File | 6.02 Gb Available in Paging File | 73.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 101.50 Gb Free Space | 22.50% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 5.91 Gb Free Space | 40.31% Space Free | Partition Type: NTFS
Computer Name: ALAN-PC | User Name: Alan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/16 22:05:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
PRC - [2011/06/05 17:17:37 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Alan\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011/03/26 01:55:24 | 000,400,760 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
PRC - [2011/02/21 11:50:34 | 000,254,976 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Nostromo\t2Hid.exe
PRC - [2011/02/16 19:23:40 | 001,759,232 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\Razer\Nostromo\vdDaemon.exe
PRC - [2010/12/07 15:00:20 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Razer\Nostromo\t2Tra.exe
PRC - [2010/12/05 00:23:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/11/17 17:33:46 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2010/09/04 12:49:26 | 003,241,312 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2009/05/20 16:59:44 | 000,013,624 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
PRC - [2009/05/20 16:59:34 | 000,057,672 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2009/05/10 00:48:51 | 000,095,496 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
PRC - [2009/05/10 00:48:50 | 001,938,696 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
PRC - [2009/05/10 00:48:21 | 002,360,584 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
PRC - [2009/03/27 15:13:00 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
PRC - [2008/03/20 20:23:22 | 000,083,240 | ---- | M] (Cyberlink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
========== Modules (SafeList) ==========
MOD - [2011/07/16 22:05:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
MOD - [2010/08/31 22:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/05/19 16:30:40 | 000,014,136 | ---- | M] (Alienware) [Auto | Stopped] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2009/05/10 00:48:21 | 002,360,584 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe -- (FAService)
SRV:64bit: - [2008/01/21 09:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/06/03 23:45:39 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/08 04:44:00 | 004,060,664 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/12/05 00:23:45 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/07/28 01:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/01/16 12:58:08 | 000,022,912 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\T2Fltr.sys -- (T2Fltr)
DRV:64bit: - [2010/12/18 20:15:46 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/10/22 14:44:10 | 000,030,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\jl64.sys -- (jl)
DRV:64bit: - [2010/10/01 00:16:34 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VKbms.sys -- (VKbms)
DRV:64bit: - [2010/09/30 09:53:58 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VJoystick.sys -- (VJoystick)
DRV:64bit: - [2010/09/29 20:45:22 | 000,006,656 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2010/09/02 16:22:18 | 000,088,864 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2010/04/22 14:22:52 | 000,049,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2010/04/22 14:22:52 | 000,022,664 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2010/04/22 14:22:48 | 000,171,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SaiK0CCB.sys -- (SaiK0CCB)
DRV:64bit: - [2010/04/22 14:22:48 | 000,041,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SaiU0CCB.sys -- (SaiU0CCB)
DRV:64bit: - [2010/03/08 10:03:36 | 000,067,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:64bit: - [2009/06/19 17:55:42 | 000,257,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1k60x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/22 17:10:40 | 000,058,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/04/22 17:10:32 | 000,055,312 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/09/25 10:36:14 | 000,238,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\facap.sys -- (FACAP)
DRV:64bit: - [2008/07/30 02:15:28 | 000,146,944 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ahcix64.sys -- (ahcix64)
DRV:64bit: - [2008/06/26 06:40:20 | 004,735,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/04/16 04:54:16 | 000,388,120 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/01/21 09:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/21 09:46:55 | 000,111,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/06/15 22:52:26 | 000,163,736 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2007/04/12 11:18:26 | 000,071,680 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2006/11/18 13:07:48 | 000,055,296 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2006/09/19 04:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/02/08 06:53:22 | 000,008,704 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\jgogo.sys -- (JGOGO)
DRV - [2008/10/17 15:52:28 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/11/04 19:36:05] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2005/01/03 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alan\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alan\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/28 18:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/05 18:29:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Alan\AppData\Roaming\IDM\idmmzcc3 [2011/07/05 13:56:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Alan\AppData\Roaming\IDM\idmmzcc3 [2011/07/05 13:56:16 | 000,000,000 | ---D | M]
[2010/12/31 04:36:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alan\AppData\Roaming\Mozilla\Extensions
[2011/05/19 05:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\0hgijj3b.default\extensions
[2011/05/19 05:24:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\0hgijj3b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/19 05:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/05/16 22:26:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/05/16 22:26:33 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/07/28 18:14:08 | 000,022,016 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiFFPlugin1.dll
O1 HOSTS File: ([2009/02/23 15:57:46 | 000,000,985 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 tonec.com
O1 - Hosts: 127.0.0.1 www.tonec.com
O1 - Hosts: 127.0.0.1 registeridm.com
O1 - Hosts: 127.0.0.1 www.registeridm.com
O1 - Hosts: 127.0.0.1 secure.registeridm.com
O1 - Hosts: 127.0.0.1 internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 www.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 secure.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror2.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror3.internetdownloadmanager.com
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [FILE NAME] C:\Program Files (x86)\Razer\Nostromo\t2Hid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WMPNSCFG] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FA73B1B9-D6F0-4420-AEB4-B3C973B2A115} http://update.hitsplay.com:8080/UniUpdTool/system/NCLauncher.cab (CNCLauncherCtl Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll ()
O24 - Desktop WallPaper: C:\Users\Alan\Pictures\animepaperwallpapersthebj8.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alan\Pictures\animepaperwallpapersthebj8.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{06543837-6a5d-11e0-881e-0026b9639aa7}\Shell\AutoRun\command - "" = F:\start.exe
O33 - MountPoints2\{369f5db7-0adb-11e0-be9c-0026b9639aa7}\Shell - "" = AutoRun
O33 - MountPoints2\{369f5db7-0adb-11e0-be9c-0026b9639aa7}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{7a2544f3-06d8-11e0-a21f-0026b9639aa7}\Shell\AutoRun\command - "" = H:\DW_V409.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/07/16 22:04:26 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
[2011/07/16 17:47:55 | 000,000,000 | R--D | C] -- C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2011/07/16 11:39:56 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Local\Alienware
[2011/07/16 11:39:54 | 000,000,000 | R--D | C] -- C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/07/16 11:39:54 | 000,000,000 | R--D | C] -- C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/07/16 06:15:41 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Malwarebytes
[2011/07/16 06:15:28 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/16 06:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/16 06:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/16 06:15:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/07/16 01:01:42 | 049,089,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/07/15 14:47:57 | 000,489,596 | R--- | C] (Swearware) -- C:\Users\Alan\Desktop\dds.scr
[2011/07/15 14:47:37 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Alan\Desktop\ATF-Cleaner.exe
[2011/07/15 03:00:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/07/15 03:00:06 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/07/13 23:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2011/07/13 23:36:46 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Simply Super Software
