Thanks! I uninstalled BitTorrent. Here's the logs.
OTL:
OTL logfile created on: 1/2/2012 10:57:46 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Elena\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.99 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 48.64% Memory free
5.98 Gb Paging File | 4.00 Gb Available in Paging File | 66.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.79 Gb Total Space | 21.78 Gb Free Space | 9.35% Space Free | Partition Type: NTFS
Computer Name: BASEMENTCOMP | User Name: Elena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Elena\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
PRC - C:\Users\Elena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic)
PRC - C:\Program Files\Giraffic\Veoh_Giraffic.exe (Giraffic)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe ()
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\psxss.exe (Microsoft Corporation)
PRC - C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Nova Development\Greeting Card Factory Workshop 8.0\ReminderApp.exe ()
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Lexmark 5200 Series\ezprint.exe (Lexmark International Inc.)
PRC - C:\Program Files\Lexmark 5200 Series\lxbtmon.exe (Lexmark International, Inc.)
PRC - C:\Windows\System32\lxbtcoms.exe ( )
========== Modules (No Company Name) ========== MOD - C:\Users\Elena\AppData\Local\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Elena\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll ()
MOD - C:\Users\Elena\AppData\Local\Google\Chrome\Application\16.0.912.63\avutil-51.dll ()
MOD - C:\Users\Elena\AppData\Local\Google\Chrome\Application\16.0.912.63\avformat-53.dll ()
MOD - C:\Users\Elena\AppData\Local\Google\Chrome\Application\16.0.912.63\avcodec-53.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f5659a792c1f6832d9a45c1509d03497\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3609.23390__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3609.23357__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3609.23260__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3609.23281__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3609.23322__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3609.23269__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3609.23358__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3609.23275__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3609.23270__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3609.23390__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3609.23385__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3609.23282__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3589.25814__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3589.25796__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3589.25945__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3589.25905__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3589.25791__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3589.25794__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3589.26042__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3589.25822__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3589.25829__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3589.25810__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3589.25907__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3589.25838__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3589.25834__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3589.25817__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3589.25837__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3589.25917__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3589.25832__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3589.25896__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3589.25844__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3589.25847__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3589.25922__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3589.25916__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3609.23265__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3609.23384__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3609.23345__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3609.23275__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3609.23351__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3609.23350__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3609.23257__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3609.23255__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3609.23259__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3589.25849__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3609.23256__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3609.23363__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3589.25806__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3589.25826__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3589.25801__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3589.25839__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3589.25819__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3589.25856__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3589.25851__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3589.25865__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3589.25858__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3609.23351__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3589.25836__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3609.23257__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files\Tablet\Pen\libxml2.dll ()
MOD - C:\Program Files\Nova Development\Greeting Card Factory Workshop 8.0\AddressBookCore.dll ()
MOD - C:\Program Files\Nova Development\Greeting Card Factory Workshop 8.0\ReminderApp.exe ()
MOD - C:\Program Files\Nova Development\Greeting Card Factory Workshop 8.0\en-US\ReminderApp.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program Files\Lexmark 5200 Series\lxbtdrec.dll ()
MOD - C:\Program Files\Lexmark 5200 Series\iptk.dll ()
========== Win32 Services (SafeList) ========== SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Giraffic) -- C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe (Giraffic)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Updater Service for StartNow Toolbar) -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe ()
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (NSL) -- C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\ccSvcHst.exe (Symantec Corporation)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (TabletServicePen) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (TouchServicePen) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (iprip) -- C:\Windows\System32\iprip.dll (Microsoft Corporation)
SRV - (lxbt_device) -- C:\Windows\System32\lxbtcoms.exe ( )
SRV - (Adobe Version Cue CS3) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
========== Driver Services (SafeList) ========== DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (vmbus) -- C:\Windows\system32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (MQAC) -- C:\Windows\System32\drivers\mqac.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (MEI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (PsxDrv) -- C:\Windows\System32\drivers\psxdrv.sys (Microsoft Corporation)
DRV - (rt61x86) -- C:\Windows\System32\drivers\netr61.sys (Ralink Technology, Corp.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (athrusb) -- C:\Windows\System32\drivers\athrusb.sys (Atheros Communications, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=5e0250ca000000000000001aef1a10b5&tlver=1.4.19.19&affID=18606
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1973003820-525972890-3920212309-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1973003820-525972890-3920212309-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..keyword.URL: "http://www.searchqu.com/web?src=ffb&systemid=406&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Elena\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Elena\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.7\coFFNST\ [2011/08/08 18:58:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/05 20:18:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp435@crossrider.com: C:\ProgramData\CodecCheck\firefox [2011/12/26 08:03:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/01 08:28:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/29 00:37:14 | 000,000,000 | ---D | M]
[2011/06/13 22:34:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elena\AppData\Roaming\Mozilla\Extensions
[2012/01/01 08:28:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/24 17:30:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/01/01 08:28:23 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/05/29 14:40:16 | 000,002,423 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011/10/02 05:31:57 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2011/03/23 07:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml
[2011/11/11 05:25:04 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Elena\AppData\Local\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Elena\AppData\Local\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Elena\AppData\Local\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Elena\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: QUAKE LIVE (Enabled) = C:\ProgramData\id Software\QuakeLive\npquakezero.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Elena\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Elena\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
O1 HOSTS File: ([2011/06/17 09:59:04 | 000,618,793 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1
www.accuserveadsystem.comO1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1
www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1
www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16379 more lines...
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (CrossRider) - {A876E312-7D08-401a-B7A6-FAFC5DC2F292} - C:\Program Files\CrossriderWebApps\Crossrider.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.7\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 5200 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LXBTCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXBTtime.DLL ()
O4 - HKLM..\Run: [lxbtmon.exe] C:\Program Files\Lexmark 5200 Series\lxbtmon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ReminderApp] C:\Program Files\Nova Development\Greeting Card Factory Workshop 8.0\ReminderApp.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files\StartNow Toolbar\ToolbarHelper.exe" File not found
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-1973003820-525972890-3920212309-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Chloe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Elena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Elena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Elena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Parker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MP3 Rocket (Minimized).lnk = File not found
O4 - Startup: C:\Users\Parker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{181677FF-91FA-40AF-BF5B-EE0245E82A24}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\wi3c8a~1\datamngr\datamngr.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~1\wi3c8a~1\datamngr\iebho.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/19 22:00:33 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{78cc4ebf-c1b4-11e0-8c70-c71fbbf3cfc9}\Shell - "" = AutoRun
O33 - MountPoints2\{78cc4ebf-c1b4-11e0-8c70-c71fbbf3cfc9}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/12/31 15:29:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Elena\Desktop\OTL.exe
[2011/12/30 19:50:30 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Local\Skyrim
[2011/12/30 19:50:23 | 000,000,000 | ---D | C] -- C:\Users\Elena\Documents\My Games
[2011/12/30 19:39:50 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2011/12/30 19:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2011/12/30 19:37:41 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Users\Elena\Desktop\MGADiag.exe
[2011/12/30 19:28:32 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/12/29 15:13:38 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Roaming\HpUpdate
[2011/12/29 00:06:49 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Elena\Desktop\dds.scr
[2011/12/28 23:33:44 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Roaming\Malwarebytes
[2011/12/28 23:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/28 23:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/28 23:33:38 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/28 23:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/28 23:32:35 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Elena\Desktop\mbam-setup-1.60.0.1800.exe
[2011/12/28 13:37:27 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Local\Apple Computer
[2011/12/27 19:22:47 | 000,000,000 | ---D | C] -- C:\Users\Elena\Desktop\zip thing
[2011/12/26 20:48:02 | 005,852,672 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2011/12/26 20:48:02 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2011/12/26 20:48:01 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2011/12/26 20:48:01 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2011/12/26 20:48:01 | 000,014,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2011/12/26 20:47:57 | 000,159,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2011/12/26 20:47:54 | 000,348,160 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2011/12/26 20:47:53 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2011/12/26 20:47:52 | 000,032,256 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2011/12/26 20:47:51 | 000,417,792 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2011/12/26 20:47:49 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2011/12/26 20:47:48 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2011/12/26 20:47:45 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2011/12/26 20:47:43 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2011/12/26 20:47:36 | 004,200,960 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2011/12/26 20:47:27 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2011/12/26 20:47:20 | 000,263,680 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2011/12/26 20:47:17 | 018,996,224 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2011/12/26 20:47:13 | 008,913,920 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2011/12/26 20:47:09 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2011/12/26 20:47:05 | 000,360,448 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2011/12/26 20:47:04 | 000,774,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2011/12/26 20:47:01 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2011/12/26 20:47:00 | 000,051,200 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2011/12/26 20:46:57 | 001,828,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2011/12/26 20:46:57 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2011/12/26 20:46:49 | 011,300,864 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2011/12/26 20:46:49 | 000,163,840 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2011/12/26 20:46:45 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2011/12/26 20:46:44 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2011/12/26 17:21:53 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2011/12/26 17:21:53 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2011/12/26 17:21:53 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2011/12/26 17:21:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011/12/26 10:44:07 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Roaming\Apple Computer
