thanks, askey127. I had trouble with the first part. "Remove Programs Using Control Panel" Adobe Reader 9.3.4 did not exists.
but heres the rest
SystemLook 04.09.10 by jpshortstuff
Log created at 23:14 on 04/05/2011 by Thompson
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== regfind ==========
Searching for "wiatodC.dll"
OTL Extras logfile created on: 5/4/2011 11:24:01 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Thompson\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 47.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.40 Gb Total Space | 125.37 Gb Free Space | 43.93% Space Free | Partition Type: NTFS
Computer Name: THOMPSON-PC | User Name: Thompson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-3090070989-868362510-393952071-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l File not found
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 1
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11A32CEC-1BBB-4E1B-A7C5-3FA2B78B8674}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{194AF436-6D87-4454-AE21-5AE4B36EF137}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{22C2092A-7EE9-4D66-B70E-2936B4C1EB6A}" = lport=139 | protocol=6 | dir=in | app=system |
"{2DB6E79D-3B92-4F12-BCC1-AE0268B02D6A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4CFF517B-F31A-4EEC-A35F-9FC37584AAB6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4FAA1581-626E-4CD7-A32A-56144F6C92FA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{59C6A5B6-0619-46B7-AECF-DA41296361CC}" = rport=137 | protocol=17 | dir=out | app=system |
"{5B025087-E843-4337-B245-83F338B66DBB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5BC9F722-8BBE-4BB5-AB37-D0CD0411257E}" = lport=445 | protocol=6 | dir=in | app=system |
"{6BDB249A-FA47-4F80-90C0-8B7ECC39C8B7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7B7A92-CE45-4115-ABA3-37D103867532}" = rport=138 | protocol=17 | dir=out | app=system |
"{7FDA432B-D6C2-4ED4-969C-97385548F22C}" = lport=138 | protocol=17 | dir=in | app=system |
"{870F74CC-E69E-41DE-8524-0814E9D998D2}" = lport=137 | protocol=17 | dir=in | app=system |
"{8BAC2E36-46AE-46DC-847A-38560719919E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AD1FA124-1AAB-4D34-8E6F-C68AD93991F9}" = lport=51268 | protocol=6 | dir=in | name=akamai netsession interface |
"{AD4BC338-DE5C-447E-95D1-DAC81132B6E0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B9E60546-0C69-493A-A4BA-D280EFF63BF7}" = rport=139 | protocol=6 | dir=out | app=system |
"{C05F03F5-16BB-412F-BBAC-31716C2FE1A4}" = rport=445 | protocol=6 | dir=out | app=system |
"{C5BA9D48-E6F8-49CD-AF43-3F0BFA5802E7}" = lport=49607 | protocol=6 | dir=in | name=akamai netsession interface |
"{C680AC3B-944B-4C2F-8D06-6CA87DA37DB0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CEDB2CA0-6409-43E7-9CCC-9DA8EB381F26}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FA3A3BE1-0778-4549-9493-7B17146D55EA}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04228F60-C055-46C9-B460-61381C334D3E}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe |
"{07803B28-0039-4C08-BCF8-6762A401351E}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\reliccoh.exe |
"{09539A49-FE3A-4C61-A4CA-EC94EA5AA591}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{0BAD15F0-0113-4375-A0BA-7E2B7A0C4E93}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{0C224A6E-2471-4BC9-B80E-9A3ECF82661A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{13C30D06-788C-41A8-9E98-2FE354337FE3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\the settlers 7 - paths to a kingdom\data\base\_dbg\bin\release\settlers7r.exe |
"{154DFC76-6E13-4436-B282-5CE5E56C6D35}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery\anno4.exe |
"{1AF83DA9-BA83-4A47-AD06-16C11363EB61}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery\anno4.exe |
"{1FFBC60F-CCDB-462C-BFEC-ACB989A24343}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{207B47F4-DEBE-40EA-9D03-46DEFF778C97}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{289D995D-C335-42C2-8A55-8252426083B0}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\world in conflict\wic_online.exe |
"{2997D0C0-1B79-48B8-9002-59CA2D594CF9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery\tools\benchmark.exe |
"{340E1C97-7278-4845-A437-0A070AF38E65}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{39DA40B1-E85A-4C36-A645-1B1ABF0439F6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\1\steamapps\common\sid meier's civilization v\launcher.exe |
"{3D020F39-75A5-4CDF-8239-70564FC2FC82}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3D2AE5F6-1CFA-415D-8861-0BEC97665B16}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{42EC02C9-D411-4B19-B7A8-15A05994908D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{448E4D90-F7D9-436E-8F00-9A3F6FE81091}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{4F63B269-79B0-4D61-B5C1-C9721C0A5A78}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{514C3D51-027A-4DA3-B0D9-A06DC363102F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{58F5A504-3974-4412-94C8-FA3CA25C1B97}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\the settlers 7 - paths to a kingdom\data\base\_dbg\bin\release\settlers7r.exe |
"{5E259D7C-1B54-4D3A-90A4-1E8924840270}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\manager.exe |
"{5EEBA778-6FB0-45DC-B61E-63008807B7FF}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{62C396BD-79C8-46F3-89AF-68CA964DC8A3}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{67767F81-7146-4E29-ABE6-81F62AE941E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\1\steamapps\common\sid meier's civilization v\launcher.exe |
"{6AE00214-7A23-41BE-8585-0F32FCAB442E}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{6B12509E-56E2-446D-B3DF-3C529AF60251}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{73726D8A-9009-4EAC-B813-E84B881FF5AE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\1\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{78C9FC06-995A-45EC-A967-98956CEF0FC6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{7C08406F-80BE-4431-8937-D9D02540FAA4}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{7E6F18A1-9E41-47D4-BB9F-91CB9F0D08FD}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\3dsmax.exe |
"{81A1DCC6-C349-4B9A-8A95-06389F8D9AC5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\world in conflict\wic.exe |
"{93A8FB71-F421-4D6D-A79D-EEDEA2F32289}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\1\steam.exe |
"{95A6B02F-AAA6-4E27-8924-95B620DC53DC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9C87C776-CE81-4674-837B-9A6D223333B7}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\3dsmax.exe |
"{A1DC2D77-A22B-49EF-8762-4ACDCE3EF343}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{A3CFF6F1-6145-4A2C-8B9E-267387FBDE3D}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{AAD2B45F-59BA-4F60-BA6D-F6F72DB56416}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{AB5FADCD-4E6B-466D-8277-D76F4E530AE6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery\tools\benchmark.exe |
"{ACAD0135-4E81-467F-B18C-8CEA2251CB6F}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\world in conflict\wic_ds.exe |
"{B52DCD61-0147-45B7-816E-3306D1670ED7}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{BBAE6673-DAD0-4849-B5C0-97DC83A05CD4}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{BE1BEFD1-2A09-4CA0-B167-08EF2B41D528}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{BFD8974E-B9D5-4ED5-88E0-8C14F15E3E5D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C6688B7D-C6ED-40DC-9CBC-955169AD8E20}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{C6C22D74-9C9F-4045-BA6E-01DF90E157CC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\world in conflict\wic.exe |
"{C8CBFE82-EAAB-4E37-A63F-1BADC5C892E5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D5F91C65-1706-4EED-B338-FA13699136AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\1\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{DCAA2EAA-4D31-479B-BC47-2C684163CC03}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{DE4D7046-C1E0-4D50-AB9D-AAC8B71AD98C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery\tools\anno4web.exe |
"{DF5CF03A-0199-4E7A-B0A8-67B5189552BD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E4CC0011-1CFD-40E2-91CC-B89A1F4340EE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\1\steam.exe |
"{E532275F-2D6A-4231-8372-248B0FF47637}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{E6CD14D3-DED5-4E79-9C3C-6D645FFBE265}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\world in conflict\wic_online.exe |
"{E9BBC659-922C-4273-9E12-CBE908A3A1ED}" = protocol=6 | dir=in | app=c:\program files (x86)\autodesk\backburner\server.exe |
"{EA46A8A2-3E49-4341-8FAE-B5E580DEB75C}" = protocol=17 | dir=in | app=c:\program files (x86)\autodesk\backburner\monitor.exe |
"{EB07C63D-369D-4D4E-B242-F7F44EE55E3A}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{F05A7D42-90EB-400A-80DB-B0803DFC2663}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\world in conflict\wic_ds.exe |
"{F394A55D-59DF-4459-AD64-80DB17038CBB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery\tools\anno4web.exe |
"TCP Query User{2E43880B-4C32-4B38-A431-95F8CC03D345}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{31C45383-CF7C-43C1-8738-187360F13DD7}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{3AE370A9-591A-4762-88F8-42AB645FAAC7}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{415C7D9E-058E-4791-BF2B-47A54B7AEAEA}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{4655DF6F-11D4-435D-BDFF-5D70F4867BB8}C:\program files (x86)\the settlers iv\exe\s4_main.exe" = protocol=6 | dir=in | app=c:\program files (x86)\the settlers iv\exe\s4_main.exe |
"TCP Query User{4E4233C5-4022-4F65-A17D-FC3B0E7072C2}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{9060E532-7F48-4B57-AF9B-57D38C187F61}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{B9B7DD70-38F0-456B-B263-C9AB190EA66F}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"TCP Query User{C5A8C77A-74AA-44F8-9A70-D1481CDF1337}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{C6C847ED-1132-410B-8FBF-1AFDCD1A9AA7}C:\program files (x86)\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |
"TCP Query User{FECE8928-C3B3-4316-9730-431BECA98E12}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{106919A1-CAB1-4369-8BDA-490FDB17EE72}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{1453CCA7-FD7B-46E9-BF46-266525DFB064}C:\program files (x86)\the settlers iv\exe\s4_main.exe" = protocol=17 | dir=in | app=c:\program files (x86)\the settlers iv\exe\s4_main.exe |
"UDP Query User{1F1E53EF-337C-44EC-BE52-1B59F7906AC9}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{606150AF-5423-4316-9788-14176A2CFE10}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{75FA5BC6-76C0-4BD3-9A53-AD71C11E6F61}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"UDP Query User{8C80F716-F192-4DB8-8A75-3FAB8044E075}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{9B2D1619-B66B-4392-8FF2-0026CC5C8A53}C:\program files (x86)\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files (x86)\soulseekns\slsk.exe |
"UDP Query User{9B85EF7C-0418-4840-AE4B-11282D9B2A0F}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{D8B71E6C-E98B-48D1-8631-FBE24310708D}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{D923BEE5-2622-417C-9EBE-C8E7AE231759}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{EB56F341-D65A-43EE-906A-0EA5A5C4DA7E}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{7D220A57-969F-4D09-9297-D48195A8ABDD}" = HP Deskjet 3050 J610 series Basic Device Software
"{860B418B-F90B-465A-BC1D-04B518045C72}" = HP Deskjet 3050 J610 series Product Improvement Study
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"USB 2.0 UVC 1.3M WebCam" = USB 2.0 UVC 1.3M WebCam
"Win2PDF_is1" = Win2PDF 7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0A1BE00C-EADB-B80B-0D97-40D64418793D}" = Commandos Behind Enemy Lines
"{141154CC-B23D-40E0-8242-1A747CA9B482}" = Sid Meier's Railroads!
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A143DC3-A13A-948F-CCFB-CEAEFECE1364}" = Company of Heroes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}" = The Settlers 7 - Paths to a Kingdom
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{6A09EC92-016B-4032-8CF1-6840B20C254A}" = Dawn of Discovery
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112596253}" = Galapago
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{865CD808-6D31-4269-9D36-693CFE75D26A}" = Express Gate
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AB2286A-EFAA-4B73-AE16-FAD46AD32011}" = Dawn of Discovery
"{9E692034-4EB2-49A3-9A02-D370B925BCC1}" = Supreme Commander
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AE0259D4-7A01-4E47-BBAF-2604D03DF07C}" = LoJack Factory Installer
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}" = OverDrive Media Console
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{DC905847-D537-427F-BF91-47CC7ACCDE58}" = ASUS FancyStart
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = World in Conflict: Soviet Assault
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Civilization V CODE" = Civilization V CODE (remove only)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Company of Heroes" = Company of Heroes
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"deskPDF 2.5 Standard_is1" = deskPDF 2.5 Standard Edition
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup.divx.com" = DivX Setup
"Gangsters" = Gangsters
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photo Creations" = HP Photo Creations
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
"InstallShield_{AE0259D4-7A01-4E47-BBAF-2604D03DF07C}" = LoJack Factory Installer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"RealPlayer 12.0" = RealPlayer
"RiseOfNations 1.0" = Microsoft Rise Of Nations
"RiseofNationsExpansion 1.0" = Rise of Nations Thrones and Patriots
"Search Toolbar" = Search Toolbar
"StarCraft II" = StarCraft II
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 8930" = Sid Meier's Civilization V
"SystemRequirementsLab" = System Requirements Lab
"The Settlers IV" = The Settlers IV (remove only)
"Total Annihilation" = Total Annihilation
"Tropico3" = Tropico 3 1.00
"VLC media player" = VLC media player 1.0.1
"Xvid_is1" = Xvid 1.2.1 final uninstall
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3090070989-868362510-393952071-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
OTL logfile created on: 5/4/2011 11:24:00 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Thompson\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 47.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.40 Gb Total Space | 125.37 Gb Free Space | 43.93% Space Free | Partition Type: NTFS
Computer Name: THOMPSON-PC | User Name: Thompson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/05/04 23:22:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Thompson\Desktop\OTL.exe
PRC - [2011/05/04 23:13:40 | 000,075,264 | ---- | M] () -- C:\Users\Thompson\Desktop\SystemLook.exe
PRC - [2011/04/30 17:00:24 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/03/27 15:57:13 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\1\Steam.exe
PRC - [2011/03/11 22:52:30 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/02/28 18:44:14 | 000,391,432 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
PRC - [2011/02/28 18:44:14 | 000,259,336 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
PRC - [2011/02/25 10:59:34 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/09/16 16:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/09/13 12:48:12 | 000,025,704 | R--- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
PRC - [2009/08/27 22:52:39 | 000,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exe
PRC - [2009/03/12 21:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
PRC - [2009/03/04 13:26:24 | 008,392,704 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/03/04 12:55:52 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2008/12/22 20:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/12/09 18:00:58 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/08/19 13:34:04 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008/08/14 00:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 23:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/08/13 23:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/08/13 19:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008/07/18 22:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/04/01 02:09:30 | 000,266,240 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
========== Modules (SafeList) ========== MOD - [2011/05/04 23:22:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Thompson\Desktop\OTL.exe
MOD - [2010/08/31 11:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV:
64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/04/30 17:00:24 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/01/07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/11/20 22:11:55 | 000,311,680 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2010/09/13 12:48:12 | 000,025,704 | R--- | M] (Amazon.com) [Auto | Running] -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/04 00:34:44 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/12 21:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
SRV - [2008/08/13 23:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008/07/27 14:03:13 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2010/11/20 21:19:47 | 000,330,768 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\klif.sys -- (KLIF)
DRV:
64bit: - [2010/09/12 20:41:11 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:
64bit: - [2010/09/12 20:41:11 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:
64bit: - [2009/06/15 15:01:06 | 000,156,688 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kl1.sys -- (kl1)
DRV:
64bit: - [2009/05/16 21:59:30 | 000,021,008 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\klmouflt.sys -- (klmouflt)
DRV:
64bit: - [2009/05/15 19:50:26 | 000,026,640 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\klim6.sys -- (KLIM6)
DRV:
64bit: - [2009/02/11 05:26:17 | 000,407,576 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:
64bit: - [2008/12/15 21:41:52 | 000,038,416 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\klbg.sys -- (KLBG)
DRV:
64bit: - [2008/10/08 23:39:01 | 001,821,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:
64bit: - [2008/08/28 11:57:23 | 004,745,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:
64bit: - [2008/08/06 20:26:07 | 000,174,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:
64bit: - [2008/06/24 16:50:00 | 000,065,024 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:
64bit: - [2008/06/03 02:41:49 | 000,017,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\kbfiltr.sys -- (kbfiltr)
DRV:
64bit: - [2008/01/20 22:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:
64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:
64bit: - [2007/12/18 20:57:12 | 000,059,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:
64bit: - [2007/07/27 22:45:52 | 000,057,856 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:
64bit: - [2007/07/26 23:33:54 | 000,055,296 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:
64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:
64bit: - [2006/10/28 10:01:07 | 000,013,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATK64AMD.sys -- (MTsensor)
DRV:
64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:
64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://asus.msn.comIE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com/?pc=Z007&form=ZGAPHPIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.bing.com/?pc=Z007&form=ZGAPHPIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3090070989-868362510-393952071-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://asus.msn.comIE - HKU\S-1-5-21-3090070989-868362510-393952071-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-3090070989-868362510-393952071-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3090070989-868362510-393952071-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.bing.com/?pc=Z039&form=ZGAPHP"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {27E679CC-6AAB-4B2A-BB87-096FE4178464}:1.0
FF - prefs.js..extensions.enabledItems:
linkfilter@kaspersky.ru:9.0.0.463
FF - prefs.js..extensions.enabledItems:
searchtoolbar@zugo.com:1.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z039&form=ZGAADF&q="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\{4045810D-51E7-44A0-8F7E-30C4237B2268}: C:\Windows\system32\config\systemprofile\AppData\Local\{4045810D-51E7-44A0-8F7E-30C4237B2268}\ [2010/11/15 23:54:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/03/11 22:52:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/03/31 13:46:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/30 22:33:22 | 000,000,000 | ---D | M]
[2010/08/08 22:55:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thompson\AppData\Roaming\Mozilla\Extensions
[2011/04/14 13:19:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thompson\AppData\Roaming\Mozilla\Firefox\Profiles\8r41gnc5.default\extensions
[2010/08/08 22:57:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Thompson\AppData\Roaming\Mozilla\Firefox\Profiles\8r41gnc5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/15 15:08:16 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Thompson\AppData\Roaming\Mozilla\Firefox\Profiles\8r41gnc5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/02/17 20:50:12 | 000,000,000 | ---D | M] (Search Toolbar) -- C:\Users\Thompson\AppData\Roaming\Mozilla\Firefox\Profiles\8r41gnc5.default\extensions\searchtoolbar@zugo.com
[2011/02/17 20:50:12 | 000,001,919 | ---- | M] () -- C:\Users\Thompson\AppData\Roaming\Mozilla\Firefox\Profiles\8r41gnc5.default\searchplugins\bing-zugo.xml
[2010/08/09 12:03:09 | 000,009,949 | ---- | M] () -- C:\Users\Thompson\AppData\Roaming\Mozilla\Firefox\Profiles\8r41gnc5.default\searchplugins\mywebsearch.xml
[2011/04/14 13:19:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/08 19:35:58 | 000,000,000 | ---D | M] (QueryExplorer) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
[2010/08/15 15:07:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/03/28 18:28:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/11/20 21:21:17 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2011/03/11 22:52:48 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/10/06 21:18:35 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/06 21:18:37 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2010/11/16 20:54:10 | 000,001,919 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing-zugo.xml
[2010/11/08 07:17:56 | 000,002,212 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\websearch.xml
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:
64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:
64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2:
64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O3:
64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O3 - HKU\S-1-5-21-3090070989-868362510-393952071-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:
64bit: - HKU\S-1-5-21-3090070989-868362510-393952071-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3090070989-868362510-393952071-1000\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll ()
O4:
64bit: - HKLM..\Run: [DisableS3S4] File not found
O4:
64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\.DEFAULT..\Run: [uPc+kt0NtdJsiv] File not found
O4 - HKU\.DEFAULT..\Run: [Vyikofudocayewid] File not found
O4 - HKU\S-1-5-18..\Run: [uPc+kt0NtdJsiv] File not found
O4 - HKU\S-1-5-18..\Run: [Vyikofudocayewid] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [5a143dc3a13a948fccfbceaefece1364] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejl/0zmpson\AppData\Local\Temp\3496091952.exe] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejl+1wmpson\AppData\Local\Temp\1682678023.exe] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlhb] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlkc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlmc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlna] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlo+] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlora] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlotc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlpe] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlppf] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlpsc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlqb] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlqc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlqf] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlqse] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlqvc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [LvhveiejlqW] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlrf] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [LvhveiejlsPc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Lvhveiejlud] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [MqpSc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Mqqsc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Mqsuc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Mque] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Mquse] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Mquxe] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [MqvPc] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [msnmsgr] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Search Protection] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [Steam] C:\Program Files (x86)\Steam\1\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [uPc+kt0NtdJsiv] File not found
O4 - HKU\S-1-5-21-3090070989-868362510-393952071-1000..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\S-1-5-21-3090070989-868362510-393952071-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\S-1-5-21-3090070989-868362510-393952071-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8:
64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9:
64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:
64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F}
http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB}
http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809}
http://www.cvsphoto.com/upload/activex/ ... ontrol.cab (Photo Upload Plugin Class)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4}
http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.27.35.1
O18:
64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\System32\config\systemprofile\AppData\Roaming\hotfix.exe) - File not found
O20 - HKU\S-1-5-18 Winlogon: Shell - (C:\Windows\System32\config\systemprofile\AppData\Roaming\hotfix.exe) - File not found
O20:
64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll ()
O24 - Desktop WallPaper: C:\Program Files\P4G\wallpaper\long_battery_life_wallpaper_1440X900.jpg
O24 - Desktop BackupWallPaper: C:\Program Files\P4G\wallpaper\long_battery_life_wallpaper_1440X900.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/06 18:19:38 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: Fireiles - (C:\Windows\system32\cmstalua.dll) - File not found