[2011/07/13 23:36:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2011/07/13 23:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/07/12 23:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlocker
[2011/07/12 23:16:56 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\Simply Super Software
[2011/07/12 18:15:11 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Ubisoft
[2011/07/12 17:53:23 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Local\Ubisoft Game Launcher
[2011/07/12 17:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2011/07/12 16:59:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011/07/12 03:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2011/07/12 03:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Decrypter
[2011/07/12 03:14:42 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Local\Geckofx
[2011/07/12 03:14:41 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\Red Kawa
[2011/07/12 03:14:41 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Red Kawa
[2011/07/12 03:14:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011/07/12 03:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Kawa
[2011/07/12 03:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Kawa
[2011/07/12 02:57:50 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Digiarty
[2011/07/12 02:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digiarty
[2011/07/12 02:46:49 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\dvdcss
[2011/07/12 02:42:39 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\Aiseesoft Studio
[2011/07/12 02:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Aiseesoft Studio
[2011/07/12 02:41:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aiseesoft Studio
[2011/07/05 18:30:17 | 016,456,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/07/05 18:30:17 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/07/05 18:30:17 | 011,992,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011/07/05 18:30:17 | 006,555,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011/07/05 18:30:17 | 005,301,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/07/05 18:30:17 | 002,804,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/07/05 18:30:17 | 002,335,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011/07/05 18:30:17 | 002,082,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/07/05 18:30:17 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/07/05 18:23:05 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/07/05 18:23:04 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/07/05 18:23:03 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/07/05 18:23:02 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/07/05 18:23:02 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/07/05 18:23:02 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/07/05 18:23:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/07/05 18:22:58 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2011/07/05 18:04:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/07/05 15:06:29 | 000,000,000 | ---D | C] -- C:\Goldensoft
[2011/07/04 18:38:54 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\Raiderz
[2011/07/04 17:54:45 | 000,000,000 | ---D | C] -- C:\MAIET
[2011/07/04 00:33:18 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\FOMM
[2011/07/04 00:32:45 | 000,000,000 | ---D | C] -- C:\Games
[2011/07/03 19:17:11 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\IDM
[2011/07/03 19:17:11 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\DMCache
[2011/07/03 19:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2011/07/02 16:39:38 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Local\FalloutNV
[2011/07/02 16:21:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2011/06/28 18:20:05 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Apple Computer
[2011/06/28 18:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/28 18:18:43 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011/06/28 18:18:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/06/28 18:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/28 18:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/28 18:18:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/06/28 18:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/06/28 18:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/06/28 18:17:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/06/28 18:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/06/28 18:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/06/28 18:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/06/28 18:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/06/28 18:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/06/28 18:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/06/28 18:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/06/21 20:33:22 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\อ้อน
[2011/06/01 16:25:19 | 001,654,869 | ---- | C] (Dynu Systems Inc.) -- C:\ProgramData\DynuEncrypt.dll
[8 C:\Users\Alan\AppData\Local\*.tmp files -> C:\Users\Alan\AppData\Local\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/07/16 22:05:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
[2011/07/16 21:47:48 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/16 21:47:48 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/16 21:22:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1756661895-4149471120-3947558325-1000UA.job
[2011/07/16 17:55:43 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/16 17:55:43 | 000,595,996 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/16 17:55:43 | 000,104,070 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/16 17:47:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/15 17:22:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1756661895-4149471120-3947558325-1000Core.job
[2011/07/15 15:10:11 | 000,302,592 | ---- | M] () -- C:\Users\Alan\Desktop\dce0zp2y.exe
[2011/07/15 15:05:22 | 000,063,488 | ---- | M] () -- C:\Users\Alan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/15 14:48:18 | 000,489,596 | R--- | M] (Swearware) -- C:\Users\Alan\Desktop\dds.scr
[2011/07/15 14:47:39 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Alan\Desktop\ATF-Cleaner.exe
[2011/07/15 03:05:49 | 000,002,557 | ---- | M] () -- C:\Users\Alan\Desktop\HiJackThis.lnk
[2011/07/15 02:57:25 | 001,402,880 | ---- | M] () -- C:\Users\Alan\Desktop\HiJackThis.msi
[2011/07/12 03:16:23 | 000,001,837 | ---- | M] () -- C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk
[2011/07/12 03:16:23 | 000,001,813 | ---- | M] () -- C:\Users\Alan\Desktop\DVD Decrypter.lnk
[2011/07/12 03:13:57 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\Videora iPad Converter.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,025,912 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/05 18:37:04 | 000,230,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/07/05 15:09:45 | 000,000,709 | ---- | M] () -- C:\Users\Alan\Desktop\SD Gundam Capsule Fighter Online.lnk
[2011/07/05 14:50:23 | 000,164,218 | ---- | M] () -- C:\Users\Alan\Documents\cc_20110705_145008.reg
[2011/07/05 13:56:04 | 000,000,948 | ---- | M] () -- C:\Users\Alan\Desktop\Internet Download Manager.lnk
[2011/07/02 21:24:11 | 000,000,453 | ---- | M] () -- C:\Users\Alan\Desktop\Playlist1.wpl
[2011/07/01 09:54:42 | 049,089,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/06/29 17:44:00 | 003,111,515 | ---- | M] () -- C:\Users\Alan\Desktop\Computer Organization and Architecture Designing for Performance (8th Edition)_0136073735.pdf
[2011/06/28 22:33:15 | 000,091,632 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/06/25 19:06:37 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/06/25 19:06:37 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/06/25 03:07:53 | 000,002,413 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/06/18 14:50:56 | 005,684,770 | ---- | M] () -- C:\Users\Alan\Desktop\Just A Dream (cover).mp3
[8 C:\Users\Alan\AppData\Local\*.tmp files -> C:\Users\Alan\AppData\Local\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/16 06:15:25 | 000,025,912 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/15 15:10:00 | 000,302,592 | ---- | C] () -- C:\Users\Alan\Desktop\dce0zp2y.exe
[2011/07/15 03:00:07 | 000,002,557 | ---- | C] () -- C:\Users\Alan\Desktop\HiJackThis.lnk
[2011/07/15 02:59:09 | 001,402,880 | ---- | C] () -- C:\Users\Alan\Desktop\HiJackThis.msi
[2011/07/12 03:16:23 | 000,001,837 | ---- | C] () -- C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk
[2011/07/12 03:16:23 | 000,001,813 | ---- | C] () -- C:\Users\Alan\Desktop\DVD Decrypter.lnk
[2011/07/12 03:13:57 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\Videora iPad Converter.lnk
[2011/07/11 21:28:36 | 000,005,829 | ---- | C] () -- C:\images.jpg
[2011/07/05 18:30:17 | 022,286,952 | ---- | C] () -- C:\Windows\SysNative\nvoglv64.dll
[2011/07/05 18:30:17 | 018,583,144 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2011/07/05 18:30:17 | 015,223,912 | ---- | C] () -- C:\Windows\SysNative\nvd3dumx.dll
