DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by User at 10:45:07 on 2011-09-19
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.65.1033.18.7863.5581 [GMT 8:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Program Files (x86)\Giraffic\GirafficWatchdog.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\PLFSetI.exe
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Razer\DeathAdder\vdDaemon.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtITunesPlugIn.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Giraffic\Giraffic.exe
C:\Windows\system32\taskeng.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = https://tr-crewnet.navitaire.com/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... 5t5551j24p
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... 5t5551j24p
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... 5t5551j24p
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: Interfaces\{1B38696B-DD53-4943-BC14-176E6D6E171B} : NameServer = 192.168.0.1
TCP: Interfaces\{1B38696B-DD53-4943-BC14-176E6D6E171B}\24541434F4E423 : DhcpNameServer = 10.223.8.20 10.223.7.21 10.223.7.24
TCP: Interfaces\{378F92C7-93EA-468C-91E4-9194F9251A4B} : DhcpNameServer = 203.116.1.94 203.116.254.150
TCP: Interfaces\{5C3B29F2-0460-411A-9232-E2457CE1D5BA} : DhcpNameServer = 202.96.209.5 202.96.209.133
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\am1vzyn7.default\
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\User\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110909.001\BHDrvx64.sys [2011-9-10 1152632]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\system32\DRIVERS\ctxusbm.sys --> C:\Windows\system32\DRIVERS\ctxusbm.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110917.031\IDSviA64.sys [2011-9-18 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1206000.01D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1206000.01D\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1206000.01D\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-8-14 325200]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-7-5 821792]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-7-28 136824]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2011-7-7 24176]
R3 VKbms;Virtual HID Minidriver;C:\Windows\system32\DRIVERS\VKbms.sys --> C:\Windows\system32\DRIVERS\VKbms.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 danewFltr;NewDeathAdder Mouse;C:\Windows\system32\drivers\danew.sys --> C:\Windows\system32\drivers\danew.sys [?]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 pwdrvio;pwdrvio;\??\C:\Windows\system32\pwdrvio.sys --> C:\Windows\system32\pwdrvio.sys [?]
S3 pwdspio;pwdspio;\??\C:\Windows\system32\pwdspio.sys --> C:\Windows\system32\pwdspio.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
.
=============== Created Last 30 ================
.
2011-09-19 02:31:22 -------- d-----w- C:\Users\User\AppData\Local\{E0106630-1AA7-4722-BB78-89BAB5AAA655}
2011-09-19 02:31:10 -------- d-----w- C:\Users\User\AppData\Local\{2DC770DF-96BC-4A8D-AA9E-4F00F0796900}
2011-09-18 12:27:12 -------- d-----w- C:\Program Files (x86)\Veetle
2011-09-18 06:19:26 -------- d-----w- C:\Users\User\AppData\Local\{656D61B7-8B74-4F2E-997E-68C1E58C36C7}
2011-09-18 06:19:13 -------- d-----w- C:\Users\User\AppData\Local\{D092142B-E483-4F10-BD26-A2DB670A21E4}
2011-09-17 18:18:46 -------- d-----w- C:\Users\User\AppData\Local\{8F9A2D44-4BAC-4170-A41C-B41717C39AB1}