[2011/12/26 08:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\CrossriderWebApps
[2011/12/26 08:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\CodecCheck
[2011/12/26 08:03:52 | 000,000,000 | ---D | C] -- C:\codec-info
[2011/12/26 08:03:23 | 000,000,000 | ---D | C] -- C:\Program Files\BFlixToolbar
[2011/12/25 09:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/12/25 09:39:56 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2011/12/25 09:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/12/25 09:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/12/25 09:39:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/12/25 09:39:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/12/25 09:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/12/25 09:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/12/25 09:31:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/12/24 20:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/12/23 19:44:53 | 000,000,000 | ---D | C] -- C:\Users\Elena\Desktop\USB
[2011/12/23 17:10:37 | 000,000,000 | ---D | C] -- C:\Users\Elena\Desktop\Story File
[2011/12/22 06:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/12/22 06:33:27 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011/12/21 20:32:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\stalker-shoc
[2011/12/20 02:09:24 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011/12/19 22:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CELSYS
[2011/12/19 22:40:18 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Roaming\Smith Micro
[2011/12/19 22:39:19 | 000,000,000 | ---D | C] -- C:\Users\Elena\Documents\Smith Micro
[2011/12/19 22:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio EX 4.0
[2011/12/19 22:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\Smith Micro
[2011/12/19 22:38:49 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2011/12/19 22:34:39 | 000,000,000 | ---D | C] -- C:\Users\Elena\Documents\maya
[2011/12/19 22:33:41 | 000,000,000 | ---D | C] -- C:\Users\Elena\Desktop\Manga_Studio_EX_4.0
[2011/12/19 22:33:26 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Roaming\WinRAR
[2011/12/19 22:33:26 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/12/19 22:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/12/19 22:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Alias Shared
[2011/12/19 22:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2011/12/19 22:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\en-US
[2011/12/19 22:08:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ja-JP
[2011/12/19 22:08:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2011/12/19 22:05:51 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2011/12/19 22:02:38 | 000,000,000 | ---D | C] -- C:\Users\Elena\AppData\Roaming\Autodesk
[2011/12/19 22:00:33 | 000,000,000 | ---D | C] -- C:\Autodesk
[2011/12/14 22:33:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/12/14 22:33:36 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/12/14 22:33:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/12/14 22:33:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/12/14 22:33:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/12/14 22:33:32 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/12/14 15:02:00 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/12/14 15:01:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/12/14 15:01:56 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/12/14 15:01:54 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/12/14 15:01:53 | 003,912,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/12/14 15:01:52 | 003,967,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/12/07 18:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/12/05 20:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2011/12/05 20:18:07 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2011/12/05 20:17:59 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2011/12/05 20:17:59 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2011/12/05 20:17:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2011/05/17 06:58:15 | 003,081,376 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files\install_flash_player.exe
[2011/05/17 06:52:26 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbtserv.dll
[2011/05/17 06:52:26 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbtusb1.dll
[2011/05/17 06:52:26 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbthbn3.dll
[2011/05/17 06:52:26 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbtcomc.dll
[2011/05/17 06:52:26 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbtpmui.dll
[2011/05/17 06:52:26 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbtlmpm.dll
[2011/05/17 06:52:26 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxbtcoms.exe
[2011/05/17 06:52:26 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbtcomm.dll
[2011/05/17 06:52:26 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbtinpa.dll
[2011/05/17 06:52:26 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbtiesc.dll
[2011/05/17 06:52:26 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxbtih.exe
[2011/05/17 06:52:26 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxbtcfg.exe
[2011/05/17 06:52:26 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxbthcp.dll
[2011/05/17 06:52:26 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbtprox.dll
[2011/05/17 06:52:26 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbtpplc.dll
[2009/11/19 21:08:02 | 003,749,224 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\Common Files\adlmint_libFNP.dll
[2009/11/19 21:08:02 | 002,941,288 | ---- | C] (Autodesk, Inc.) -- C:\Program Files\Common Files\adlmint.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/01/02 11:01:00 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2012/01/02 10:32:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1973003820-525972890-3920212309-1003UA.job
[2012/01/02 09:04:03 | 000,021,328 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/02 09:04:03 | 000,021,328 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/02 08:16:14 | 000,659,192 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/02 08:16:14 | 000,116,936 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/02 06:56:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/01 21:07:00 | 2408,570,880 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/01 19:32:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1973003820-525972890-3920212309-1003Core.job
[2011/12/31 15:34:44 | 000,302,592 | ---- | M] () -- C:\Users\Elena\Desktop\hgf88ykd.exe
[2011/12/31 15:29:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Elena\Desktop\OTL.exe
[2011/12/30 19:37:47 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Elena\Desktop\MGADiag.exe
[2011/12/30 19:30:43 | 000,458,240 | ---- | M] () -- C:\Users\Elena\Desktop\CKScanner.exe
[2011/12/30 19:28:37 | 000,002,316 | ---- | M] () -- C:\Users\Elena\Desktop\Google Chrome.lnk
[2011/12/29 00:06:47 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Elena\Desktop\dds.scr
[2011/12/28 23:33:40 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 23:32:56 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Elena\Desktop\mbam-setup-1.60.0.1800.exe
[2011/12/28 21:00:37 | 000,495,248 | ---- | M] () -- C:\Users\Elena\Desktop\tumblr_lwxnzag0VL1r7b9fxo5_r1_250.gif
[2011/12/27 23:31:02 | 000,229,004 | ---- | M] () -- C:\Users\Elena\Desktop\onemap2.mb
[2011/12/27 23:30:19 | 010,194,740 | ---- | M] () -- C:\Users\Elena\Desktop\coffintoptextures.psd
[2011/12/26 20:48:08 | 005,852,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll
[2011/12/26 20:48:03 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2011/12/26 20:48:03 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2011/12/26 20:48:02 | 000,020,992 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2011/12/26 20:48:02 | 000,014,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2011/12/26 20:48:01 | 018,996,224 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2011/12/26 20:48:01 | 000,157,152 | ---- | M] () -- C:\Windows\System32\ativvsva.dat
[2011/12/26 20:47:59 | 000,159,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2011/12/26 20:47:57 | 000,348,160 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2011/12/26 20:47:54 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2011/12/26 20:47:53 | 000,032,256 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2011/12/26 20:47:52 | 000,417,792 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2011/12/26 20:47:50 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2011/12/26 20:47:50 | 000,243,168 | ---- | M] () -- C:\Windows\System32\atiicdxx.dat
[2011/12/26 20:47:49 | 004,200,960 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2011/12/26 20:47:49 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2011/12/26 20:47:48 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2011/12/26 20:47:48 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2011/12/26 20:47:46 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2011/12/26 20:47:29 | 000,032,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2011/12/26 20:47:22 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2011/12/26 20:47:13 | 011,300,864 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2011/12/26 20:47:10 | 000,029,184 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2011/12/26 20:47:07 | 000,360,448 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2011/12/26 20:47:06 | 000,036,338 | ---- | M] () -- C:\Windows\atiogl.xml
[2011/12/26 20:47:05 | 000,774,656 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll
[2011/12/26 20:47:03 | 000,208,016 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2011/12/26 20:47:02 | 001,828,864 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2011/12/26 20:47:02 | 000,466,944 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2011/12/26 20:47:02 | 000,204,960 | ---- | M] () -- C:\Windows\System32\ativvsvl.dat
[2011/12/26 20:47:02 | 000,003,917 | ---- | M] () -- C:\Windows\System32\atipblag.dat
[2011/12/26 20:47:01 | 000,051,200 | ---- | M] (AMD) -- C:\Windows\System32\coinst.dll
[2011/12/26 20:47:00 | 006,077,952 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll
[2011/12/26 20:46:59 | 000,294,912 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2011/12/26 20:46:53 | 000,163,840 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2011/12/26 20:46:50 | 002,044,928 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2011/12/26 20:46:47 | 000,045,056 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2011/12/26 20:46:46 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2011/12/26 16:23:46 | 000,624,861 | ---- | M] () -- C:\Users\Elena\Desktop\coffintoptextures.png
[2011/12/26 13:05:52 | 091,262,610 | ---- | M] () -- C:\Users\Elena\Desktop\zip thing.zip
[2011/12/26 12:52:25 | 000,339,548 | ---- | M] () -- C:\Users\Elena\Desktop\onemap1.mb
[2011/12/26 11:03:29 | 000,001,194 | ---- | M] () -- C:\Users\Elena\Desktop\mis.bmp
[2011/12/25 09:40:26 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/24 17:33:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Dave.job