[2011/07/05 18:30:17 | 013,206,120 | ---- | C] () -- C:\Windows\SysNative\drivers\nvlddmkm.sys
[2011/07/05 18:30:17 | 008,863,336 | ---- | C] () -- C:\Windows\SysNative\nvwgf2umx.dll
[2011/07/05 18:30:17 | 007,123,560 | ---- | C] () -- C:\Windows\SysNative\nvcuda.dll
[2011/07/05 18:30:17 | 002,943,592 | ---- | C] () -- C:\Windows\SysNative\nvcuvid.dll
[2011/07/05 18:30:17 | 002,212,968 | ---- | C] () -- C:\Windows\SysNative\nvcuvenc.dll
[2011/07/05 18:30:17 | 001,496,168 | ---- | C] () -- C:\Windows\SysNative\nvdispco6420150.dll
[2011/07/05 18:30:17 | 001,427,048 | ---- | C] () -- C:\Windows\SysNative\nvgenco642090.dll
[2011/07/05 18:30:17 | 000,067,176 | ---- | C] () -- C:\Windows\SysNative\OpenCL.dll
[2011/07/05 18:30:17 | 000,012,392 | ---- | C] () -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011/07/05 18:23:14 | 005,702,144 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2011/07/05 18:23:09 | 007,016,960 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2011/07/05 18:23:07 | 001,427,968 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2011/07/05 18:23:05 | 000,759,808 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2011/07/05 18:23:04 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2011/07/05 18:23:04 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2011/07/05 18:23:03 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2011/07/05 18:23:03 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2011/07/05 18:23:03 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2011/07/05 18:23:02 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2011/07/05 18:23:02 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2011/07/05 18:23:02 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2011/07/05 18:23:02 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2011/07/05 18:23:02 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2011/07/05 18:23:01 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2011/07/05 18:22:58 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2011/07/05 18:22:52 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2011/07/05 18:10:04 | 000,847,872 | ---- | C] () -- C:\Windows\SysNative\oleaut32.dll
[2011/07/05 18:09:44 | 002,760,704 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2011/07/05 18:09:36 | 000,407,552 | ---- | C] () -- C:\Windows\SysNative\drivers\afd.sys
[2011/07/05 18:09:35 | 000,344,576 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2011/07/05 18:09:34 | 000,274,432 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2011/07/05 18:09:34 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2011/07/05 18:09:34 | 000,105,984 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2011/07/05 18:09:32 | 000,176,128 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2011/07/05 18:09:32 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2011/07/05 18:09:29 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2011/07/05 18:09:27 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\drivers\dfsc.sys
[2011/07/05 15:09:45 | 000,000,709 | ---- | C] () -- C:\Users\Alan\Desktop\SD Gundam Capsule Fighter Online.lnk
[2011/07/05 14:50:11 | 000,164,218 | ---- | C] () -- C:\Users\Alan\Documents\cc_20110705_145008.reg
[2011/07/05 13:55:44 | 000,000,948 | ---- | C] () -- C:\Users\Alan\Desktop\Internet Download Manager.lnk
[2011/07/05 13:55:43 | 000,088,864 | ---- | C] () -- C:\Windows\SysNative\drivers\idmwfp.sys
[2011/07/02 21:24:11 | 000,000,453 | ---- | C] () -- C:\Users\Alan\Desktop\Playlist1.wpl
[2011/06/29 17:43:10 | 003,111,515 | ---- | C] () -- C:\Users\Alan\Desktop\Computer Organization and Architecture Designing for Performance (8th Edition)_0136073735.pdf
[2011/06/28 22:33:15 | 000,091,632 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/06/28 18:18:43 | 000,126,312 | ---- | C] () -- C:\Windows\SysNative\GEARAspi64.dll
[2011/06/28 18:18:43 | 000,034,152 | ---- | C] () -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/06/28 18:16:58 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/06/18 14:32:40 | 005,684,770 | ---- | C] () -- C:\Users\Alan\Desktop\Just A Dream (cover).mp3
[2011/06/16 02:22:22 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/26 00:40:04 | 000,046,530 | ---- | C] () -- C:\Users\Alan\AppData\Roaming\room.dat
[2011/03/21 20:46:56 | 000,000,552 | ---- | C] () -- C:\Users\Alan\AppData\Local\d3d8caps.dat
[2011/02/21 10:43:52 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2011/01/29 23:06:50 | 000,001,356 | ---- | C] () -- C:\Users\Alan\AppData\Local\d3d9caps.dat
[2011/01/21 16:33:12 | 006,814,952 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/01/21 16:33:12 | 000,017,772 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2010/12/31 04:36:23 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/12/01 20:06:19 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/11/20 23:42:20 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/11/20 23:42:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/11/20 23:42:14 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/11/07 23:35:09 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/11/07 23:35:08 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/11/07 23:35:08 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/11/07 23:35:08 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/11/07 23:35:08 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/11/04 19:14:29 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/10/28 18:39:45 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/10/28 18:39:45 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010/10/27 18:56:04 | 000,063,488 | ---- | C] () -- C:\Users\Alan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/19 13:34:03 | 000,001,460 | ---- | C] () -- C:\Users\Alan\AppData\Local\d3d9caps64.dat
[2009/05/19 16:44:00 | 000,097,584 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2009/05/10 00:49:28 | 000,088,840 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2009/05/10 00:48:54 | 000,059,144 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2009/05/10 00:47:47 | 000,234,248 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll
[2008/01/21 09:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/21 09:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006/11/02 22:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 19:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 19:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 19:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 16:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== Files - Unicode (All) ==========
[2011/02/23 12:50:36 | 005,752,625 | ---- | M] ()(C:\Users\Alan\Desktop\?MIKU?LUKA? Magnet.mp3) -- C:\Users\Alan\Desktop\【MIKU・LUKA】 Magnet.mp3
[2011/02/23 12:50:36 | 004,121,238 | ---- | M] ()(C:\Users\Alan\Desktop\?LUKA? Double Lariat.mp3) -- C:\Users\Alan\Desktop\【LUKA】 Double Lariat.mp3
[2011/02/22 18:29:02 | 000,001,811 | ---- | M] ()(C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\Alienware ????????.lnk) -- C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\Alienware コマンドセンター.lnk
[2011/02/22 18:29:02 | 000,001,811 | ---- | C] ()(C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\Alienware ????????.lnk) -- C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\Alienware コマンドセンター.lnk
[2011/02/21 11:24:35 | 005,752,625 | ---- | C] ()(C:\Users\Alan\Desktop\?MIKU?LUKA? Magnet.mp3) -- C:\Users\Alan\Desktop\【MIKU・LUKA】 Magnet.mp3
[2011/02/21 11:21:08 | 004,121,238 | ---- | C] ()(C:\Users\Alan\Desktop\?LUKA? Double Lariat.mp3) -- C:\Users\Alan\Desktop\【LUKA】 Double Lariat.mp3
[2011/01/21 16:44:29 | 005,869,694 | ---- | M] ()(C:\Users\Alan\Desktop\01 Ryuusei no Bifr?st.mp3) -- C:\Users\Alan\Desktop\01 Ryuusei no Bifröst.mp3
[2011/01/21 16:36:15 | 005,869,694 | ---- | C] ()(C:\Users\Alan\Desktop\01 Ryuusei no Bifr?st.mp3) -- C:\Users\Alan\Desktop\01 Ryuusei no Bifröst.mp3
[2011/01/20 08:39:36 | 029,223,993 | ---- | C] ()(C:\Users\Alan\Desktop\03 Ryuusei no Bifr?st (off vocal).flac) -- C:\Users\Alan\Desktop\03 Ryuusei no Bifröst (off vocal).flac
[2011/01/20 08:39:34 | 030,124,586 | ---- | C] ()(C:\Users\Alan\Desktop\01 Ryuusei no Bifr?st.flac) -- C:\Users\Alan\Desktop\01 Ryuusei no Bifröst.flac
[2010/11/29 14:17:43 | 030,124,586 | ---- | M] ()(C:\Users\Alan\Desktop\01 Ryuusei no Bifr?st.flac) -- C:\Users\Alan\Desktop\01 Ryuusei no Bifröst.flac
[2010/11/29 14:17:43 | 029,223,993 | ---- | M] ()(C:\Users\Alan\Desktop\03 Ryuusei no Bifr?st (off vocal).flac) -- C:\Users\Alan\Desktop\03 Ryuusei no Bifröst (off vocal).flac
< End of report >
Whiteglint
0
Newbie Poster
OTL Extras logfile created on: 7/16/2011 10:07:23 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Alan\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 37.19% Memory free
8.19 Gb Paging File | 6.02 Gb Available in Paging File | 73.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 101.50 Gb Free Space | 22.50% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 5.91 Gb Free Space | 40.31% Space Free | Partition Type: NTFS
Computer Name: ALAN-PC | User Name: Alan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l File not found