2011-09-17 18:18:34 -------- d-----w- C:\Users\User\AppData\Local\{DFB3367E-ACBE-44CA-A958-E8BC2F691860}
2011-09-17 06:17:31 -------- d-----w- C:\Users\User\AppData\Local\{01AC48CB-D479-45EE-A03E-212F2165096E}
2011-09-17 06:17:05 -------- d-----w- C:\Users\User\AppData\Local\{FBA59CAA-BAB0-4605-8456-690600A9FFB4}
2011-09-16 15:52:51 -------- d-----w- C:\Users\User\AppData\Local\{6128FA2C-B49E-45F5-828E-EF08E38D8B8A}
2011-09-16 02:35:14 -------- d-----w- C:\Users\User\AppData\Local\{D9BE9A6D-0D77-4649-8FC3-E6F693F7EDB8}
2011-09-15 05:29:16 -------- d-----w- C:\Users\User\AppData\Local\{36588D0B-F956-4D8F-9F68-6ADED0FAA6DC}
2011-09-15 05:29:01 -------- d-----w- C:\Users\User\AppData\Local\{22CAD442-A670-4068-92E3-1AE75D6A5BBC}
2011-09-14 06:40:31 -------- d-----w- C:\Users\User\AppData\Local\{649DE12F-2776-4D9F-BA02-056BC8002E48}
2011-09-14 06:40:12 -------- d-----w- C:\Users\User\AppData\Local\{1E6F2FDB-8867-445E-9FE3-95D7BE891AB4}
2011-09-13 09:07:39 -------- d-----w- C:\Users\User\AppData\Local\{06EC2826-0D84-4279-B7C0-DFC9713D38FB}
2011-09-13 09:07:23 -------- d-----w- C:\Users\User\AppData\Local\{3DBE9889-3E70-4966-91F0-AE427824BF5C}
2011-09-12 07:37:18 -------- d-----w- C:\Users\User\AppData\Local\{2A78CCF7-7E20-4D89-BC7A-BB84FA582556}
2011-09-12 07:37:02 -------- d-----w- C:\Users\User\AppData\Local\{A01FABEE-CE70-426A-9362-567793D8BBC4}
2011-09-11 05:28:11 -------- d-----w- C:\Users\User\AppData\Local\{BA782161-989C-433E-BA9B-6DB521751665}
2011-09-11 05:27:10 -------- d-----w- C:\Users\User\AppData\Local\{187BAA76-E538-44DF-BC90-C8E18C402C0E}
2011-09-10 15:56:48 -------- d-----w- C:\Users\User\AppData\Local\{B851CAFF-FEA0-4502-A943-79B5C73C19DD}
2011-09-10 15:56:23 -------- d-----w- C:\Users\User\AppData\Local\{5E6ED45F-DB98-4EDB-8473-2FBC2517E1C9}
2011-09-09 15:27:27 -------- d-----w- C:\Users\User\AppData\Local\{43312AE8-1329-4DF9-BDF5-FF471878EEA9}
2011-09-09 15:27:15 -------- d-----w- C:\Users\User\AppData\Local\{DE0FBF14-102C-4D66-B97D-145498215AE9}
2011-09-09 14:38:00 -------- d-----w- C:\ProgramData\Giraffic
2011-09-09 14:37:59 -------- d-----w- C:\Program Files (x86)\Giraffic
2011-09-09 14:37:50 -------- d-----w- C:\Program Files (x86)\Veoh Networks
2011-09-09 03:25:30 -------- d-----w- C:\Users\User\AppData\Local\{97CF791F-88D6-4117-84D8-E2EBFEA7F4E1}
2011-09-09 03:24:24 -------- d-----w- C:\Users\User\AppData\Local\{A1CC5DAC-B613-400E-B8A3-8B19A07DC374}
2011-09-08 13:51:13 -------- d-----w- C:\Users\User\AppData\Local\dxhr
2011-09-08 13:50:14 -------- d-----w- C:\Users\User\AppData\Local\28050
2011-09-08 13:28:17 -------- d-----w- C:\Program Files (x86)\Dead Island
2011-09-08 12:46:19 -------- d-----w- C:\Program Files (x86)\Square Enix
2011-09-08 04:10:59 -------- d-----w- C:\Program Files (x86)\TightVNC
2011-09-08 04:10:25 -------- d-----w- C:\Users\User\AppData\Roaming\Phase Five Systems
2011-09-08 04:09:35 -------- d-----w- C:\Program Files (x86)\Jump Desktop
2011-09-08 02:50:02 -------- d-----w- C:\Users\User\AppData\Local\{295A8153-5DC6-4283-8816-4E69627E8A87}
2011-09-08 02:49:23 -------- d-----w- C:\Users\User\AppData\Local\{EB837A99-208D-45D0-B840-D4FE7CAAEED6}
2011-09-08 02:48:26 -------- d-----w- C:\Users\User\AppData\Local\{E5425AAF-4432-49C1-9409-D9BBB3664EDD}
2011-09-07 06:23:07 -------- d-----w- C:\Users\User\AppData\Local\{C3C694D6-5C40-4AED-9D5D-D75F07C2060C}
