OTL logfile created on: 11/21/2011 6:46:31 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jerry\Downloads
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 60.68% Memory free
8.19 Gb Paging File | 6.51 Gb Available in Paging File | 79.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 761.72 Gb Total Space | 632.73 Gb Free Space | 83.07% Space Free | Partition Type: NTFS
Drive D: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 169.79 Gb Total Space | 128.38 Gb Free Space | 75.61% Space Free | Partition Type: NTFS
Computer Name: JERRY-PC | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/11/21 18:45:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Jerry\Downloads\OTL.exe
PRC - [2011/05/16 11:58:36 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011/01/10 08:24:20 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2010/12/02 20:06:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2008/12/29 17:27:38 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:
64bit: - [2010/06/29 11:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:
64bit: - [2008/01/20 20:50:23 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:
64bit: - [2008/01/20 20:46:39 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/01/10 08:24:20 | 000,993,848 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/01/10 08:24:20 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/12/02 20:06:45 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/04/23 04:39:00 | 000,136,616 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/16 18:39:50 | 000,606,048 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009/09/28 08:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/30 10:28:28 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/05/27 20:18:32 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/29 17:27:38 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2010/09/01 02:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\psi_mf.sys -- (PSI)
DRV:
64bit: - [2010/03/30 22:35:04 | 000,020,968 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133)
DRV:
64bit: - [2010/02/22 14:31:20 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\timntr.sys -- (timounter)
DRV:
64bit: - [2010/02/22 14:31:20 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys -- (tifsfilter)
DRV:
64bit: - [2010/02/22 14:31:05 | 000,235,040 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\snapman.sys -- (snapman)
DRV:
64bit: - [2010/02/22 14:31:04 | 000,593,952 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tdrpman.sys -- (tdrpman)
DRV:
64bit: - [2010/02/17 12:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2010/02/17 12:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2009/09/30 18:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:
64bit: - [2008/10/08 00:22:36 | 001,561,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:
64bit: - [2008/10/08 00:22:30 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:
64bit: - [2008/10/08 00:22:28 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:
64bit: - [2008/10/08 00:22:26 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:
64bit: - [2008/10/08 00:22:24 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:
64bit: - [2008/10/08 00:22:22 | 000,684,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:
64bit: - [2008/10/08 00:22:18 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:
64bit: - [2008/10/08 00:22:14 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV:
64bit: - [2008/10/08 00:22:14 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.SYS -- (CTEXFIFX)
DRV:
64bit: - [2008/10/08 00:22:10 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV:
64bit: - [2008/10/08 00:22:10 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.SYS -- (CTHWIUT)
DRV:
64bit: - [2008/10/08 00:22:08 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV:
64bit: - [2008/10/08 00:22:08 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.SYS -- (CT20XUT)
DRV:
64bit: - [2008/05/01 23:59:48 | 000,166,912 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:
64bit: - [2008/01/20 20:46:34 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\avc.sys -- (Avc)
DRV:
64bit: - [2008/01/20 20:46:34 | 000,017,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\avcstrm.sys -- (AVCSTRM)
DRV:
64bit: - [2008/01/20 20:46:08 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\mstape.sys -- (MSTAPE)
DRV:
64bit: - [2008/01/20 20:46:05 | 000,058,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\61883.sys -- (61883)
DRV:
64bit: - [2008/01/20 20:46:01 | 000,061,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\msdv.sys -- (MSDV)
DRV:
64bit: - [2007/07/23 08:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Alpham164.sys -- (Alpham1)
DRV:
64bit: - [2007/07/13 02:58:54 | 000,276,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\U6000ALL.sys -- (U6000ALL) U6000 TV Box(ALL)
DRV:
64bit: - [2007/04/11 14:35:30 | 000,056,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:
64bit: - [2007/04/11 14:35:22 | 000,053,520 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:
64bit: - [2007/03/20 10:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Alpham264.sys -- (Alpham2)
DRV - [2010/07/06 23:11:01 | 000,022,336 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/07/06 15:15:40 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2007/10/16 15:15:26 | 000,036,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\ET5Drv.sys -- (ET5Drv)
DRV - [2007/02/07 12:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.archerytalk.com/vb/forumdisplay.php?f=1IE - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 96 73 08 20 39 DF C9 01 [binary data]
IE - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\SysWOW64\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2009/11/30 10:57:28 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files (x86)\Download Manager\npfpdlm.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2009/11/30 10:57:28 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2009/10/26 18:16:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/20 07:58:44 | 000,000,000 | ---D | M]
[2009/05/29 09:56:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jerry\AppData\Roaming\Mozilla\Extensions
[2009/05/29 09:56:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jerry\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
O1 HOSTS File: ([2011/11/21 13:11:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files (x86)\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4:
64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [CtxfiReg] C:\Windows\SysWow64\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-18..\Run: [CtxfiReg] C:\Windows\SysWow64\CTxfiReg.exe (Creative Technology Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\..Trusted Domains: facebook.com ([%20www] https in Trusted sites)
O15 - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-1669760302-2667445884-3644838314-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://appldnld.apple.com.edgesuite.net ... plugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F}
http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {38AB0814-B09B-4378-9940-14A19638C3C2}
http://www.auctiva.com/Aurigma/ImageUploader57.cab (Auctiva Image Uploader Control)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B}
http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab (CDownloadCtrl Object)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884}
http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C}
http://www.facebook.com/controls/contactx.dll (ContactExtractor Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A}
http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}
http://tools.ebayimg.com/eps/wl/activex ... 0-31-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98}
http://service.futuremark.com/virtualmark/tc/FMSI.cab (Futuremark SystemInfo)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7}
http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.207.0.3 66.207.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98E5A55E-A998-4205-9578-EB9E15529319}: DhcpNameServer = 66.207.0.3 66.207.0.2
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jerry\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jerry\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O30:
64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/15 18:53:55 | 000,000,142 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sasnative64)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/11/21 18:41:48 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\RK_Quarantine
[2011/11/21 13:47:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/11/21 13:12:06 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/11/21 08:29:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/21 08:29:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/21 08:29:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/21 08:28:04 | 000,000,000 | ---D | C] -- C:\zzz
[2011/11/21 08:20:45 | 004,303,424 | R--- | C] (Swearware) -- C:\Users\Jerry\Desktop\zzz.exe
[2011/11/21 08:19:37 | 010,165,440 | ---- | C] (Microsoft Corporation) -- C:\Users\Jerry\Desktop\mseinstall.exe
[2011/11/20 19:42:06 | 000,000,000 | R--D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/11/20 19:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/11/20 19:31:46 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/11/01 14:53:24 | 000,000,000 | ---D | C] -- C:\Windows\$regcmp$
[2008/10/07 22:42:42 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2008/10/07 22:23:46 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/11/21 18:40:55 | 000,672,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/21 18:40:55 | 000,577,736 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/21 18:40:55 | 000,100,210 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/21 18:36:24 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/21 18:36:24 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/21 18:36:23 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/21 18:36:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/21 13:58:54 | 000,062,556 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00221102}.rfx