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/04/30 22:38:39 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2011/04/30 22:36:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2011/04/28 14:53:59 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2011/04/28 14:53:59 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2011/04/14 18:27:06 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/04/14 18:26:03 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/04/14 18:26:02 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/04/14 18:26:00 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/04/14 18:26:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/04/14 18:25:48 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/04/14 18:25:47 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/04/14 18:25:44 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/04/14 18:25:44 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/04/14 18:25:43 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/04/14 18:25:43 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/04/14 18:25:43 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/04/14 18:25:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2011/04/14 18:25:36 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/04/07 14:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/04/07 14:02:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/04/07 14:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/04/07 13:54:55 | 005,653,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011/04/07 13:54:54 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/04/07 13:54:54 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/04/07 13:54:54 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/04/07 13:54:54 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/04/07 13:54:54 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/04/07 13:54:53 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/04/07 13:54:05 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/04/07 13:52:49 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/04/07 13:42:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/05/04 22:49:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/04 22:34:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/04 22:34:01 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/04 19:37:38 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/04 19:37:38 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/04 19:37:38 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/04 19:35:26 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{674963B1-2A24-43DF-AE9A-93B4DD0AA6C2}.job
[2011/05/04 19:30:25 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/04 19:30:25 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/04 19:30:07 | 4294,037,504 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/02 11:07:46 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/04/15 18:40:29 | 000,304,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/04/07 13:11:56 | 000,094,708 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/04/07 13:11:36 | 000,094,708 | ---- | M] () -- C:\ProgramData\nvModes.dat
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/04/28 14:53:59 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2011/04/28 14:53:58 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2011/04/14 18:27:18 | 000,975,872 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2011/04/14 18:27:16 | 000,461,312 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2011/04/14 18:27:16 | 000,176,128 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2011/04/14 18:27:16 | 000,144,896 | ---- | C] () -- C:\Windows\SysNative\drivers\srvnet.sys
[2011/04/14 18:27:09 | 000,979,344 | ---- | C] () -- C:\Windows\SysNative\winresume.exe
[2011/04/14 18:27:08 | 001,075,600 | ---- | C] () -- C:\Windows\SysNative\winload.efi
[2011/04/14 18:27:08 | 001,062,800 | ---- | C] () -- C:\Windows\SysNative\winload.exe
[2011/04/14 18:27:08 | 000,990,096 | ---- | C] () -- C:\Windows\SysNative\winresume.efi
[2011/04/14 18:27:08 | 000,020,880 | ---- | C] () -- C:\Windows\SysNative\kdusb.dll
[2011/04/14 18:27:08 | 000,018,832 | ---- | C] () -- C:\Windows\SysNative\kd1394.dll
[2011/04/14 18:27:08 | 000,018,320 | ---- | C] () -- C:\Windows\SysNative\kdcom.dll
[2011/04/14 18:27:06 | 000,753,152 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2011/04/14 18:27:06 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2011/04/14 18:27:04 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2011/04/14 18:27:04 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2011/04/14 18:27:04 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2011/04/14 18:27:04 | 000,090,624 | ---- | C] () -- C:\Windows\SysNative\drivers\bowser.sys
[2011/04/14 18:27:00 | 002,760,704 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2011/04/14 18:26:04 | 001,360,384 | ---- | C] () -- C:\Windows\SysNative\mfc42u.dll
[2011/04/14 18:26:03 | 001,398,784 | ---- | C] () -- C:\Windows\SysNative\mfc42.dll
[2011/04/14 18:26:00 | 000,367,616 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2011/04/14 18:26:00 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2011/04/14 18:25:54 | 005,697,536 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2011/04/14 18:25:49 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2011/04/14 18:25:48 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2011/04/14 18:25:46 | 007,015,424 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2011/04/14 18:25:45 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2011/04/14 18:25:45 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2011/04/14 18:25:44 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2011/04/14 18:25:44 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2011/04/14 18:25:44 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2011/04/14 18:25:44 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2011/04/14 18:25:44 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2011/04/14 18:25:43 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2011/04/14 18:25:43 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2011/04/14 18:25:43 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2011/04/14 18:25:43 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2011/04/14 18:25:42 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2011/04/14 18:25:42 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2011/04/14 18:25:36 | 000,221,184 | ---- | C] () -- C:\Windows\SysNative\dnsapi.dll
[2011/04/14 18:25:36 | 000,117,760 | ---- | C] () -- C:\Windows\SysNative\dnsrslvr.dll
[2011/04/14 18:25:36 | 000,028,672 | ---- | C] () -- C:\Windows\SysNative\dnscacheugc.exe
[2011/04/07 13:54:55 | 007,729,256 | ---- | C] () -- C:\Windows\SysNative\nvwgf2umx.dll
[2011/04/07 13:54:54 | 020,471,912 | ---- | C] () -- C:\Windows\SysNative\nvoglv64.dll
[2011/04/07 13:54:54 | 018,580,072 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2011/04/07 13:54:54 | 012,961,640 | ---- | C] () -- C:\Windows\SysNative\drivers\nvlddmkm.sys
[2011/04/07 13:54:54 | 006,604,904 | ---- | C] () -- C:\Windows\SysNative\nvcuda.dll
[2011/04/07 13:54:54 | 003,112,040 | ---- | C] () -- C:\Windows\SysNative\nvcuvid.dll
[2011/04/07 13:54:54 | 002,479,720 | ---- | C] () -- C:\Windows\SysNative\nvcuvenc.dll
[2011/04/07 13:54:54 | 001,614,440 | ---- | C] () -- C:\Windows\SysNative\nvdispco642090.dll
[2011/04/07 13:54:54 | 001,359,976 | ---- | C] () -- C:\Windows\SysNative\nvgenco642040.dll
[2011/04/07 13:54:54 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011/04/07 13:54:53 | 000,067,176 | ---- | C] () -- C:\Windows\SysNative\OpenCL.dll
[2011/04/07 13:54:53 | 000,011,240 | ---- | C] () -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011/03/11 22:55:10 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/03/11 22:55:10 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/07/13 19:51:56 | 000,000,680 | ---- | C] () -- C:\Users\Thompson\AppData\Local\d3d9caps.dat
[2010/03/09 15:03:15 | 000,000,245 | ---- | C] () -- C:\Windows\SysWow64\regupdate.ini
[2010/01/07 04:46:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/05 13:33:42 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/01/03 21:24:56 | 000,152,368 | ---- | C] () -- C:\Windows\SysWow64\WIN2PDFS.DLL
[2010/01/03 21:24:53 | 000,000,002 | ---- | C] () -- C:\Windows\1way.ini
[2009/10/13 14:58:25 | 000,000,533 | ---- | C] () -- C:\Windows\eReg.dat
[2009/10/13 13:54:59 | 000,094,708 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/10/13 13:07:26 | 000,094,708 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/10/02 00:56:13 | 000,000,102 | ---- | C] () -- C:\Users\Thompson\AppData\Roaming\wklnhst.dat
[2009/10/01 17:51:12 | 000,182,272 | ---- | C] () -- C:\Windows\patchw32.dll
[2009/09/27 00:53:00 | 000,007,168 | ---- | C] () -- C:\Users\Thompson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/26 21:14:02 | 000,002,029 | ---- | C] () -- C:\Users\Thompson\AppData\Roaming\install.dat
[2009/08/27 22:52:39 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe
[2009/08/27 22:52:19 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe
[2009/08/27 21:56:01 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/08/27 21:56:01 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/11/07 21:08:20 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/10/08 23:38:27 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2008/09/19 07:41:00 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/20 22:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/01/20 22:49:10 | 000,049,156 | ---- | C] () -- C:\Windows\SysWow64\certstore.dat
[2007/10/18 21:36:54 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\deskMenu2.dll
[2007/08/06 13:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2004/08/09 19:27:16 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\ddcvt.exe
========== LOP Check ========== [2010/01/06 18:27:19 | 000,000,000 | ---D | M] -- C:\Users\Thompson\AppData\Roaming\Autodesk
[2010/08/20 18:11:46 | 000,000,000 | ---D | M] -- C:\Users\Thompson\AppData\Roaming\Dev-Cpp
[2010/08/05 13:40:55 | 000,000,000 | ---D | M] -- C:\Users\Thompson\AppData\Roaming\OverDrive
[2009/10/02 00:56:15 | 000,000,000 | ---D | M] -- C:\Users\Thompson\AppData\Roaming\Template
[2010/08/21 17:05:18 | 000,000,000 | ---D | M] -- C:\Users\Thompson\AppData\Roaming\Tropico 3
[2010/09/12 21:08:56 | 000,000,000 | ---D | M] -- C:\Users\Thompson\AppData\Roaming\Ubisoft
[2011/05/03 22:18:43 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/05/04 19:35:26 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{674963B1-2A24-43DF-AE9A-93B4DD0AA6C2}.job
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:90EE3BE1
< End of report >