2011-09-07 06:19:55 -------- d-----w- C:\Users\User\AppData\Local\{FE239DF7-E8ED-4678-88A4-B46B1989DBA1}
2011-09-06 15:14:56 -------- d-----w- C:\Users\User\AppData\Local\{76B75C14-7FB1-4F15-8711-5435D9B3B136}
2011-09-06 15:14:44 -------- d-----w- C:\Users\User\AppData\Local\{348FDC83-80A5-432F-8088-01FD89CB29E2}
2011-09-06 03:13:05 -------- d-----w- C:\Users\User\AppData\Local\{E65ED2C5-D321-446C-98A6-9B99B5E77748}
2011-09-06 03:12:41 -------- d-----w- C:\Users\User\AppData\Local\{7121862B-5E7A-4EF5-8333-03D0C08412C1}
2011-09-05 14:47:11 -------- d-----w- C:\Users\User\AppData\Local\{78B31829-E876-423C-8CA1-AC9C02E09957}
2011-09-05 14:47:00 -------- d-----w- C:\Users\User\AppData\Local\{9D27F667-51F1-4BEC-84EC-635EF17A44C5}
2011-09-05 14:46:49 -------- d-----w- C:\Users\User\AppData\Local\{18F616F2-842E-40F3-A334-3799E8801815}
2011-09-05 14:46:37 -------- d-----w- C:\Users\User\AppData\Local\{8C6E5F69-D950-4FAF-BF62-6C77C820410A}
2011-09-05 04:52:24 -------- d-----w- C:\Users\User\AppData\Roaming\Wi-Fi Sync
2011-09-05 03:04:06 -------- d-----w- C:\Users\User\AppData\Local\Cranium
2011-09-05 02:59:48 -------- d-----w- C:\Users\User\AppData\Local\Cranium_Consulting_and_Cu
2011-09-05 02:59:00 -------- d-----w- C:\Program Files (x86)\iPhoneBrowser
2011-09-05 02:45:58 -------- d-----w- C:\Users\User\AppData\Local\{14DDEA34-8691-46CE-A1DF-B58452EFFBF8}
2011-09-05 02:45:24 -------- d-----w- C:\Users\User\AppData\Local\{9FD5543F-8254-4047-AC3D-5763BD639D3F}
2011-09-04 05:21:12 -------- d-----w- C:\Users\User\AppData\Local\{28503E35-8E62-4CA9-914B-A5DB189E2E6A}
2011-09-04 05:21:00 -------- d-----w- C:\Users\User\AppData\Local\{4E7A2DE6-6951-4DF8-8626-F4C18C0CD7B1}
2011-09-04 05:20:49 -------- d-----w- C:\Users\User\AppData\Local\{1F514BDA-FCF7-4719-8CA7-BDA42A88433D}
2011-09-04 05:20:38 -------- d-----w- C:\Users\User\AppData\Local\{C2D251BC-D1D7-48C3-8974-4075158FD76D}
2011-09-03 17:20:09 -------- d-----w- C:\Users\User\AppData\Local\{B4FA8E91-9123-44B3-B9B7-028A0498A0EB}
2011-09-03 17:19:45 -------- d-----w- C:\Users\User\AppData\Local\{C28C8DE5-CE29-4C1C-AE7B-D27843E4E8D4}
2011-09-03 17:19:01 -------- d-----w- C:\Users\User\AppData\Local\{7E8D702C-F58B-4420-83C5-6312F06E0134}
2011-09-03 00:49:47 -------- d-----w- C:\Users\User\AppData\Local\{BE244DEF-D2E7-4765-A3DB-76F23F816A0D}
2011-09-03 00:49:31 -------- d-----w- C:\Users\User\AppData\Local\{28A507DB-F42D-404E-A611-3331ABF00861}
2011-09-03 00:49:08 -------- d-----w- C:\Users\User\AppData\Local\{973072F2-8D48-4360-BCA9-C5FFD04448CD}
2011-09-02 06:27:59 -------- d-----w- C:\Users\User\AppData\Local\{699324F0-A052-42B9-8379-A2955314BA41}
2011-09-02 06:27:46 -------- d-----w- C:\Users\User\AppData\Local\{41818B68-175A-406D-AA75-2B12AD0AE74A}
2011-09-02 06:27:32 -------- d-----w- C:\Users\User\AppData\Local\{4669E8F6-6DE5-4246-B999-0D3CBB406499}
2011-09-01 14:39:23 -------- d-----w- C:\Users\User\AppData\Local\{3078D2CE-840F-4D19-B6EB-FEDA605FCFEB}
2011-09-01 14:39:10 -------- d-----w- C:\Users\User\AppData\Local\{6D93AD64-C8D4-4CF2-B28B-D2B644DDFEB5}
2011-09-01 10:23:50 -------- d-----w- C:\Users\User\AppData\Local\{56AEF3D4-40EA-4851-88A7-225C57227A3D}
2011-09-01 10:23:23 -------- d-----w- C:\Users\User\AppData\Local\{B7004620-DC75-4984-A3B6-B59E994CBF0D}
2011-09-01 09:45:04 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d30d591f1cc688b01\MeshBetaRemover.exe