[2011/11/21 13:58:54 | 000,062,556 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000007-00001102-00000005-00221102}.rfx
[2011/11/21 13:58:54 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000007-00001102-00000005-00221102}.rfx
[2011/11/21 13:53:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/21 13:47:59 | 000,017,416 | ---- | M] () -- C:\Users\Jerry\Desktop\New Rich Text Format (2).rtf
[2011/11/21 13:11:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/11/21 08:21:22 | 004,303,424 | R--- | M] (Swearware) -- C:\Users\Jerry\Desktop\zzz.exe
[2011/11/21 08:19:38 | 010,165,440 | ---- | M] (Microsoft Corporation) -- C:\Users\Jerry\Desktop\mseinstall.exe
[2011/11/20 19:26:29 | 000,270,776 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/11/20 19:26:29 | 000,270,776 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/11/20 19:25:55 | 000,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/11/20 08:03:54 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/11/20 08:03:54 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/11/01 16:48:21 | 000,001,079 | ---- | M] () -- C:\Users\Jerry\Desktop\Auslogics BoostSpeed.lnk
[2011/10/31 20:18:16 | 000,019,494 | ---- | M] () -- F:\Documents\cc_20111031_211810.reg
[2011/10/25 18:33:18 | 000,065,536 | ---- | M] () -- C:\Users\Jerry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/11/21 13:47:32 | 000,017,416 | ---- | C] () -- C:\Users\Jerry\Desktop\New Rich Text Format (2).rtf
[2011/11/21 08:29:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/21 08:29:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/21 08:29:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/21 08:29:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/21 08:29:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/13 17:48:01 | 002,309,386 | ---- | C] () -- C:\Users\Jerry\Desktop\DSC05412.JPG
[2011/11/13 17:47:49 | 002,299,174 | ---- | C] () -- C:\Users\Jerry\Desktop\DSC05411.JPG
[2011/11/01 16:48:21 | 000,001,079 | ---- | C] () -- C:\Users\Jerry\Desktop\Auslogics BoostSpeed.lnk
[2011/10/31 20:18:13 | 000,019,494 | ---- | C] () -- F:\Documents\cc_20111031_211810.reg
[2011/10/13 14:29:40 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011/08/17 14:16:52 | 000,000,571 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2011/08/17 14:16:52 | 000,000,049 | ---- | C] () -- C:\Windows\Progs_.ini
[2011/04/25 23:03:14 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/25 23:03:14 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/01/31 23:36:35 | 000,000,620 | ---- | C] () -- C:\Users\Jerry\AppData\Local\mapc2mapc.ini
[2010/06/08 18:41:33 | 000,000,680 | -H-- | C] () -- C:\Users\Jerry\AppData\Local\d3d9caps.dat
[2010/05/31 18:21:57 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009/12/11 16:16:10 | 000,870,128 | ---- | C] () -- C:\Users\Jerry\AppData\Roaming\mcs.rma
[2009/12/11 16:16:10 | 000,000,004 | ---- | C] () -- C:\Users\Jerry\AppData\Roaming\20E5E8
[2009/09/24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/09/07 22:01:48 | 000,017,043 | ---- | C] () -- C:\Users\Jerry\AppData\Roaming\UserTile.png
[2009/08/14 21:55:02 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009/06/17 21:52:53 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009/06/03 22:09:49 | 000,721,356 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/06/03 10:15:39 | 010,444,800 | ---- | C] () -- C:\ProgramData\sandra.mda
[2009/06/01 15:25:21 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/06/01 15:24:49 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/06/01 15:24:19 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/05/29 14:55:50 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\Iyvu9_32.dll
[2009/05/29 14:52:43 | 000,000,208 | ---- | C] () -- C:\Windows\ulead32.ini
[2009/05/28 21:36:48 | 000,065,536 | ---- | C] () -- C:\Users\Jerry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/28 21:00:03 | 000,144,896 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009/05/28 21:00:03 | 000,071,168 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/05/28 13:01:42 | 000,270,776 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009/05/28 13:01:41 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2009/05/27 19:42:21 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/05/27 18:32:10 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2009/05/27 18:16:30 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009/05/27 16:01:09 | 000,001,460 | -H-- | C] () -- C:\Users\Jerry\AppData\Local\d3d9caps64.dat
[2008/10/07 23:08:38 | 000,020,936 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2008/10/07 22:41:40 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIRES.DLL
[2008/10/07 22:31:14 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2008/10/07 22:31:14 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2008/10/07 22:23:50 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2008/09/12 20:22:40 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2008/08/19 17:39:18 | 000,000,321 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2008/01/20 20:49:10 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/09/04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/06/21 00:34:08 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe
[2007/06/08 19:12:12 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\GTTunerCard.dll
[2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007/01/05 13:07:11 | 000,076,288 | ---- | C] () -- C:\Windows\SysWow64\1psiG60XV55.dll
[2006/11/02 09:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 06:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 06:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 06:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 03:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2005/08/24 22:19:25 | 000,087,552 | ---- | C] () -- C:\Windows\SysWow64\1psi60XV55.dll
[2004/07/29 02:19:46 | 000,175,104 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2004/01/18 19:11:47 | 000,076,800 | R--- | C] () -- C:\Windows\SysWow64\1psi60X.dll
[2003/06/28 14:34:20 | 000,069,707 | ---- | C] () -- C:\Windows\SysWow64\DISP_OPT1.dll
========== LOP Check ========== [2011/11/01 20:08:17 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Auslogics
[2009/06/09 19:15:55 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/11/30 11:07:21 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\DassaultSystemes
[2011/11/20 07:59:08 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\DiskSpaceFan
[2011/11/20 07:59:08 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\gtk-2.0
[2009/05/29 09:35:30 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Ideazon
[2010/06/17 20:10:57 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\iExpert Software
[2011/07/10 22:51:21 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\LimeWire
[2011/01/31 23:38:45 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Mobile Atlas Creator
[2010/06/27 09:30:17 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\MotionDSP
[2009/09/07 14:19:46 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Mp3tag
[2009/10/30 22:08:35 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\PandoraRecovery
[2009/11/11 20:09:09 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\PeerNetworking
[2010/01/17 17:11:32 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Publish Providers
[2010/01/14 16:34:39 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Sony
[2010/03/25 13:02:28 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\SuperAdBlocker.com
[2010/05/31 15:01:39 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Systweak
[2010/05/07 12:07:27 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\TS3Client
[2009/06/01 16:47:01 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Ulead Systems
[2009/11/06 12:53:56 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\VistaCodecs
[2010/02/11 00:45:57 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\WinBatch
[2011/11/21 13:58:50 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:890CC2F3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:0CE7F3C9
< End of report >
Extras
OTL Extras logfile created on: 11/21/2011 6:46:31 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jerry\Downloads
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 60.68% Memory free
8.19 Gb Paging File | 6.51 Gb Available in Paging File | 79.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 761.72 Gb Total Space | 632.73 Gb Free Space | 83.07% Space Free | Partition Type: NTFS
Drive D: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 169.79 Gb Total Space | 128.38 Gb Free Space | 75.61% Space Free | Partition Type: NTFS
Computer Name: JERRY-PC | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\OFFICE11\msohtmed.exe" %1
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\OFFICE11\msohtmed.exe" %1
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = C5 15 B3 E3 02 E3 C9 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1669760302-2667445884-3644838314-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2F33DCE1-D80E-49B5-A0FA-01A0995DFE35}" = lport=rpc | protocol=6 | dir=in | app=d:\sisoftware\sisoftware sandra lite 2009.sp3c\wnt500x64\rpcsandrasrv.exe |
"{62AE4B00-51B8-40D3-BBFC-1DAB38DA9472}" = lport=rpc | protocol=6 | dir=in | app=d:\sisoftware\sisoftware sandra lite 2009.sp3c\wnt500x64\rpcsandrasrv.exe |
"{718D9B79-1BC7-4146-99B5-B18CA7C81FD6}" = lport=rpc | protocol=6 | dir=in | app=d:\sisoftware\sisoftware sandra lite 2009.sp3c\rpcagentsrv.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20159EA4-DC6A-47FB-97E3-D4368F8D34E0}" = protocol=17 | dir=in | app=d:\program files\activision\call of duty - world at war\codwawmp.exe |
"{3C2B7B1C-8C96-499B-ACFB-84D0995DF56C}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{40B65221-8E5C-47FE-BDF4-D14584A8CA41}" = protocol=6 | dir=in | app=d:\program files\activision\call of duty - world at war\codwawmp.exe |
"{43DB5D1C-6444-4148-AD72-0A6C79C48106}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{484F0FCE-7B89-40A0-BD1D-492559B305F8}" = protocol=6 | dir=in | app=d:\program files\activision\call of duty - world at war\codwaw.exe |