[2011/12/23 17:08:06 | 000,478,460 | ---- | M] () -- C:\Users\Elena\Documents\Story File.png
[2011/12/22 06:34:53 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/12/22 06:34:53 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/12/20 02:27:16 | 000,321,964 | ---- | M] () -- C:\Users\Elena\Desktop\rendering.mb
[2011/12/20 02:18:11 | 000,115,884 | ---- | M] () -- C:\Users\Elena\Desktop\unfinishedtextures.jpg
[2011/12/20 02:17:49 | 008,831,586 | ---- | M] () -- C:\Users\Elena\Desktop\standintextures.psd
[2011/12/20 02:06:46 | 000,321,172 | ---- | M] () -- C:\Users\Elena\Desktop\coff22.mb
[2011/12/20 02:04:05 | 002,476,445 | ---- | M] () -- C:\Users\Elena\Desktop\pants_diffuse.psd
[2011/12/20 02:01:59 | 002,294,181 | ---- | M] () -- C:\Users\Elena\Desktop\coat_diffuse.psd
[2011/12/20 01:59:22 | 003,977,223 | ---- | M] () -- C:\Users\Elena\Desktop\coffin_diffuse.psd
[2011/12/20 01:25:34 | 005,810,906 | ---- | M] () -- C:\Users\Elena\Desktop\skin_diffuse.psd
[2011/12/20 00:47:58 | 001,100,280 | ---- | M] () -- C:\Users\Elena\Desktop\hat_diffuse.psd
[2011/12/20 00:27:20 | 000,422,608 | ---- | M] () -- C:\Users\Elena\Desktop\coff21.mb
[2011/12/20 00:26:53 | 000,279,004 | ---- | M] () -- C:\Users\Elena\Desktop\coffin_diffuse.png
[2011/12/20 00:26:32 | 000,265,361 | ---- | M] () -- C:\Users\Elena\Desktop\coat_diffuse.png
[2011/12/20 00:26:12 | 000,274,391 | ---- | M] () -- C:\Users\Elena\Desktop\pants_diffuse.png
[2011/12/20 00:25:41 | 000,283,948 | ---- | M] () -- C:\Users\Elena\Desktop\skin_diffuse.png
[2011/12/20 00:25:19 | 000,085,836 | ---- | M] () -- C:\Users\Elena\Desktop\hat_diffuse.png
[2011/12/20 00:15:32 | 000,416,884 | ---- | M] () -- C:\Users\Elena\Desktop\coff20.mb
[2011/12/19 23:57:41 | 000,404,636 | ---- | M] () -- C:\Users\Elena\Desktop\coff19.mb
[2011/12/19 23:52:14 | 000,396,016 | ---- | M] () -- C:\Users\Elena\Desktop\coff18.mb
[2011/12/19 23:46:21 | 000,393,104 | ---- | M] () -- C:\Users\Elena\Desktop\coff17.mb
[2011/12/19 23:31:59 | 000,380,272 | ---- | M] () -- C:\Users\Elena\Desktop\coff16.mb
[2011/12/19 23:15:04 | 000,099,058 | ---- | M] () -- C:\Users\Elena\Desktop\63680_1681852959924_1045577328_31895940_6422907_n.jpg
[2011/12/19 23:14:47 | 000,133,243 | ---- | M] () -- C:\Users\Elena\Desktop\Annie_SoulPortrait.jpg
[2011/12/19 22:39:18 | 000,001,260 | ---- | M] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk
[2011/12/19 22:20:59 | 496,064,085 | ---- | M] () -- C:\Users\Elena\Desktop\Manga_Studio_EX_4.0.rar
[2011/12/19 22:08:30 | 000,001,116 | ---- | M] () -- C:\Users\Elena\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk Maya 2011.lnk
[2011/12/19 22:08:30 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Maya 2011.lnk
[2011/12/19 18:55:22 | 000,001,021 | ---- | M] () -- C:\Users\Elena\Desktop\Dropbox.lnk
[2011/12/19 18:55:22 | 000,001,001 | ---- | M] () -- C:\Users\Elena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/12/18 02:21:36 | 000,411,892 | ---- | M] () -- C:\Users\Elena\Desktop\wtf.mb
[2011/12/18 02:04:11 | 000,384,696 | ---- | M] () -- C:\Users\Elena\Desktop\coff15.mb
[2011/12/15 07:05:36 | 001,689,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/12 08:04:10 | 000,001,149 | ---- | M] () -- C:\Users\Elena\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2011/12/12 08:04:09 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/08 14:53:23 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/12/05 20:18:27 | 000,001,012 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2011/12/05 20:18:07 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll
[2011/12/05 20:17:59 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll
[2011/12/05 20:17:59 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll
[2011/12/05 20:17:58 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2011/12/04 07:20:37 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/12/31 15:34:42 | 000,302,592 | ---- | C] () -- C:\Users\Elena\Desktop\hgf88ykd.exe
[2011/12/30 19:30:41 | 000,458,240 | ---- | C] () -- C:\Users\Elena\Desktop\CKScanner.exe
[2011/12/30 19:28:37 | 000,002,316 | ---- | C] () -- C:\Users\Elena\Desktop\Google Chrome.lnk
[2011/12/30 19:27:45 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1973003820-525972890-3920212309-1003UA.job
[2011/12/30 19:27:43 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1973003820-525972890-3920212309-1003Core.job
[2011/12/28 23:33:40 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/28 21:00:44 | 000,495,248 | ---- | C] () -- C:\Users\Elena\Desktop\tumblr_lwxnzag0VL1r7b9fxo5_r1_250.gif
[2011/12/27 19:08:55 | 091,262,610 | ---- | C] () -- C:\Users\Elena\Desktop\zip thing.zip
[2011/12/26 20:48:00 | 000,157,152 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2011/12/26 20:47:50 | 000,243,168 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/12/26 20:47:04 | 000,036,338 | ---- | C] () -- C:\Windows\atiogl.xml
[2011/12/26 20:47:02 | 000,208,016 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2011/12/26 20:47:01 | 000,204,960 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2011/12/26 20:47:01 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/12/26 20:46:41 | 002,044,928 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2011/12/26 16:45:34 | 010,194,740 | ---- | C] () -- C:\Users\Elena\Desktop\coffintoptextures.psd
[2011/12/26 16:23:45 | 000,624,861 | ---- | C] () -- C:\Users\Elena\Desktop\coffintoptextures.png
[2011/12/26 16:22:58 | 000,229,004 | ---- | C] () -- C:\Users\Elena\Desktop\onemap2.mb
[2011/12/26 12:52:25 | 000,339,548 | ---- | C] () -- C:\Users\Elena\Desktop\onemap1.mb
[2011/12/26 11:03:29 | 000,001,194 | ---- | C] () -- C:\Users\Elena\Desktop\mis.bmp
[2011/12/25 09:40:26 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/12/25 09:32:32 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/12/23 17:06:31 | 000,478,460 | ---- | C] () -- C:\Users\Elena\Documents\Story File.png
[2011/12/20 02:18:23 | 000,321,964 | ---- | C] () -- C:\Users\Elena\Desktop\rendering.mb
[2011/12/20 02:18:06 | 000,115,884 | ---- | C] () -- C:\Users\Elena\Desktop\unfinishedtextures.jpg
[2011/12/20 02:17:47 | 008,831,586 | ---- | C] () -- C:\Users\Elena\Desktop\standintextures.psd
[2011/12/20 00:53:10 | 000,321,172 | ---- | C] () -- C:\Users\Elena\Desktop\coff22.mb
[2011/12/20 00:49:48 | 002,294,181 | ---- | C] () -- C:\Users\Elena\Desktop\coat_diffuse.psd
[2011/12/20 00:48:27 | 003,977,223 | ---- | C] () -- C:\Users\Elena\Desktop\coffin_diffuse.psd
[2011/12/20 00:47:57 | 001,100,280 | ---- | C] () -- C:\Users\Elena\Desktop\hat_diffuse.psd
[2011/12/20 00:47:08 | 005,810,906 | ---- | C] () -- C:\Users\Elena\Desktop\skin_diffuse.psd
[2011/12/20 00:46:33 | 002,476,445 | ---- | C] () -- C:\Users\Elena\Desktop\pants_diffuse.psd
[2011/12/20 00:26:52 | 000,279,004 | ---- | C] () -- C:\Users\Elena\Desktop\coffin_diffuse.png
[2011/12/20 00:26:32 | 000,265,361 | ---- | C] () -- C:\Users\Elena\Desktop\coat_diffuse.png
[2011/12/20 00:26:11 | 000,274,391 | ---- | C] () -- C:\Users\Elena\Desktop\pants_diffuse.png
[2011/12/20 00:25:41 | 000,283,948 | ---- | C] () -- C:\Users\Elena\Desktop\skin_diffuse.png
[2011/12/20 00:25:18 | 000,085,836 | ---- | C] () -- C:\Users\Elena\Desktop\hat_diffuse.png
[2011/12/20 00:17:30 | 000,422,608 | ---- | C] () -- C:\Users\Elena\Desktop\coff21.mb
[2011/12/20 00:15:32 | 000,416,884 | ---- | C] () -- C:\Users\Elena\Desktop\coff20.mb
[2011/12/19 23:57:41 | 000,404,636 | ---- | C] () -- C:\Users\Elena\Desktop\coff19.mb
[2011/12/19 23:52:14 | 000,396,016 | ---- | C] () -- C:\Users\Elena\Desktop\coff18.mb
[2011/12/19 23:46:21 | 000,393,104 | ---- | C] () -- C:\Users\Elena\Desktop\coff17.mb
[2011/12/19 23:31:59 | 000,380,272 | ---- | C] () -- C:\Users\Elena\Desktop\coff16.mb
[2011/12/19 23:15:04 | 000,099,058 | ---- | C] () -- C:\Users\Elena\Desktop\63680_1681852959924_1045577328_31895940_6422907_n.jpg
[2011/12/19 23:14:47 | 000,133,243 | ---- | C] () -- C:\Users\Elena\Desktop\Annie_SoulPortrait.jpg
[2011/12/19 22:39:18 | 000,001,260 | ---- | C] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk
[2011/12/19 22:08:30 | 000,001,116 | ---- | C] () -- C:\Users\Elena\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk Maya 2011.lnk
[2011/12/19 22:08:30 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Maya 2011.lnk
[2011/12/19 22:07:33 | 496,064,085 | ---- | C] () -- C:\Users\Elena\Desktop\Manga_Studio_EX_4.0.rar
[2011/12/19 19:33:40 | 001,862,116 | ---- | C] () -- C:\Users\Elena\Desktop\coffin_top color.jpg
[2011/12/19 19:33:40 | 000,411,892 | ---- | C] () -- C:\Users\Elena\Desktop\wtf.mb
[2011/12/19 19:33:40 | 000,384,696 | ---- | C] () -- C:\Users\Elena\Desktop\coff15.mb
[2011/12/19 19:33:40 | 000,319,821 | ---- | C] () -- C:\Users\Elena\Desktop\grid51.jpg
[2011/12/05 20:18:27 | 000,001,012 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2011/11/02 20:25:17 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/09/04 14:32:25 | 000,000,080 | ---- | C] () -- C:\Windows\sierra.ini
[2011/08/09 20:56:14 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2011/07/22 21:20:19 | 000,137,544 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/07/22 21:19:53 | 000,189,480 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011/07/22 21:19:51 | 003,360,624 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2011/07/22 21:19:51 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/07/07 12:56:55 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/07/07 12:56:05 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/07/06 17:08:19 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/06/17 11:14:19 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/06/17 11:14:19 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/06/14 14:07:08 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2011/05/17 06:52:26 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxbtinst.dll
[2011/05/16 19:38:26 | 046,575,024 | ---- | C] () -- C:\ProgramData\cjr5200EN.exe
[2011/05/12 09:12:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/30 16:19:19 | 001,841,000 | ---- | C] () -- C:\Windows\System32\HPScanTRDrv_DJ3050A_J611.dll
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 001,689,912 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,659,192 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,116,936 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007/02/22 17:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbtcoin.dll
[2005/08/18 05:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbtvs.dll
[2005/05/25 08:07:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbtcnv4.dll
< End of report >
Extras:
OTL Extras logfile created on: 1/2/2012 10:57:46 AM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Elena\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.99 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 48.64% Memory free
5.98 Gb Paging File | 4.00 Gb Available in Paging File | 66.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.79 Gb Total Space | 21.78 Gb Free Space | 9.35% Space Free | Partition Type: NTFS
Computer Name: BASEMENTCOMP | User Name: Elena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{1637E594-321F-475A-9282-7E64B4E03D7D}_is1" = Subsonic
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0E}" = Atheros Wireless LAN Card
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{3070A9C6-D670-439A-21ED-ED0CB66B15FC}" = Catalyst Control Center Graphics Full Existing
"{30A4DD1D-FD55-4CE4-BA01-758E00BC0228}" = Greeting Card Factory Workshop 8.0
"{338AD4E5-9332-A678-5062-7A07ED70D6D4}" = ccc-core-static
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2011.0.0
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1D0591-14F7-736E-143A-62DC3E552A1A}" = Catalyst Control Center InstallProxy
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{52A4E146-A102-4ED0-970F-6B1715EB3C86}" = Quake Live Mozilla Plugin
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6406E3EA-9777-45B7-A0C0-89741E629352}" = Composite 2011
"{660787DD-68B3-4E67-9073-4A66DD7AD193}" = ASUS VGA Driver
"{67DEC296-C8CC-A5BE-0378-A25C760B78B4}" = Catalyst Control Center Graphics Full New
"{685DEA21-3622-455A-A41B-89557A168DFD}" = Ad-Aware
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{702EC1FF-A081-48AE-8363-8D78A0919F86}" = Autodesk DirectConnect 2010 R1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{774F2CE3-C9C9-BC80-1231-E9432F2756C3}" = ccc-utility
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{7EAC91E4-AFC3-8A6F-B802-218548D21873}" = Catalyst Control Center Core Implementation
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A864555-554E-4DE2-BB36-BC4810355525}" = Autodesk MatchMover 2011 32-bit
"{8BBB5E4C-3F5E-4C07-BFBE-33B34600783A}" = LogMeIn Hamachi
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{962F04A4-130E-F725-BFC3-F46E33889D0E}" = ATI AVIVO Codecs
"{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Help
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}" = Paint.NET v3.5.8
"{9E4F0E65-209E-4713-8BE2-7F8802BB3987}_is1" = War Inc Battlezone version 1.0.0
"{A059FB87-5DC3-0883-7D65-F68603CACDF1}" = Catalyst Control Center Graphics Previews Vista
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A942958E-AF92-7901-861B-7F373A1B6ABA}" = AMD Catalyst Install Manager
"{A961C6FD-C583-45F6-A0A4-5E4376C29E41}" = Catalyst Control Center - Branding
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB2228C5-EA86-44E1-AFF6-58B9CC260CE3}" = HP Deskjet 3050A J611 series Basic Device Software
"{AC075837-7071-4c07-B9A1-CF5586060FE1}" = Autodesk Maya 2011 English Documentation 32-bit
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C40DCEE3-A564-4692-B1D5-DA1F252BA3BC}" = HP Deskjet 3050A J611 series Product Improvement Study
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D45EC259-4A19-4656-B588-C2C360DD18EA}" = Half-Life(R) 2
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D98A4E05-4DED-A9BC-313F-DCD315A6A654}" = CCC Help English
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E4386119-2C33-4023-9836-783F43A90E3C}" = Autodesk Maya 2011 32-bit
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{ED7CED5A-26BF-DFD3-08AC-771E72D43F74}" = Catalyst Control Center Localization All
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3AB0933-B7D6-4C47-5523-922B49B37AE3}" = Catalyst Control Center Graphics Light
"{FA4BF139-4D09-462E-B4AF-E89C640224C0}" = Quake Live Internet Explorer Plugin
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink RT6x Wireless LAN Card
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection
"Battlelog Web Plugins" = Battlelog Web Plugins
"Combat Arms" = Combat Arms
"Crimson Editor SVN286" = Crimson Editor SVN286
"Crossrider" = Crossrider Web Apps
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESN Sonar-0.70.0" = ESN Sonar
"Free PDF Tablet" = Free PDF Tablet 0.1
"Giraffic" = Veoh Giraffic Video Accelerator
"GOM Player" = GOM Player
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"Half-Life: Counter-Strike" = Half-Life: Counter-Strike
"HP Photo Creations" = HP Photo Creations
"iLivid" = iLivid
"Lexmark 5200 Series" = Lexmark 5200 Series
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"Manga Studio EX 4.0" = Manga Studio EX 4.0
"MapleStory" = MapleStory
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"NSS" = Norton Security Scan
"NST" = Norton Safe Web Lite
"OpenAL" = OpenAL
"Pen Tablet Driver" = Bamboo
"PunkBusterSvc" = PunkBuster Services
"Quake 3 Fortress" = Quake 3 Fortress
"RealPlayer 15.0" = RealPlayer
"StartNow Toolbar" = StartNow Toolbar
"Steam App 10" = Counter-Strike
"Steam App 107900" = War Inc. Battlezone
"Steam App 113400" = APB Reloaded
"Steam App 130" = Half-Life: Blue Shift
"Steam App 13140" = America's Army 3
"Steam App 17020" = Global Agenda
"Steam App 17700" = Insurgency
"Steam App 20" = Team Fortress Classic
"Steam App 220" = Half-Life 2
"Steam App 22350" = Brink
"Steam App 22380" = Fallout: New Vegas
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 30" = Day of Defeat
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 38830" = Crimecraft: BLEEDOUT
"Steam App 40" = Deathmatch Classic
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 440" = Team Fortress 2
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 48010" = LIMBO Demo
"Steam App 50" = Half-Life: Opposing Force
"Steam App 520" = Team Fortress 2 Beta
"Steam App 60" = Ricochet
"Steam App 620" = Portal 2
"Steam App 630" = Alien Swarm
"Steam App 70" = Half-Life
"Steam App 70000" = Dino D-Day
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 99900" = Spiral Knights
"Unity" = Unity
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 1.1.9
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"YTdetect" = Yahoo! Detect
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1973003820-525972890-3920212309-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 12/28/2011 8:22:57 AM | Computer Name = BasementComp | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/28/2011 3:04:39 PM | Computer Name = BasementComp | Source = Application Error | ID = 1000
Description = Faulting application name: hl2.exe, version: 0.0.0.0, time stamp:
0x4ea78f27 Faulting module name: filesystem_steam.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ee862ad Exception code: 0xc0000005 Fault offset: 0x6916f119 Faulting
process id: 0x672c Faulting application start time: 0x01ccc590e86d2266 Faulting application
path: c:\program files\steam\steamapps\parks911\team fortress 2\hl2.exe Faulting
module path: filesystem_steam.dll Report Id: c9fff5a2-3186-11e1-9042-89893efe3fa9
Error - 12/29/2011 9:55:12 AM | Computer Name = BasementComp | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: GenericAskToolbar.dll_unloaded, version:
0.0.0.0, time stamp: 0x4e547bf8 Exception code: 0xc0000005 Fault offset: 0x53b5bec0
Faulting
process id: 0x3598 Faulting application start time: 0x01ccc631747903d8 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: GenericAskToolbar.dll
Report
Id: ba09b156-3224-11e1-a514-b93a2a6d2da9
Error - 12/29/2011 10:18:07 AM | Computer Name = BasementComp | Source = VSS | ID = 8194
Description =
Error - 12/29/2011 10:54:38 AM | Computer Name = BasementComp | Source = Application Hang | ID = 1002
Description = The program realplay.exe version 15.0.0.198 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 38d4 Start
Time: 01ccc639a7b61c3a Termination Time: 5 Application Path: C:\Program Files\Real\RealPlayer\realplay.exe
Report
Id: f8bb6353-322c-11e1-a514-b93a2a6d2da9
Error - 12/29/2011 4:44:26 PM | Computer Name = BasementComp | Source = Application Error | ID = 1000
Description = Faulting application name: hl2.exe, version: 0.0.0.0, time stamp:
0x4ea78f27 Faulting module name: filesystem_steam.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ee862ad Exception code: 0xc0000005 Fault offset: 0x6d13f119 Faulting
process id: 0x1b58 Faulting application start time: 0x01ccc666d474a1d9 Faulting application
path: c:\program files\steam\steamapps\parks911\team fortress 2\hl2.exe Faulting
module path: filesystem_steam.dll Report Id: e4f0f45f-325d-11e1-a514-b93a2a6d2da9
Error - 12/29/2011 7:59:41 PM | Computer Name = BasementComp | Source = Application Error | ID = 1000
Description = Faulting application name: hl2.exe, version: 0.0.0.0, time stamp:
0x4ea78f27 Faulting module name: filesystem_steam.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ee862ad Exception code: 0xc0000005 Fault offset: 0x6d13f119 Faulting
process id: 0x3fdc Faulting application start time: 0x01ccc681536efc01 Faulting application
path: c:\program files\steam\steamapps\parks911\team fortress 2\hl2.exe Faulting
module path: filesystem_steam.dll Report Id: 2bccabc6-3279-11e1-a514-b93a2a6d2da9
Error - 12/30/2011 1:49:01 AM | Computer Name = BasementComp | Source = Application Error | ID = 1000
Description = Faulting application name: hl2.exe, version: 0.0.0.0, time stamp:
0x4ea78f27 Faulting module name: filesystem_steam.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4ee862ad Exception code: 0xc0000005 Fault offset: 0x6cbdf119 Faulting
process id: 0x2fd8 Faulting application start time: 0x01ccc6b12f462053 Faulting application
path: c:\program files\steam\steamapps\parks911\team fortress 2\hl2.exe Faulting
module path: filesystem_steam.dll Report Id: f8ab2cab-32a9-11e1-a514-b93a2a6d2da9
Error - 12/31/2011 9:53:13 AM | Computer Name = BasementComp | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Autodesk\Composite
2011\python\lib\distutils\command\wininst-8_d.exe". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 12/31/2011 4:04:11 PM | Computer Name = BasementComp | Source = Application Error | ID = 1000
Description = Faulting application name: TESV.exe, version: 1.3.10.0, time stamp:
0x4ee667a4 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x25514b20 Faulting process id: 0x3f80 Faulting application
start time: 0x01ccc7cdf8112d7d Faulting application path: c:\program files\steam\steamapps\common\skyrim\TESV.exe
Faulting
module path: unknown Report Id: 9a79e3ed-33ea-11e1-820d-994feb1fa2a9
[ System Events ]
Error - 12/31/2011 4:26:51 PM | Computer Name = BasementComp | Source = Service Control Manager | ID = 7023
Description = The Message Queuing service terminated with the following error: %%-2147024877
Error - 12/31/2011 4:28:13 PM | Computer Name = BasementComp | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error - 1/1/2012 7:55:00 AM | Computer Name = BasementComp | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 1/1/2012 9:18:25 AM | Computer Name = BasementComp | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
Error - 1/1/2012 10:07:13 PM | Computer Name = BasementComp | Source = SNMP | ID = 16713180
Description = The SNMP Service encountered an error while accessing the registry
key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error - 1/1/2012 10:53:01 PM | Computer Name = BasementComp | Source = BROWSER | ID = 8032
Description =
Error - 1/2/2012 7:56:12 AM | Computer Name = BasementComp | Source = DCOM | ID = 10010
Description =
Error - 1/2/2012 7:56:08 AM | Computer Name = BasementComp | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NSL service.
Error - 1/2/2012 7:57:46 AM | Computer Name = BasementComp | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 1/2/2012 7:57:48 AM | Computer Name = BasementComp | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
< End of report >
GMER:
GMER 1.0.15.15641 -
http://www.gmer.netRootkit scan 2012-01-02 10:51:10
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD2500AAKS-00F0A0 rev.12.01B02
Running: hgf88ykd.exe; Driver: C:\Users\Elena\AppData\Local\Temp\awdoipob.sys
---- Kernel code sections - GMER 1.0.15 ----
.text ntkrnlpa.exe!ZwSaveKey + 13D1 82C3E369 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C77D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x95C2C000, 0x3BEEC5, 0xE8000020]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----