2011-09-01 08:59:13 -------- d-----w- C:\Users\User\AppData\Local\{7C712C9E-5D76-4B97-8678-DFB11256635C}
2011-08-31 14:22:10 -------- d-----w- C:\Users\User\AppData\Local\{A989F1E2-3C38-4F8E-A5F7-D0D458B1E951}
2011-08-31 14:21:57 -------- d-----w- C:\Users\User\AppData\Local\{A6203057-7FE3-43FD-BB34-08612D1BDF6B}
2011-08-31 01:56:27 -------- d-----w- C:\Users\User\AppData\Local\{7A6E7CE4-0C4D-4D68-9714-A87B7E525619}
2011-08-31 01:55:18 -------- d-----w- C:\Users\User\AppData\Local\{F9912885-D3BE-442C-9427-1EE1D281860D}
2011-08-30 08:16:58 -------- d-----w- C:\Users\User\AppData\Local\{EEE621AC-371F-4AF4-BC89-A2462EC4A0B3}
2011-08-30 08:15:41 -------- d-----w- C:\Users\User\AppData\Local\{26D0256B-B41A-4F12-AB6A-287E99BAA9D2}
2011-08-29 09:20:43 -------- d-----w- C:\Users\User\AppData\Local\{4FC85597-4502-48F5-BCB3-A54301EFF782}
2011-08-29 09:20:26 -------- d-----w- C:\Users\User\AppData\Local\{69EED39C-3229-46C4-B9AA-444E347F37C4}
2011-08-28 06:43:32 -------- d-----w- C:\Users\User\AppData\Local\{1DDD10F4-6BFC-4B4F-B6F0-328D7280B0AB}
2011-08-28 06:43:14 -------- d-----w- C:\Users\User\AppData\Local\{2B8B3EDF-A462-41B5-B80C-1CAF7B0173E0}
2011-08-27 15:46:28 -------- d-----w- C:\Users\User\AppData\Local\{C7933EC4-350F-4052-81C7-C28123BBDFC7}
2011-08-27 15:46:11 -------- d-----w- C:\Users\User\AppData\Local\{D8F0F256-A829-45D3-970E-CED3E718621B}
2011-08-27 15:17:40 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2011-08-27 15:16:56 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2011-08-27 15:14:24 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-08-27 15:12:30 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2011-08-27 15:12:30 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2011-08-27 03:45:35 -------- d-----w- C:\Users\User\AppData\Local\{503DC219-7FCB-4649-9082-594362F06758}
2011-08-27 03:45:09 -------- d-----w- C:\Users\User\AppData\Local\{FD9564F5-5BCD-4FE0-8C7B-2A798C56691E}
2011-08-26 03:08:09 -------- d-----w- C:\Users\User\AppData\Local\{EBE2B129-90C9-4060-A6A4-5886545E5E5C}
2011-08-25 14:43:59 -------- d-----w- C:\Program Files (x86)\WinSCP
2011-08-25 14:41:11 -------- d-----w- C:\Users\User\AppData\Local\{E339123E-96B0-4D04-841E-40BFBC22657D}
2011-08-25 14:40:09 -------- d-----w- C:\Users\User\AppData\Local\{31EABB20-C63A-4700-A35B-33B973467291}
2011-08-24 15:00:56 -------- d-----w- C:\Users\User\AppData\Local\{20A315D1-1811-47BC-A3CE-63248E800F3A}
2011-08-24 15:00:40 -------- d-----w- C:\Users\User\AppData\Local\{0BC6131A-101A-4605-9D48-F2A2BAD1DF28}
2011-08-24 03:08:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-08-24 03:08:46 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-08-24 03:02:31 -------- d-----w- C:\Users\User\AppData\Roaming\Hobbyist Software
2011-08-24 03:01:44 -------- d-----w- C:\Program Files (x86)\Hobbyist Software
2011-08-24 03:00:07 -------- d-----w- C:\Users\User\AppData\Local\{D219B5E2-EAD3-4BE1-BDC0-965EB4553C3B}
2011-08-24 02:59:46 -------- d-----w- C:\Users\User\AppData\Local\{C8D1B3FF-E617-4056-81EB-D20D379B323F}
2011-08-23 11:46:48 -------- d-----w- C:\Users\User\AppData\Local\{14D7E024-5780-49BF-A27A-54E8C6A52225}
2011-08-23 11:46:32 -------- d-----w- C:\Users\User\AppData\Local\{C1986F61-0782-4CBB-80CB-DC0D9268A16F}
2011-08-21 15:22:33 -------- d-----w- C:\Users\User\AppData\Local\{655946C7-C908-4BAC-8F1D-B9D74B5F5996}
2011-08-21 15:22:18 -------- d-----w- C:\Users\User\AppData\Local\{B6901526-5BA5-4D83-924A-C0B3A81B4622}