"{518244B4-9815-4912-9066-386981B5D90C}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{574F9498-4209-4723-ADB5-270D53B4019E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5D643ED0-04CE-4730-9673-69125BBF2FE3}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{5F7E0A23-530D-4ADB-A3F1-DA7453F3C4D3}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{5FBC34EB-DBD3-45FF-9897-34E054C89D60}" = protocol=17 | dir=in | app=d:\program files\activision\call of duty - world at war\codwaw.exe |
"{74F433A7-3FAA-4872-8CB9-EF8B2E861C56}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{81DE9F97-463D-4F35-A714-9F30A881FC2D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{86126D22-206A-40E5-AB9E-8356A17182A4}" = protocol=1 | dir=in | app=d:\sisoftware\sisoftware sandra lite 2009.sp3c\wnt500x64\rpcsandrasrv.exe |
"{8D183727-E8DD-4DC1-8EA0-815E1860FB1B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A073AFC5-FD75-4917-91EC-E21DA9A40AB8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{AF68BECD-1E2F-439D-9B44-D5E97B5023A4}" = protocol=1 | dir=in | app=d:\sisoftware\sisoftware sandra lite 2009.sp3c\wnt500x64\rpcsandrasrv.exe |
"{B7A29928-8798-4C90-BF9D-665F8A9ECAC2}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{CC784AF9-486F-4E9A-A878-A61592AF57B3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D7CBE5B3-A829-4E1A-89D1-25BD0907BB9C}" = protocol=1 | dir=in | app=d:\sisoftware\sisoftware sandra lite 2009.sp3c\rpcagentsrv.exe |
"{DD86516A-317F-44E9-A2DB-8BCC9054FE74}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{E372E0CC-E66B-470A-8739-2CD87F4E9F09}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F2A4F378-B8EF-4088-B016-3463E0CBDBE9}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{F8369438-4488-4332-97DE-843B7E370491}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{0263EFE5-0D44-4309-B5D7-1CCCED515FEB}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{5E9F3B9C-3749-4E8E-9DC7-E805CF151888}C:\users\jerry\appdata\roaming\systweak\advanced system protector\quarantine\monitoring.cyberoam-web-filter-control_31_05_2010_17_02_56.dat1477111538\update.exe" = protocol=6 | dir=in | app=c:\users\jerry\appdata\roaming\systweak\advanced system protector\quarantine\monitoring.cyberoam-web-filter-control_31_05_2010_17_02_56.dat1477111538\update.exe |
"TCP Query User{97C87728-4AAE-4FF6-A3CF-CE74B7B40122}C:\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\xfire\xfire.exe |
"TCP Query User{AAD6F3EE-7AAA-4AF8-AFDA-7CDA4C3642CB}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{C9687C33-F41E-4BCD-8252-A457F8FCB19F}C:\program files (x86)\call of duty\codmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\call of duty\codmp.exe |
"TCP Query User{D72CD4B8-8008-4A6B-8A9E-3F470DAD33BE}C:\users\jerry\downloads\keygen.sony.vegas.movie.studio.platinum.edition.pro.9.0.exe" = protocol=6 | dir=in | app=c:\users\jerry\downloads\keygen.sony.vegas.movie.studio.platinum.edition.pro.9.0.exe |
"TCP Query User{EA5484BD-5558-4DB9-8C2E-B608E1052151}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{FB7303E4-0A11-4062-B87C-F4B354954776}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{FD18F229-F42C-4FCC-8AC8-68A56C939F88}D:\xfire\xfire.exe" = protocol=6 | dir=in | app=d:\xfire\xfire.exe |
"UDP Query User{14772A71-93F6-4B28-8CA8-2B2823E0A301}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{1F903E72-6A36-4E3B-B998-7EC592B06519}C:\program files (x86)\call of duty\codmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\call of duty\codmp.exe |
"UDP Query User{3C32574C-816A-4526-85BF-E09764DA72F2}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{57F71ACB-3432-47C9-838C-A85AF80811A8}D:\xfire\xfire.exe" = protocol=17 | dir=in | app=d:\xfire\xfire.exe |
"UDP Query User{7E0072F4-CF7F-45D2-9064-C9C8D3E6F38C}C:\users\jerry\appdata\roaming\systweak\advanced system protector\quarantine\monitoring.cyberoam-web-filter-control_31_05_2010_17_02_56.dat1477111538\update.exe" = protocol=17 | dir=in | app=c:\users\jerry\appdata\roaming\systweak\advanced system protector\quarantine\monitoring.cyberoam-web-filter-control_31_05_2010_17_02_56.dat1477111538\update.exe |
"UDP Query User{8049F415-FF0D-4C27-B164-B98344411353}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{852FE9B4-E83B-47E7-AB79-58F79C501E57}C:\users\jerry\downloads\keygen.sony.vegas.movie.studio.platinum.edition.pro.9.0.exe" = protocol=17 | dir=in | app=c:\users\jerry\downloads\keygen.sony.vegas.movie.studio.platinum.edition.pro.9.0.exe |
"UDP Query User{B451A8C1-69DA-4EFE-860C-C104A2B1AEE3}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{F06E5BD3-133C-498B-BBE2-CED7B57B2898}C:\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\xfire\xfire.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8A90CB5C-A6D1-440F-A86D-7F32CEABE062}" = Image Resizer Powertoy Clone for Windows
"{9B1A8F3D-8059-43FB-A7AE-4F2C21F0AAF2}" = KhalInstallWrapper
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CB6508F6-EC50-4829-A2C6-02990EFF0059}" = Windows Media Encoder 9 Series x64 Edition