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00766DB1-FEEA-4D09-BB02-BDDCB28C7D58}" = lport=445 | protocol=6 | dir=in | app=system |
"{1A6759D4-D446-419D-BF77-B4A64E860A84}" = lport=138 | protocol=17 | dir=in | app=system |
"{25BD71B9-DA01-472E-ABF4-5417A1C1C5F1}" = rport=139 | protocol=6 | dir=out | app=system |
"{2F9F9CCC-58BF-4CC3-A35B-4358FB724664}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{30E1A005-0BFB-4E03-B157-20650B1AE489}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3AFB052F-16C4-45D6-A2E7-7195E2AC347F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4FC8EC68-16B0-41AB-959F-B522D905C0B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{5B387C0E-98F5-4C60-967D-9895322169A0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5FCBFF07-761A-4F75-AA7C-A0D573D11BC8}" = lport=139 | protocol=6 | dir=in | app=system |
"{709A0E34-C9D9-476D-A93F-501D01DEA5E7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{71DAF785-9F9D-403A-8E42-8E2EF8AF7492}" = rport=137 | protocol=17 | dir=out | app=system |
"{743762DE-D5E7-4FEA-9FFA-B98AD5AEC869}" = lport=2869 | protocol=6 | dir=in | app=system |
"{930E5276-120E-46AB-9FAB-F0BC7EC0F852}" = lport=137 | protocol=17 | dir=in | app=system |
"{AF1EA5C5-D059-4C70-9AAA-BB0414761D87}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{AFA99AB7-00BE-4DB4-989D-B11D5364D20B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B2D41622-DCC2-4D82-843A-7B0E111D5A32}" = rport=138 | protocol=17 | dir=out | app=system |
"{C8AAF9EA-3D34-4C47-BA24-FD442521AED3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EE427D0B-039E-4559-B6BC-8251CBECC6FD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FA6EABF2-CCC0-481E-8058-42FBC6F7D9A6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FBAEC8B8-EBAD-47AC-B82F-FC24E581F0B2}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04EF7370-BE1E-45BC-B31C-CC4B7065637A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{05F77DB0-48D7-430C-98A9-951F82D6260E}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{0C217BEF-DAC1-4353-B020-24EF8453765E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{106BED71-9A80-4A63-AE60-DB3A827CA56B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{10CF3C3E-DE7E-4C86-9903-81344A5C9CA5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{10E7EFD6-4E4B-4472-8734-26C02193267D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{1441DD6C-D28A-4984-BA3B-01A1243B59B4}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{152E3749-2CD0-4200-9BA9-4754D1A29472}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{1583787C-A694-41DD-A1C6-9FB16D3F4EAD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{15B3448D-D0AF-44A3-92F2-F4C227EB3B0F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1926A1C3-51D1-469F-9DA9-192587949614}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{1C339BE9-1623-40CE-9801-4AD80658F2CF}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"{23A9E55F-B969-4291-9C8C-4B390BB27889}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{29365564-C46E-480B-BC2D-692543F319C2}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{3557B255-C45B-4ABB-B750-A5212902470F}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{3623AFEB-2187-431A-83ED-D9B94F4BC53C}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{384230E4-7248-4BFB-AB68-E613B3ABB9C4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{38770BB7-092B-42CB-84CB-0C9B184CFAD7}" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"{3BDAF322-8129-4C3D-A329-6AD55F081B74}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{471BCE95-BC7F-4D63-9D0F-1D84646DAA91}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{5000105E-B670-4AD1-A807-AD4C98E78515}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{51083810-CE80-4A75-A469-397EA88622D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{553D434B-34A8-4EEA-895A-450927FD28D4}" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"{5A73651A-4233-4D45-9007-934D419DE94B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{60AE14D7-A2C8-4782-A1D6-F75F171FD118}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{750E7E70-50AD-4D84-AEA0-1CC8C6A21FF7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{7972E446-AD46-4908-8DB4-14F7019344DF}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"{7B579D77-E106-444E-A227-74C755F0A830}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"{7BB2B35F-77AA-46EF-94B9-ACD2DE989949}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{7E7D2979-576B-40A6-B54F-518AABA0B671}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{808A1EAC-58A3-489F-B187-5C4E6E43C9B6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{8328CDA0-FCCA-47A7-AB3A-4887020A347B}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{886547F8-3BBC-422F-BC74-FD10C0492D2F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8A945424-6A7C-4488-AE4F-73ED08A18E44}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{8D7F88E8-8D4E-4412-9D5D-F43BF37D2BB4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{90FB5784-B101-4A92-A4F2-D6F1D2690691}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{92B80527-7320-425F-A79D-FFA26756A20C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9445C62C-28F6-4CC3-AF5A-AB07160E8DD2}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"{960369D3-72D9-49D9-8CA1-D3FFE0D62529}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"{9AC4F1A3-F4BE-4B2F-8E29-4937E24A84C3}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"{9D493F21-09DF-466D-9A5E-86C0531DD102}" = protocol=17 | dir=in | app=c:\funbox\grandchase\main.exe |
"{A2F22603-7775-4C97-A2E7-27C3774E3BB4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{A4AFFD55-EB47-4520-809B-9750C89E73CD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A53B0761-B935-4521-A60A-1366AE4DDB47}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{A5B92D49-9CB4-444C-BBDF-07F68F50894C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{A5D98C4E-3116-433B-AE70-F4B224C2455D}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{A7EEC9E7-DE77-4B2D-9FFA-893A736F1401}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{A850D640-7BC0-4AA6-8211-08DBA94F5D2F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\homefront\binaries\homefront.exe |
"{AA95EC25-B187-4053-B904-0262A29D495F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AAAC77C1-0907-40C5-A056-0C0717058734}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ABC89712-BE2A-416B-8F43-2368762DB615}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\launcher.exe |
"{ABFBB12C-69BF-40C4-943A-24F3BC53D85F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{ACC4F250-F531-4697-A3CA-5C1B2146B2A2}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"{B234DC8B-957E-454E-8E27-A60DB5CDCE2F}" = protocol=6 | dir=in | app=c:\funbox\grandchase\main.exe |
"{BBE755DD-44E0-44FB-B7AA-545E842A2C46}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{C2F02D6B-CBAC-4371-AC2C-B510A04C29C9}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"{C32A5874-0119-44C6-8980-104EFC209052}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"{C7EF38B2-FFCB-42A5-920E-55217F01AED5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{CD2C7425-8547-461C-83B1-8CFCDD6E56C4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D34E4E42-3CB2-42A4-AC72-BF421607508A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D7465C14-5C83-4A85-AC1E-90FF7DB53F9A}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{D7AE1B9B-4463-4091-AD96-89578393D275}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DD9B5A5B-FC5B-4BB5-803C-40121BCDBE63}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E15FB4C6-4263-4D6F-A6E1-E222879D8DD6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{E1ABB018-2029-401B-BE92-2C7F13EC2449}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\homefront\binaries\homefront.exe |
"{E43A3653-513C-4DAB-98F3-A856F7D22075}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{E8561D67-AB58-4553-B263-8DBF766439D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{EEA3D0AC-5692-4207-A4F0-7225C09B732A}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"{F02E1FBF-4B79-47CB-A36C-7C75B7C74293}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{F0B150CB-ACF7-4E67-9E8B-764E5C25E8B9}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{F3620082-9968-4244-B72D-BE74BCF8961E}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"{F597AFB1-1F9D-4A26-8E1D-2A62901429C5}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"{F68A701E-7F39-45D2-951C-0494B8BD2319}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{0FB27176-D84C-4F08-A709-694BFA77FEFE}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"TCP Query User{3120A1F8-B9FA-4BD2-9FDB-B415D21548CB}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{36E9F178-4937-49BC-9506-CF2BEAF6460A}C:\funbox\grandchase\grandchase.exe" = protocol=6 | dir=in | app=c:\funbox\grandchase\grandchase.exe |
"TCP Query User{3C298154-16D5-492E-85A1-876BEC0B0213}C:\program files (x86)\steam\steamapps\whiteglint\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\whiteglint\team fortress 2\hl2.exe |
"TCP Query User{485CB67E-CE0D-4FBA-B270-D37D28F636D5}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{4D274733-2540-4842-A839-D12E4E4ECAC7}C:\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=6 | dir=in | app=c:\thq\dawn of war - soulstorm\soulstorm.exe |
"TCP Query User{55B7BF34-E884-41A1-A7C3-58B16E2BDBBB}C:\program files (x86)\tixati\tixati.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tixati\tixati.exe |
"TCP Query User{6129B78C-3D1B-421B-8E67-6D6EE8E88F57}C:\program files (x86)\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
"TCP Query User{685BE0B9-859D-4B05-B54D-D243ECE53C56}C:\users\alan\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\alan\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{74084AAD-FA23-423A-89CE-0CBE7557896B}C:\program files (x86)\tixati\tixati.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tixati\tixati.exe |
"TCP Query User{91849201-EED6-476E-8372-A43C2E2C0A44}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"TCP Query User{AA1A1114-6231-4DD1-BBCF-C067B86FD54F}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{ACE516E8-8A30-4EF7-8AFC-6D4882ECAE39}C:\thq\dawn of war - soulstorm\w40k.exe" = protocol=6 | dir=in | app=c:\thq\dawn of war - soulstorm\w40k.exe |
"TCP Query User{B83F134F-E188-4467-909F-18A3732AB608}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{D030FDC2-1690-4264-A29A-9E4C8DA7E48A}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{D536E7DB-2CCE-465F-8C9D-BF8CF737D75B}C:\goldensoft\sdgo\gonline.exe" = protocol=6 | dir=in | app=c:\goldensoft\sdgo\gonline.exe |
"TCP Query User{DF21B1DE-5A03-470C-BCB0-BFD5F6E2B377}C:\program files (x86)\jaya\ex3\ex3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jaya\ex3\ex3.exe |
"UDP Query User{1B874794-CDDC-48F3-B291-83339D764BD1}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"UDP Query User{4D3A14DC-5DB9-470A-99AF-C57FBF943FB5}C:\users\alan\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\alan\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{4D9A0E1D-4958-4947-A1DD-E14C7921CD74}C:\program files (x86)\tixati\tixati.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tixati\tixati.exe |
"UDP Query User{5AA9A4AE-8645-4D8E-AEA8-61BCA668FCF9}C:\funbox\grandchase\grandchase.exe" = protocol=17 | dir=in | app=c:\funbox\grandchase\grandchase.exe |
"UDP Query User{69A73C79-C890-40F0-9DD9-E494B5B45611}C:\thq\dawn of war - soulstorm\soulstorm.exe" = protocol=17 | dir=in | app=c:\thq\dawn of war - soulstorm\soulstorm.exe |
"UDP Query User{7DC9115C-C8FC-40EB-9F45-6A411BFE8B05}C:\thq\dawn of war - soulstorm\w40k.exe" = protocol=17 | dir=in | app=c:\thq\dawn of war - soulstorm\w40k.exe |
"UDP Query User{80797D29-FE21-48FC-8A5B-1B3BE82C6077}C:\program files (x86)\steam\steamapps\whiteglint\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\whiteglint\team fortress 2\hl2.exe |
"UDP Query User{87050EFF-AA1E-4C5D-B331-C5371D628AED}C:\program files (x86)\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
"UDP Query User{9941C955-8168-41A0-B560-247E8B7F5CD8}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{A033A55C-5D55-43E2-B260-DB7FFC5CBCBF}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{A377B434-A7D3-449B-B06D-514CBD73C801}C:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\need for speed(tm) hot pursuit\nfs11.exe |
"UDP Query User{AEAA8391-0E7A-4577-BBA2-ED26C3EF907F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{B519D55D-02CE-4E58-A243-844B5895CB0F}C:\program files (x86)\tixati\tixati.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tixati\tixati.exe |
"UDP Query User{BE7ECE8E-92CD-49FF-AB44-4FD731ACED0F}C:\goldensoft\sdgo\gonline.exe" = protocol=17 | dir=in | app=c:\goldensoft\sdgo\gonline.exe |
"UDP Query User{BFCBE42E-9D74-4575-87BF-0976044B88F2}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{F9CEA06A-13A2-4C61-BAD6-C4FCE1AFA311}C:\program files (x86)\jaya\ex3\ex3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jaya\ex3\ex3.exe |
"UDP Query User{FDF48CCF-BD87-4C1E-88E8-4C60CD11BEFE}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{261F2A97-EF19-44F7-8040-78DC574CD22A}" = Intel(R) PROSet/Wireless WiFi Driver
"{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit)
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}" = Command Center
"{B0D59FDC-FEAB-49A2-9B5A-E5E0A8F9D7E0}" = Alienware TactX(TM) Mouse CI 1.00
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCF07271-A853-4D3A-B668-4B752174CAA8}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EEEFE7A9-293E-4F5F-A114-81731A9C3826}" = Intel(R) Network Connections 14.2.100.0
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"PROSetDX" = Intel(R) Network Connections 14.2.100.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.00 beta 1 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3FB61967-FF66-43B6-89F9-DF15FD9F3015}" = Razer Nostromo
"{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A
"{4343080E-448E-4E2C-B27F-B91000018201}" = Dead Rising 2
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7091FF1F-7EE5-4D10-ACB9-340304972A68}" = Emil Chronicle Online
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8246663A-3167-4BCC-8A66-2FFBA252D64A}" = EX3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Auto Mouse_is1" = Auto Mouse 1.3
"BitTorrent" = BitTorrent
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EFFEEIEFFCCAFGEBFAEPFC" = ETHER VAPOR
"Granado Espada" = Granado Espada
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}" = Command Center
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.5.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Mozilla Firefox (3.6.14)" = Mozilla Firefox (3.6.14)
"PunkBusterSvc" = PunkBuster Services
"SD Gundam Capsule Fighter Online" = SD Gundam Capsule Fighter Online
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 1250" = Killing Floor
"Steam App 34330" = Total War: SHOGUN 2
"Steam App 35420" = Killing Floor Mod: Defence Alliance 2
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 55100" = HOMEFRONT
"SystemRequirementsLab" = System Requirements Lab
"tixati" = Tixati
"uTorrent" = µTorrent
"Videora iPad Converter" = Videora iPad Converter 6
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/15/2011 1:18:57 AM | Computer Name = Alan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 7/15/2011 1:19:27 AM | Computer Name = Alan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 7/15/2011 1:20:07 AM | Computer Name = Alan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 7/15/2011 3:48:32 AM | Computer Name = Alan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 7/15/2011 12:23:52 PM | Computer Name = Alan-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4e151c12,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x4e161052,
exception code 0xc0000005, fault offset 0x72e1e649, process id 0x11a4, application
start time 0x01cc4303742a9b70.
Error - 7/15/2011 2:01:25 PM | Computer Name = Alan-PC | Source = Application Error | ID = 1000
Description = Faulting application hl2.exe, version 0.0.0.0, time stamp 0x4e151c12,
faulting module filesystem_steam.dll_unloaded, version 0.0.0.0, time stamp 0x4e161052,
exception code 0xc0000005, fault offset 0x6170e649, process id 0xfa0, application
start time 0x01cc431357201e00.
Error - 7/16/2011 12:39:31 AM | Computer Name = Alan-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/16/2011 12:53:41 AM | Computer Name = Alan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 7/16/2011 12:55:11 AM | Computer Name = Alan-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 7/16/2011 1:05:11 AM | Computer Name = Alan-PC | Source = Windows Search Service | ID = 3013
Description =
[ System Events ]
Error - 4/20/2011 2:23:31 AM | Computer Name = Alan-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.
Error - 4/20/2011 3:33:11 AM | Computer Name = Alan-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 14:31:28 on 2011/04/20 was unexpected.
Error - 4/20/2011 3:33:16 AM | Computer Name = Alan-PC | Source = HTTP | ID = 15016
Description =
Error - 4/20/2011 3:33:58 AM | Computer Name = Alan-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 4/20/2011 3:33:58 AM | Computer Name = Alan-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 4/20/2011 3:49:02 AM | Computer Name = Alan-PC | Source = DCOM | ID = 10005
Description =
Error - 4/20/2011 3:49:02 AM | Computer Name = Alan-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 4/20/2011 3:49:02 AM | Computer Name = Alan-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 4/21/2011 2:23:21 AM | Computer Name = Alan-PC | Source = HTTP | ID = 15016
Description =
Error - 4/21/2011 2:23:29 AM | Computer Name = Alan-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.36 for the Network Card with network
address 00216A77B87A has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).
< End of report >
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4:64bit: - HKLM..\Run: [] File not found O4 - HKLM..\Run: [FAStartup] File not found O4 - HKCU..\Run: [WMPNSCFG] File not found O13 - gopher Prefix: missing O13 - gopher Prefix: missing O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found :Commands [purity] [emptyflash] [emptytemp] [resethosts] [Reboot] - Then click the Run Fix button at the top.
- Let the program run unhindered, reboot the PC when it is done.
- Post log from this run.
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Whiteglint
0
Newbie Poster
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FAStartup deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ deleted successfully.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Alan
->Flash cache emptied: 6492 bytes
User: All Users
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: Alan
->Temp folder emptied: 103563630 bytes
->Temporary Internet Files folder emptied: 24881851 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45778306 bytes
->Google Chrome cache emptied: 20789995 bytes
->Flash cache emptied: 343 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3462 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 54316 bytes
RecycleBin emptied: 5568490213 bytes
Total Files Cleaned = 5,497.00 mb
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.26.1 log created on 07172011_133404
Files\Folders moved on Reboot...
C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\Alan\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MK9B0XZA\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MK9B0XZA\globe32[1].png scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MK9B0XZA\Tip_16x16[1].gif scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAXM7RMM\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAXM7RMM\embeded[1].htm scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAXM7RMM\SurveyScriptsNS[1].js scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAXM7RMM\white_gradient[1].png scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DK5YCUWO\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DK5YCUWO\globe16[1].png scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DK5YCUWO\View[1].aspx scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0C0GA26I\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0C0GA26I\main[1].css scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0C0GA26I\RequiredFieldsNS[1].js scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0C0GA26I\right[1].gif scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Whiteglint
0
Newbie Poster
OTL logfile created on: 7/17/2011 1:41:52 PM - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Alan\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 63.64% Memory free
8.15 Gb Paging File | 6.34 Gb Available in Paging File | 77.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.07 Gb Total Space | 94.65 Gb Free Space | 20.98% Space Free | Partition Type: NTFS
Drive D: | 14.65 Gb Total Space | 5.91 Gb Free Space | 40.31% Space Free | Partition Type: NTFS
Computer Name: ALAN-PC | User Name: Alan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/16 22:05:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
PRC - [2011/06/05 17:17:37 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Alan\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011/02/21 11:50:34 | 000,254,976 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Nostromo\t2Hid.exe
PRC - [2010/12/07 15:00:20 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Razer\Nostromo\t2Tra.exe
PRC - [2010/12/05 00:23:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/11/17 17:33:46 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2010/09/04 12:49:26 | 003,241,312 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010/04/01 16:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/05/20 16:59:44 | 000,013,624 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
PRC - [2009/05/20 16:59:34 | 000,057,672 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2009/05/10 00:48:51 | 000,095,496 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
PRC - [2009/05/10 00:48:50 | 001,938,696 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
PRC - [2009/05/10 00:48:21 | 002,360,584 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
PRC - [2009/03/27 15:13:00 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
PRC - [2008/03/20 20:23:22 | 000,083,240 | ---- | M] (Cyberlink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
========== Modules (SafeList) ==========
MOD - [2011/07/16 22:05:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
MOD - [2010/08/31 22:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/05/19 16:30:40 | 000,014,136 | ---- | M] (Alienware) [Auto | Stopped] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2009/05/10 00:48:21 | 002,360,584 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe -- (FAService)
SRV:64bit: - [2008/01/21 09:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/06/03 23:45:39 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/03/08 04:44:00 | 004,060,664 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/12/05 00:23:45 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/07/28 01:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/01/16 12:58:08 | 000,022,912 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\T2Fltr.sys -- (T2Fltr)
DRV:64bit: - [2010/12/18 20:15:46 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/10/22 14:44:10 | 000,030,840 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\jl64.sys -- (jl)
DRV:64bit: - [2010/10/01 00:16:34 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VKbms.sys -- (VKbms)
DRV:64bit: - [2010/09/30 09:53:58 | 000,013,312 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VJoystick.sys -- (VJoystick)
DRV:64bit: - [2010/09/29 20:45:22 | 000,006,656 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2010/09/02 16:22:18 | 000,088,864 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2010/04/22 14:22:52 | 000,049,928 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)
DRV:64bit: - [2010/04/22 14:22:52 | 000,022,664 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SaiMini.sys -- (SaiMini)
DRV:64bit: - [2010/04/22 14:22:48 | 000,171,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SaiK0CCB.sys -- (SaiK0CCB)
DRV:64bit: - [2010/04/22 14:22:48 | 000,041,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SaiU0CCB.sys -- (SaiU0CCB)
DRV:64bit: - [2010/03/08 10:03:36 | 000,067,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:64bit: - [2009/06/19 17:55:42 | 000,257,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1k60x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/22 17:10:40 | 000,058,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/04/22 17:10:32 | 000,055,312 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/09/25 10:36:14 | 000,238,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\facap.sys -- (FACAP)
DRV:64bit: - [2008/07/30 02:15:28 | 000,146,944 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ahcix64.sys -- (ahcix64)
DRV:64bit: - [2008/06/26 06:40:20 | 004,735,488 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/04/16 04:54:16 | 000,388,120 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/01/21 09:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/21 09:46:55 | 000,111,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/06/15 22:52:26 | 000,163,736 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2007/04/12 11:18:26 | 000,071,680 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2006/11/18 13:07:48 | 000,055,296 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2006/09/19 04:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/02/08 06:53:22 | 000,008,704 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\jgogo.sys -- (JGOGO)
DRV - [2008/10/17 15:52:28 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/11/04 19:36:05] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2005/01/03 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alan\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alan\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/28 18:17:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/05 18:29:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Alan\AppData\Roaming\IDM\idmmzcc3 [2011/07/05 13:56:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Alan\AppData\Roaming\IDM\idmmzcc3 [2011/07/05 13:56:16 | 000,000,000 | ---D | M]
[2010/12/31 04:36:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alan\AppData\Roaming\Mozilla\Extensions
[2011/05/19 05:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\0hgijj3b.default\extensions
[2011/05/19 05:24:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Profiles\0hgijj3b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/19 05:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/05/16 22:26:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2011/05/16 22:26:33 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/07/28 18:14:08 | 000,022,016 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiFFPlugin1.dll
O1 HOSTS File: ([2011/07/17 13:35:51 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [FILE NAME] C:\Program Files (x86)\Razer\Nostromo\t2Hid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FA73B1B9-D6F0-4420-AEB4-B3C973B2A115} http://update.hitsplay.com:8080/UniUpdTool/system/NCLauncher.cab (CNCLauncherCtl Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll ()
O24 - Desktop WallPaper: C:\Users\Alan\Pictures\animepaperwallpapersthebj8.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alan\Pictures\animepaperwallpapersthebj8.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{06543837-6a5d-11e0-881e-0026b9639aa7}\Shell\AutoRun\command - "" = F:\start.exe
O33 - MountPoints2\{369f5db7-0adb-11e0-be9c-0026b9639aa7}\Shell - "" = AutoRun
O33 - MountPoints2\{369f5db7-0adb-11e0-be9c-0026b9639aa7}\Shell\AutoRun\command - "" = G:\setup.exe
O33 - MountPoints2\{7a2544f3-06d8-11e0-a21f-0026b9639aa7}\Shell\AutoRun\command - "" = H:\DW_V409.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/07/17 13:39:22 | 000,000,000 | R--D | C] -- C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
[2011/07/17 13:34:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/16 22:04:26 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
[2011/07/16 11:39:56 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Local\Alienware
[2011/07/16 11:39:54 | 000,000,000 | R--D | C] -- C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/07/16 11:39:54 | 000,000,000 | R--D | C] -- C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/07/16 06:15:41 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Malwarebytes
[2011/07/16 06:15:28 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/16 06:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/16 06:15:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/16 06:15:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/07/15 14:47:57 | 000,489,596 | R--- | C] (Swearware) -- C:\Users\Alan\Desktop\dds.scr
[2011/07/15 03:00:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/07/15 03:00:06 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/07/13 23:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2011/07/13 23:36:46 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Simply Super Software
[2011/07/13 23:36:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2011/07/13 23:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2011/07/12 23:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlocker
[2011/07/12 23:16:56 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\Simply Super Software
[2011/07/12 18:15:11 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Ubisoft
[2011/07/12 17:53:23 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Local\Ubisoft Game Launcher
[2011/07/12 17:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2011/07/12 16:59:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011/07/12 03:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Decrypter
[2011/07/12 03:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Decrypter
[2011/07/12 03:14:42 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Local\Geckofx
[2011/07/12 03:14:41 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\Red Kawa
[2011/07/12 03:14:41 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Red Kawa
[2011/07/12 03:14:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011/07/12 03:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Kawa
[2011/07/12 03:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Kawa
[2011/07/12 02:57:50 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Digiarty
[2011/07/12 02:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digiarty
[2011/07/12 02:46:49 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\dvdcss
[2011/07/12 02:42:39 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\Aiseesoft Studio
[2011/07/12 02:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Aiseesoft Studio
[2011/07/12 02:41:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aiseesoft Studio
[2011/07/05 18:30:17 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/07/05 18:04:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/07/05 15:06:29 | 000,000,000 | ---D | C] -- C:\Goldensoft
[2011/07/04 18:38:54 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\Raiderz
[2011/07/04 17:54:45 | 000,000,000 | ---D | C] -- C:\MAIET
[2011/07/04 00:33:18 | 000,000,000 | ---D | C] -- C:\Users\Alan\Documents\FOMM
[2011/07/04 00:32:45 | 000,000,000 | ---D | C] -- C:\Games
[2011/07/03 19:17:11 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\IDM
[2011/07/03 19:17:11 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\DMCache
[2011/07/03 19:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2011/07/02 16:39:38 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Local\FalloutNV
[2011/07/02 16:21:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2011/06/28 18:20:05 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Apple Computer
[2011/06/28 18:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/28 18:18:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/06/28 18:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/28 18:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/28 18:18:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/06/28 18:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/06/28 18:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/06/28 18:17:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/06/28 18:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/06/28 18:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/06/28 18:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/06/28 18:14:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/06/28 18:14:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/06/28 18:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/06/28 18:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/06/21 20:33:22 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\อ้อน
[2011/06/01 16:25:19 | 001,654,869 | ---- | C] (Dynu Systems Inc.) -- C:\ProgramData\DynuEncrypt.dll
[8 C:\Users\Alan\AppData\Local\*.tmp files -> C:\Users\Alan\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/07/17 13:38:38 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/17 13:38:38 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/17 13:38:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/17 13:22:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1756661895-4149471120-3947558325-1000UA.job
[2011/07/17 12:13:22 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/17 12:13:22 | 000,595,996 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/17 12:13:22 | 000,104,070 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/16 22:05:00 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Alan\Desktop\OTL.exe
[2011/07/15 17:22:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1756661895-4149471120-3947558325-1000Core.job
[2011/07/15 15:10:11 | 000,302,592 | ---- | M] () -- C:\Users\Alan\Desktop\dce0zp2y.exe
[2011/07/15 15:05:22 | 000,063,488 | ---- | M] () -- C:\Users\Alan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/15 14:48:18 | 000,489,596 | R--- | M] (Swearware) -- C:\Users\Alan\Desktop\dds.scr
[2011/07/15 03:05:49 | 000,002,557 | ---- | M] () -- C:\Users\Alan\Desktop\HiJackThis.lnk
[2011/07/15 02:57:25 | 001,402,880 | ---- | M] () -- C:\Users\Alan\Desktop\HiJackThis.msi
[2011/07/12 03:16:23 | 000,001,837 | ---- | M] () -- C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk
[2011/07/12 03:16:23 | 000,001,813 | ---- | M] () -- C:\Users\Alan\Desktop\DVD Decrypter.lnk
[2011/07/12 03:13:57 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\Videora iPad Converter.lnk
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,025,912 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/05 18:37:04 | 000,230,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/07/05 15:09:45 | 000,000,709 | ---- | M] () -- C:\Users\Alan\Desktop\SD Gundam Capsule Fighter Online.lnk
[2011/07/05 14:50:23 | 000,164,218 | ---- | M] () -- C:\Users\Alan\Documents\cc_20110705_145008.reg
[2011/07/05 13:56:04 | 000,000,948 | ---- | M] () -- C:\Users\Alan\Desktop\Internet Download Manager.lnk
[2011/07/02 21:24:11 | 000,000,453 | ---- | M] () -- C:\Users\Alan\Desktop\Playlist1.wpl
[2011/06/29 17:44:00 | 003,111,515 | ---- | M] () -- C:\Users\Alan\Desktop\Computer Organization and Architecture Designing for Performance (8th Edition)_0136073735.pdf
[2011/06/28 22:33:15 | 000,091,632 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/06/25 19:06:37 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/06/25 19:06:37 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/06/25 03:07:53 | 000,002,413 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/06/18 14:50:56 | 005,684,770 | ---- | M] () -- C:\Users\Alan\Desktop\Just A Dream (cover).mp3
[8 C:\Users\Alan\AppData\Local\*.tmp files -> C:\Users\Alan\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/16 06:15:25 | 000,025,912 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/15 15:10:00 | 000,302,592 | ---- | C] () -- C:\Users\Alan\Desktop\dce0zp2y.exe
[2011/07/15 03:00:07 | 000,002,557 | ---- | C] () -- C:\Users\Alan\Desktop\HiJackThis.lnk
[2011/07/15 02:59:09 | 001,402,880 | ---- | C] () -- C:\Users\Alan\Desktop\HiJackThis.msi
[2011/07/12 03:16:23 | 000,001,837 | ---- | C] () -- C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\DVD Decrypter.lnk
[2011/07/12 03:16:23 | 000,001,813 | ---- | C] () -- C:\Users\Alan\Desktop\DVD Decrypter.lnk
[2011/07/12 03:13:57 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\Videora iPad Converter.lnk
[2011/07/11 21:28:36 | 000,005,829 | ---- | C] () -- C:\images.jpg
[2011/07/05 18:30:17 | 022,286,952 | ---- | C] () -- C:\Windows\SysNative\nvoglv64.dll
[2011/07/05 18:30:17 | 018,583,144 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2011/07/05 18:30:17 | 015,223,912 | ---- | C] () -- C:\Windows\SysNative\nvd3dumx.dll
[2011/07/05 18:30:17 | 013,206,120 | ---- | C] () -- C:\Windows\SysNative\drivers\nvlddmkm.sys
[2011/07/05 18:30:17 | 008,863,336 | ---- | C] () -- C:\Windows\SysNative\nvwgf2umx.dll
[2011/07/05 18:30:17 | 007,123,560 | ---- | C] () -- C:\Windows\SysNative\nvcuda.dll
[2011/07/05 18:30:17 | 002,943,592 | ---- | C] () -- C:\Windows\SysNative\nvcuvid.dll
[2011/07/05 18:30:17 | 002,212,968 | ---- | C] () -- C:\Windows\SysNative\nvcuvenc.dll
[2011/07/05 18:30:17 | 001,496,168 | ---- | C] () -- C:\Windows\SysNative\nvdispco6420150.dll
[2011/07/05 18:30:17 | 001,427,048 | ---- | C] () -- C:\Windows\SysNative\nvgenco642090.dll
[2011/07/05 18:30:17 | 000,067,176 | ---- | C] () -- C:\Windows\SysNative\OpenCL.dll
[2011/07/05 18:30:17 | 000,012,392 | ---- | C] () -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011/07/05 18:23:14 | 005,702,144 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2011/07/05 18:23:09 | 007,016,960 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2011/07/05 18:23:07 | 001,427,968 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2011/07/05 18:23:05 | 000,759,808 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2011/07/05 18:23:04 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2011/07/05 18:23:04 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2011/07/05 18:23:03 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2011/07/05 18:23:03 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2011/07/05 18:23:03 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2011/07/05 18:23:02 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2011/07/05 18:23:02 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2011/07/05 18:23:02 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2011/07/05 18:23:02 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2011/07/05 18:23:02 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2011/07/05 18:23:01 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2011/07/05 18:22:58 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2011/07/05 18:22:52 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2011/07/05 18:10:04 | 000,847,872 | ---- | C] () -- C:\Windows\SysNative\oleaut32.dll
[2011/07/05 18:09:44 | 002,760,704 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2011/07/05 18:09:36 | 000,407,552 | ---- | C] () -- C:\Windows\SysNative\drivers\afd.sys
[2011/07/05 18:09:35 | 000,344,576 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2011/07/05 18:09:34 | 000,274,432 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2011/07/05 18:09:34 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2011/07/05 18:09:34 | 000,105,984 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2011/07/05 18:09:32 | 000,176,128 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2011/07/05 18:09:32 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2011/07/05 18:09:29 | 000,975,360 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2011/07/05 18:09:27 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\drivers\dfsc.sys
[2011/07/05 15:09:45 | 000,000,709 | ---- | C] () -- C:\Users\Alan\Desktop\SD Gundam Capsule Fighter Online.lnk
[2011/07/05 14:50:11 | 000,164,218 | ---- | C] () -- C:\Users\Alan\Documents\cc_20110705_145008.reg
[2011/07/05 13:55:44 | 000,000,948 | ---- | C] () -- C:\Users\Alan\Desktop\Internet Download Manager.lnk
[2011/07/05 13:55:43 | 000,088,864 | ---- | C] () -- C:\Windows\SysNative\drivers\idmwfp.sys
[2011/07/02 21:24:11 | 000,000,453 | ---- | C] () -- C:\Users\Alan\Desktop\Playlist1.wpl
[2011/06/29 17:43:10 | 003,111,515 | ---- | C] () -- C:\Users\Alan\Desktop\Computer Organization and Architecture Designing for Performance (8th Edition)_0136073735.pdf
[2011/06/28 22:33:15 | 000,091,632 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/06/28 18:18:43 | 000,126,312 | ---- | C] () -- C:\Windows\SysNative\GEARAspi64.dll
[2011/06/28 18:18:43 | 000,034,152 | ---- | C] () -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/06/28 18:16:58 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/06/18 14:32:40 | 005,684,770 | ---- | C] () -- C:\Users\Alan\Desktop\Just A Dream (cover).mp3
[2011/06/16 02:22:22 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/26 00:40:04 | 000,046,530 | ---- | C] () -- C:\Users\Alan\AppData\Roaming\room.dat
[2011/03/21 20:46:56 | 000,000,552 | ---- | C] () -- C:\Users\Alan\AppData\Local\d3d8caps.dat
[2011/02/21 10:43:52 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2011/01/29 23:06:50 | 000,001,356 | ---- | C] () -- C:\Users\Alan\AppData\Local\d3d9caps.dat
[2011/01/21 16:33:12 | 006,814,952 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall.exe
[2011/01/21 16:33:12 | 000,017,772 | ---- | C] () -- C:\Windows\SysWow64\SpoonUninstall-dBpoweramp Music Converter.dat
[2010/12/31 04:36:23 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/12/01 20:06:19 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/11/20 23:42:20 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/11/20 23:42:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/11/20 23:42:14 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/11/07 23:35:09 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/11/07 23:35:08 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/11/07 23:35:08 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/11/07 23:35:08 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/11/07 23:35:08 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/11/04 19:14:29 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/10/28 18:39:45 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/10/28 18:39:45 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010/10/27 18:56:04 | 000,063,488 | ---- | C] () -- C:\Users\Alan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/19 13:34:03 | 000,001,460 | ---- | C] () -- C:\Users\Alan\AppData\Local\d3d9caps64.dat
[2009/05/19 16:44:00 | 000,097,584 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2009/05/10 00:49:28 | 000,088,840 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll
[2009/05/10 00:48:54 | 000,059,144 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll
[2009/05/10 00:47:47 | 000,234,248 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll
[2008/01/21 09:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/21 09:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006/11/02 22:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 19:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 19:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 19:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 16:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== LOP Check ==========
[2011/07/17 13:33:38 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\BitTorrent
[2010/12/19 09:15:47 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\DAEMON Tools Lite
[2011/06/09 21:18:48 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Dev-Cpp
[2011/07/12 02:57:50 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Digiarty
[2011/07/15 04:27:00 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\DMCache
[2011/07/12 23:16:18 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\IDM
[2011/07/05 13:44:10 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\ijjigame
[2011/04/29 20:51:58 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Mount&Blade Warband
[2011/07/12 03:14:41 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Red Kawa
[2011/07/13 23:36:46 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Simply Super Software
[2011/03/26 03:25:25 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\The Creative Assembly
[2011/03/03 23:24:37 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\tixati
[2011/07/14 22:13:11 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\TS3Client
[2011/07/12 18:15:11 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Ubisoft
[2010/12/24 12:24:43 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Unity
[2011/05/16 23:22:18 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\uTorrent
[2011/07/17 13:37:19 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2011/02/23 12:50:36 | 005,752,625 | ---- | M] ()(C:\Users\Alan\Desktop\?MIKU?LUKA? Magnet.mp3) -- C:\Users\Alan\Desktop\【MIKU・LUKA】 Magnet.mp3
[2011/02/23 12:50:36 | 004,121,238 | ---- | M] ()(C:\Users\Alan\Desktop\?LUKA? Double Lariat.mp3) -- C:\Users\Alan\Desktop\【LUKA】 Double Lariat.mp3
[2011/02/22 18:29:02 | 000,001,811 | ---- | M] ()(C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\Alienware ????????.lnk) -- C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\Alienware コマンドセンター.lnk
[2011/02/22 18:29:02 | 000,001,811 | ---- | C] ()(C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\Alienware ????????.lnk) -- C:\Users\Alan\Application Data\Microsoft\Internet Explorer\Quick Launch\Alienware コマンドセンター.lnk
[2011/02/21 11:24:35 | 005,752,625 | ---- | C] ()(C:\Users\Alan\Desktop\?MIKU?LUKA? Magnet.mp3) -- C:\Users\Alan\Desktop\【MIKU・LUKA】 Magnet.mp3
[2011/02/21 11:21:08 | 004,121,238 | ---- | C] ()(C:\Users\Alan\Desktop\?LUKA? Double Lariat.mp3) -- C:\Users\Alan\Desktop\【LUKA】 Double Lariat.mp3
[2011/01/21 16:44:29 | 005,869,694 | ---- | M] ()(C:\Users\Alan\Desktop\01 Ryuusei no Bifr?st.mp3) -- C:\Users\Alan\Desktop\01 Ryuusei no Bifröst.mp3
[2011/01/21 16:36:15 | 005,869,694 | ---- | C] ()(C:\Users\Alan\Desktop\01 Ryuusei no Bifr?st.mp3) -- C:\Users\Alan\Desktop\01 Ryuusei no Bifröst.mp3
[2011/01/20 08:39:36 | 029,223,993 | ---- | C] ()(C:\Users\Alan\Desktop\03 Ryuusei no Bifr?st (off vocal).flac) -- C:\Users\Alan\Desktop\03 Ryuusei no Bifröst (off vocal).flac
[2011/01/20 08:39:34 | 030,124,586 | ---- | C] ()(C:\Users\Alan\Desktop\01 Ryuusei no Bifr?st.flac) -- C:\Users\Alan\Desktop\01 Ryuusei no Bifröst.flac
[2010/11/29 14:17:43 | 030,124,586 | ---- | M] ()(C:\Users\Alan\Desktop\01 Ryuusei no Bifr?st.flac) -- C:\Users\Alan\Desktop\01 Ryuusei no Bifröst.flac
[2010/11/29 14:17:43 | 029,223,993 | ---- | M] ()(C:\Users\Alan\Desktop\03 Ryuusei no Bifr?st (off vocal).flac) -- C:\Users\Alan\Desktop\03 Ryuusei no Bifröst (off vocal).flac
< End of report >
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
How are things now?
Whiteglint
0
Newbie Poster
Everything is fine. Internet explorer isn't running and some processes that eat up my memory are gone. Thank-you :)
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
No worries.
To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC by OldTimer:
Save it to your Desktop.
Double click OTC.exe.
Click the CleanUp! button.
If you are prompted to Reboot during the cleanup, select Yes. The tool will delete itself once it finishes.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.