2011-08-21 03:21:36 -------- d-----w- C:\Users\User\AppData\Local\{0DB6F83D-AB1C-4119-92F1-1B6CF7865EB3}
2011-08-21 03:21:13 -------- d-----w- C:\Users\User\AppData\Local\{BFFD6977-4774-4A4B-B69E-62E0A40090D2}
2011-08-20 03:55:23 -------- d-----w- C:\Users\User\AppData\Local\{BB2105EB-D6BE-4455-AD88-83DC4E541DA9}
2011-08-20 03:55:09 -------- d-----w- C:\Users\User\AppData\Local\{C332E68D-2015-4D05-ABD2-DE9F2C494E1B}
.
==================== Find3M ====================
.
2011-08-13 16:58:32 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-04 03:45:46 8192 ----a-w- C:\Windows\SysWow64\srvany.exe
2011-07-22 05:35:08 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 04:56:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-21 07:28:16 286720 ------w- C:\Windows\Setup1.exe
2011-07-21 07:28:15 73216 ----a-w- C:\Windows\ST6UNST.EXE
2011-07-16 05:26:54 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:26:53 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:26:53 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:26:18 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-07-16 05:24:09 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 05:21:32 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2011-07-16 05:17:46 338432 ----a-w- C:\Windows\System32\conhost.exe
2011-07-16 04:36:09 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:32:14 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:31:50 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:30:29 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:30:27 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:26:12 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:26:11 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:21:47 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-09 02:44:55 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-07-08 09:45:12 386168 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symnets.sys
2011-07-07 15:54:56 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-07-07 11:10:36 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-07-04 18:16:07 2560 ----a-w- C:\Windows\SysWow64\drivers\zh-TW\qwavedrv.sys.mui
2011-07-04 18:15:59 13824 ----a-w- C:\Windows\SysWow64\drivers\zh-TW\bfe.dll.mui
2011-07-04 18:15:59 10240 ----a-w- C:\Windows\SysWow64\drivers\zh-TW\pacer.sys.mui
2011-07-04 18:15:50 2048 ----a-w- C:\Windows\SysWow64\drivers\zh-TW\scfilter.sys.mui
2011-07-04 18:15:49 4608 ----a-w- C:\Windows\SysWow64\drivers\zh-TW\ndiscap.sys.mui
2011-07-04 18:15:46 30208 ----a-w- C:\Windows\SysWow64\drivers\zh-TW\tcpip.sys.mui
2011-07-04 18:09:57 2048 ----a-w- C:\Windows\SysWow64\drivers\zh-CN\qwavedrv.sys.mui
2011-07-04 18:09:48 13824 ----a-w- C:\Windows\SysWow64\drivers\zh-CN\bfe.dll.mui
2011-07-04 18:09:48 10240 ----a-w- C:\Windows\SysWow64\drivers\zh-CN\pacer.sys.mui
2011-07-04 18:09:41 2048 ----a-w- C:\Windows\SysWow64\drivers\zh-CN\scfilter.sys.mui
2011-07-04 18:09:39 4096 ----a-w- C:\Windows\SysWow64\drivers\zh-CN\ndiscap.sys.mui
2011-07-04 18:09:34 30208 ----a-w- C:\Windows\SysWow64\drivers\zh-CN\tcpip.sys.mui
2011-07-04 17:28:10 0 ----a-w- C:\Windows\ativpsrm.bin
2011-07-04 17:27:13 3 ----a-w- C:\Windows\System32\PLD_Framework.cmd
2011-06-23 05:29:39 5507968 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-06-23 04:38:05 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-06-23 04:38:04 3902336 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-06-21 06:27:14 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-21 06:20:48 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-06-21 06:20:06 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-06-21 05:36:36 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-06-21 05:35:05 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-06-21 05:05:13 482816 ----a-w- C:\Windows\System32\html.iec
2011-06-21 04:26:02 386048 ----a-w- C:\Windows\SysWow64\html.iec
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 5/7/2011 9:12:52 AM
System Uptime: 19/9/2011 4:17:12 AM (6 hours ago)
.
Motherboard: Acer | | JM41_CP
Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz | CPU | 2667/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 583 GiB total, 33.89 GiB free.
E: is CDROM ()
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
Acer Arcade Deluxe
Acer Arcade Movie
Acer Backup Manager
Acer Crystal Eye Webcam
Acer eRecovery Management
Acer PowerSmart Manager
Acer Registration
Acer ScreenSaver
Acer Updater
Acer VCM
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Photoshop CS5
Adobe Reader X (10.1.0)
Alcor Micro USB Card Reader
Apple Application Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Backup Manager Basic
BlackBerry Desktop Software 6.1
BUFFALO TurboUSB for FLASH/HDD
Call of Duty: Black Ops
Cambridge Advanced Learner's Dictionary - 3rd Edition
CamStudio OSS Desktop Recorder
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
D3DX10
Deus Ex - Human Revolution version 1.0
Dropbox
eSobi v2
Football Manager 2011
Funshion
Garena - BlackShot
Garena 2010
Garena Messenger
Giraffic Video Accelerator
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Harry Potter and the Deathly Hallows(TM) - Part 2
Harry Potter and the Deathly Hallows™ - Part 1
Identity Card
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Driver
iPhoneBrowser
iSongText version 1.6.0
Java Auto Updater
Java(TM) 6 Update 26
Jump Desktop
Junk Mail filter update
Launch Manager
Magic Berry
MagicDisc 2.7.106
MediaShow Espresso
Messenger Companion
Messenger Plus! 5
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Flight Simulator X Service Pack 2
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MiniTool Partition Wizard Home Edition 6.0
Mozilla Firefox 5.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Norton Internet Security
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
ooVoo
Optical Drive Power Management
PX Profile Update
QuickTime
Rainmeter
Razer DeathAdder(TM) Mouse
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Simple Port Forwarding
Skype Toolbars
Skype™ 5.3
SopCast 3.2.9
TightVNC 2.0.2
Tom Clancy's H.A.W.X. 2
Ubisoft Game Launcher
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Veetle TV
Veoh Web Player
VLC media player 1.1.10
VLC Streamer 1.33
Welcome Center
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinSCP 4.3.4
.
==== Event Viewer Messages From Past Week ========
.
19/9/2011 10:44:17 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
18/9/2011 2:47:01 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126
12/9/2011 11:36:24 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer HENGYING-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1B38696B-DD53-4943-BC14-176E6D6E171B}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================