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CF1EB598-B424-436A-B15F-B763846BA970}" = Dassault Systemes Software Prerequisites x86-x64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.54
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.16
"Free Registry Defrag_is1" = Free Registry Defrag
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Windows Media Encoder 9" = Windows Media Encoder 9 Series x64 Edition
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{28184E01-D57A-4933-A09B-F65403F16D82}" = i-Cool
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05
"{31E1050B-F69F-4A16-8F5A-E44D31901250}" = Ulead DVD DiskRecorder 2.1.1
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3C74D5C3-EBB9-408E-972F-B9802F13D5E4}" = 3DVIA Shape for Maps
"{3EE1008C-11A1-4F4F-8DB7-27573924DE78}" = DMIView B7.0108.01
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4BC4FDB7-5745-48CF-896F-7029CC183842}" = Creative ZEN
"{5B6455A4-E812-479B-A762-C2356244CF97}" = AV Grabber
"{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}" = Z Engine
"{69FB248E-690D-434F-94A7-248D5F1ECD70}" = AMD OverDrive
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0b
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7C7A59F-CF70-481E-A94F-7C2563AA5ADD}" = Sony DVD Architect Studio 4.5d
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8E0363-B20C-4792-8A1C-8DF5E01B68A6}" = GoGear VIBE Device Manager
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DA71A94B-3617-4935-8BBE-1566B2174C95}" = Drv
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E623BB3F-F7ED-4148-BEB5-A0D1DB28B4DE}" = Media Converter for Philips
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{F241EC95-C81A-466E-8006-6B0B364B07A0}" = PCMark Vantage
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced System Protector_is1" = Advanced System Protector
"Afterburner" = MSI Afterburner 1.6.0
"AudioCS" = Creative Audio Control Panel
"CCleaner" = CCleaner
"Console Launcher" = Creative Console Launcher
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"Disk Space Fan_is1" = Disk Space Fan 2.2.7.820
"Download Manager" = Download Manager 2.3.10
"EasyTune5Pro" = EasyTune5Pro
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"HD Tune_is1" = HD Tune 2.55
"Indeo® software" = Indeo® software
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{5B6455A4-E812-479B-A762-C2356244CF97}" = EZ Grabber
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"LimeWire" = LimeWire 5.5.16
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mp3tag" = Mp3tag v2.44
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PandoraRecovery" = PandoraRecovery (Remove Only)
"Photo-grapher_is1" = Photo-grapher 1
"PIXresizer_is1" = PIXresizer 2.0.4
"PunkBusterSvc" = PunkBuster Services
"QuickTime" = QuickTime
"RealPlayer 12.0" = RealPlayer
"Rhapsody" = Rhapsody
"Secunia PSI" = Secunia PSI (2.0.0.3001)
"Shaft Selector XpertV4426" = Shaft Selector Xpert
"Software For ArchersV2426" = Software For Archers
"SpeedFan" = SpeedFan (remove only)
"SpywareBlaster_is1" = SpywareBlaster 4.4
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinISD Pro [alpha]" = WinISD Pro [alpha]
"WinRAR archiver" = WinRAR archiver
"Xfire" = Xfire (remove only)
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1669760302-2667445884-3644838314-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 1/22/2011 1:50:26 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 11601
Description =
Error - 1/22/2011 1:50:26 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 1/22/2011 1:50:32 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 1/22/2011 1:50:33 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 11601
Description =
Error - 1/22/2011 1:50:33 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 1/22/2011 1:50:35 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 1/22/2011 1:50:38 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 1/22/2011 1:50:39 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 11601
Description =
Error - 1/22/2011 1:50:39 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 1/22/2011 1:50:41 PM | Computer Name = Jerry-PC | Source = MsiInstaller | ID = 1024
Description =
[ Media Center Events ]
Error - 6/10/2009 8:18:41 PM | Computer Name = Jerry-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 11/21/2011 9:48:44 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/21/2011 9:48:44 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 11/21/2011 10:51:36 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 11/21/2011 11:05:56 AM | Computer Name = Jerry-PC | Source = Application Popup | ID = 1060
Description = \??\C:\zzz\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.
Error - 11/21/2011 11:08:46 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 11/21/2011 11:16:21 AM | Computer Name = Jerry-PC | Source = DCOM | ID = 10010
Description =
Error - 11/21/2011 3:12:47 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/21/2011 3:12:47 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 11/21/2011 8:37:57 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/21/2011 8:37:57 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >