Hi and thanks for helping me. I ran the first scan but there was no extras text file minimized and when I did a search on my computer, no extras.txt anywhere.
OTL logfile created on: 5/28/2012 3:36:00 PM - Run 8
OTL by OldTimer - Version 3.2.43.2 Folder = C:\Users\Lightning\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
11.99 Gb Total Physical Memory | 8.90 Gb Available Physical Memory | 74.19% Memory free
23.98 Gb Paging File | 20.46 Gb Available in Paging File | 85.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1854.96 Gb Total Space | 1272.25 Gb Free Space | 68.59% Space Free | Partition Type: NTFS
Computer Name: LIGHTNING-PC | User Name: Lightning | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/05/28 15:35:01 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Lightning\Desktop\OTL.exe
PRC - [2012/05/15 05:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/04/25 20:34:42 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/02/29 22:47:22 | 000,318,344 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2011/10/14 01:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2011/04/12 15:29:02 | 000,953,232 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
PRC - [2010/11/05 17:50:08 | 000,014,792 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
PRC - [2010/11/05 17:46:10 | 000,069,584 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2010/11/05 17:42:36 | 000,016,832 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
PRC - [2010/07/07 13:27:16 | 001,268,224 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2010/03/03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 21:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/12 11:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/10/13 09:39:04 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/09/22 16:57:50 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
PRC - [2009/07/27 15:48:34 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Silicon Image\SiI31xx HBA Wakeup Utility\SiHbaWakeupService.exe
PRC - [2009/04/09 12:06:00 | 000,241,789 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
PRC - [2007/12/19 12:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
PRC - [2006/11/24 16:24:16 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
========== Modules (No Company Name) ========== MOD - [2012/05/15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012/05/09 16:50:27 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
MOD - [2012/05/09 16:49:28 | 000,196,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0a80fd3af7e48eb9cc9099fee5814dff\UIAutomationTypes.ni.dll
MOD - [2012/05/09 16:49:20 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 16:49:18 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll
MOD - [2012/05/09 16:49:18 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/05/09 16:49:18 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll
MOD - [2012/05/09 16:49:16 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\4837a5c6204d53e7aa4f7dd94b98207c\System.Xml.Linq.ni.dll
MOD - [2012/05/09 16:48:59 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/09 16:48:55 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\62c1a496dff99a6e5f5e4278d31ca4c1\Accessibility.ni.dll
MOD - [2012/05/09 16:47:27 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\635b3aec298ad5e8c903b2323d79cc5a\IAStorUtil.ni.dll
MOD - [2012/05/09 03:13:33 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\041b1bcf6ae9ab58925791d8198c37e2\PresentationFramework.ni.dll
MOD - [2012/05/09 03:13:25 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a1de74c8d0dfd15e3246e5dd394013bf\PresentationCore.ni.dll
MOD - [2012/05/09 03:13:19 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\4b7adff986a085bb562222d0c5fdf5aa\WindowsBase.ni.dll
MOD - [2012/05/09 03:13:19 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012/05/09 03:11:16 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll
MOD - [2012/05/09 03:11:12 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 03:10:46 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll
MOD - [2012/05/09 03:10:42 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll
MOD - [2012/05/09 03:10:25 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/09 03:10:22 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/09 03:10:20 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/09 03:10:19 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/09 03:10:16 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/09 03:10:11 | 013,197,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9ee9841d9e33fe5dceba4cd7d90f2ae0\System.Windows.Forms.ni.dll
MOD - [2012/05/09 03:10:06 | 001,665,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\03b5233f1511f5fdb39eb681b04e5506\System.Drawing.ni.dll
MOD - [2012/05/09 03:09:55 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/05/09 03:09:32 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
MOD - [2012/05/09 03:09:31 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/09 03:09:29 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/05/09 03:09:27 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/09 03:09:24 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/09 03:09:20 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/05/04 19:09:15 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/04/25 20:34:42 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010/11/05 17:42:36 | 000,016,832 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
MOD - [2010/01/12 16:36:00 | 000,177,664 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009/12/29 17:50:00 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2009/09/22 16:57:50 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
MOD - [2009/02/27 13:52:56 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\sqlite.dll
MOD - [2006/11/24 16:24:16 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\DeathAdder\razertra.exe
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:
64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2011/09/20 12:52:38 | 001,085,216 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:
64bit: - [2011/08/11 18:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:
64bit: - [2011/01/14 18:11:02 | 000,163,328 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe -- (BrcmMgmtAgent)
SRV:
64bit: - [2010/11/05 17:42:44 | 000,015,296 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:
64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/16 15:44:59 | 000,530,216 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/15 05:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/05/04 19:09:16 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/25 20:34:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2012/01/06 05:28:48 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2012/01/06 05:24:24 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/12/09 15:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2011/10/14 01:01:50 | 000,994,360 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 01:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\Program Files (x86)\AlienRespawn\SftService.exe -- (SftService)
SRV - [2010/12/07 16:27:45 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/12/07 16:15:32 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/04/26 19:10:14 | 000,232,944 | ---- | M] (CyberLink) [Auto | Stopped] -- c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9EC60124)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/12 11:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/10/13 09:39:04 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/07/27 15:48:34 | 000,062,464 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Silicon Image\SiI31xx HBA Wakeup Utility\SiHbaWakeupService.exe -- (SiHbaWakeupService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/09/04 19:31:22 | 000,180,224 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/04/18 12:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:
64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:
64bit: - [2012/03/05 03:49:56 | 000,019,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys -- (AWOPFilterDriver)
DRV:
64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/02/12 21:57:28 | 000,076,800 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:
64bit: - [2012/01/04 09:28:36 | 000,016,640 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtkdrv.sys -- (TrojanKillerDriver)
DRV:
64bit: - [2011/09/20 18:36:50 | 000,620,584 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:
64bit: - [2011/09/20 18:36:50 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:
64bit: - [2011/09/20 18:36:44 | 000,178,728 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:
64bit: - [2011/09/20 18:36:44 | 000,167,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:
64bit: - [2011/09/20 18:36:44 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:
64bit: - [2011/09/20 18:36:44 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:
64bit: - [2011/08/22 16:14:14 | 000,121,856 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\basp.sys -- (Blfp)
DRV:
64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:
64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:
64bit: - [2011/05/19 16:55:34 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:
64bit: - [2011/03/31 15:01:50 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:
64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010/12/27 15:36:32 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:
64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:
64bit: - [2010/10/13 12:39:52 | 000,014,928 | ---- | M] (Dell/Alienware) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mio.sys -- (mio)
DRV:
64bit: - [2010/09/01 03:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:
64bit: - [2010/07/07 15:21:18 | 001,612,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k)
DRV:
64bit: - [2010/07/07 15:21:06 | 001,567,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:
64bit: - [2010/07/07 15:20:56 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:
64bit: - [2010/07/07 15:20:48 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:
64bit: - [2010/07/07 15:20:40 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:
64bit: - [2010/07/07 15:16:32 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:
64bit: - [2010/07/07 15:16:24 | 000,697,816 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:
64bit: - [2010/07/07 15:16:14 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:
64bit: - [2010/07/07 15:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:
64bit: - [2010/07/07 15:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:
64bit: - [2010/07/07 15:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:
64bit: - [2010/07/07 15:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:
64bit: - [2010/07/07 15:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:
64bit: - [2010/07/07 15:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:
64bit: - [2010/03/22 18:29:12 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:
64bit: - [2009/10/16 06:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:
64bit: - [2009/08/13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:
64bit: - [2009/07/29 21:14:10 | 000,090,664 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SI3132.sys -- (SI3132)
DRV:
64bit: - [2009/07/29 21:14:10 | 000,022,056 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
DRV:
64bit: - [2009/07/29 21:14:10 | 000,017,448 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil)
DRV:
64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (1394hub)
DRV:
64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009/04/21 19:08:10 | 000,012,800 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\danew.sys -- (danewFltr)
DRV:
64bit: - [2007/08/02 18:33:04 | 000,012,672 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dadder.sys -- (DAdderFltr)
DRV:
64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007/09/04 19:26:38 | 000,039,968 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\Windows\nvoclk64.sys -- (NVR0Dev)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-633762127-47815373-1907182395-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
http://support.alienware.com [binary data]
IE - HKU\S-1-5-21-633762127-47815373-1907182395-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-633762127-47815373-1907182395-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://www.google.com/IE - HKU\S-1-5-21-633762127-47815373-1907182395-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-633762127-47815373-1907182395-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-633762127-47815373-1907182395-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://isearch.avg.com/search?cid={E49B0E12-EE88-49C0-AA6E-16841194F8D3}&mid=aba078c88b6d47d0bbc775f39d19984a-cc04f510db957582d76f29708ac65f9e9e17c9a1&lang=en&ds=is015&pr=sa&d=2012-05-03 14:31:26&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-633762127-47815373-1907182395-1000\..\SearchScopes\{EDA8FA1E-2D67-497A-A3BD-C22850C3975C}: "URL" =
http://searchya.com/?chnl=ft-100&s=1&cr ... DtBtCyD&q={searchTerms}
IE - HKU\S-1-5-21-633762127-47815373-1907182395-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-633762127-47815373-1907182395-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..keyword.URL: "https://www.google.com/"
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Lightning\AppData\Roaming\Mozilla\Firefox\Profiles\fb08nrxg.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/25 20:34:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/17 13:11:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/01/18 20:44:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2010/12/10 23:04:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lightning\AppData\Roaming\Mozilla\Extensions
[2012/05/24 02:57:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lightning\AppData\Roaming\Mozilla\Firefox\Profiles\fb08nrxg.default\extensions
[2011/09/23 09:13:43 | 000,000,000 | ---D | M] () -- C:\Users\Lightning\AppData\Roaming\Mozilla\Firefox\Profiles\fb08nrxg.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2012/05/22 15:46:36 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Lightning\AppData\Roaming\Mozilla\Firefox\Profiles\fb08nrxg.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012/05/19 21:07:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Lightning\AppData\Roaming\Mozilla\Firefox\Profiles\fb08nrxg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/04/21 13:14:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/05 18:43:10 | 000,512,595 | ---- | M] () (No name found) -- C:\USERS\LIGHTNING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FB08NRXG.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE30}.XPI
[2012/05/24 02:57:36 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\LIGHTNING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FB08NRXG.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/05/17 19:38:03 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\LIGHTNING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FB08NRXG.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2012/04/17 15:49:01 | 000,008,001 | ---- | M] () (No name found) -- C:\USERS\LIGHTNING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FB08NRXG.DEFAULT\EXTENSIONS\TINEYE@IDEEINC.COM.XPI
[2012/04/25 20:34:42 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/17 03:07:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/09 12:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012/04/25 20:34:41 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/05/03 14:31:24 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/19 10:08:38 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/25 20:34:41 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/04/25 20:34:41 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/04/25 20:34:42 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/04/25 20:34:41 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ========== CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url =
http://isearch.avg.com/search?cid={E49B0E12-EE88-49C0-AA6E-16841194F8D3}&mid=aba078c88b6d47d0bbc775f39d19984a-cc04f510db957582d76f29708ac65f9e9e17c9a1&lang=en&ds=is015&pr=sa&d=2012-05-03 14:31:26&v=11.0.0.9&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url =
http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Lightning\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Lightning\AppData\Roaming\Mozilla\Firefox\Profiles\fb08nrxg.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Lightning\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Lightning\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Lightning\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/05/20 23:43:06 | 000,001,392 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 69.10.57.36
www.google-analytics.com.
O1 - Hosts: 69.10.57.36 ad-emea.doubleclick.net.
O1 - Hosts: 69.10.57.36
www.statcounter.com.
O1 - Hosts: 108.163.215.51
www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51
www.statcounter.com.
O2:
64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O4:
64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:
64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Microsoft)
O4:
64bit: - HKLM..\Run: [Launch Keyboard CI] c:\Program Files\Alienware\Alienware TactX Keyboard CI\txkbci.exe (Alienware)
O4:
64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.)
O4:
64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\.DEFAULT..\Run: [CtxfiReg] C:\Windows\SysWow64\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-18..\Run: [CtxfiReg] C:\Windows\SysWow64\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-633762127-47815373-1907182395-1000..\Run: [DriverMax_RESTART] File not found
O4 - HKU\S-1-5-21-633762127-47815373-1907182395-1011..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-633762127-47815373-1907182395-1011..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-633762127-47815373-1907182395-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-633762127-47815373-1907182395-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-633762127-47815373-1907182395-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-633762127-47815373-1907182395-1011\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:
64bit: - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:
64bit: - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-633762127-47815373-1907182395-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-633762127-47815373-1907182395-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-633762127-47815373-1907182395-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-633762127-47815373-1907182395-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-633762127-47815373-1907182395-1011\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-21-633762127-47815373-1907182395-1011\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-21-633762127-47815373-1907182395-1011\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-21-633762127-47815373-1907182395-1011\..Trusted Domains: sony.com ([]* in )
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3}
http://support.dell.com/systemprofiler/ ... emLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E}
http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF}
http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29}
http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E43AB5AF-E531-4A4B-981B-9223A8A2D4E1}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2012/05/28 15:35:19 | 002,127,448 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Lightning\Desktop\tdsskiller.exe
[2012/05/28 15:34:59 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Lightning\Desktop\OTL.exe
[2012/05/27 20:34:05 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{6AEDF530-84CF-46AC-B1BA-98C6B595E5CD}
[2012/05/27 20:33:44 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{083DDD71-C4DF-4C1A-BBD7-203F6F24E8AE}
[2012/05/26 21:16:31 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{5691ADCC-8681-4233-B149-73F301719B4B}
[2012/05/26 21:16:20 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{16874EB0-37DE-4742-9ABD-703BFE20AC39}
[2012/05/26 06:54:18 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{386521FE-D231-4296-80CF-F2FC25B20F1E}
[2012/05/26 06:53:57 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{1A75D92D-A0E8-4FB1-91B4-3AB2A04DF8C8}
[2012/05/25 18:53:31 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{51E4308C-0B0E-44B1-8EF9-AAC45511256E}
[2012/05/25 18:53:20 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{8AA97310-670A-4D66-A333-85AFB9F6DACA}
[2012/05/25 18:52:44 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{CF380FFD-3B4B-4EC0-BABB-2FC53A28D7EB}
[2012/05/25 18:52:21 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{58D2B005-1AD7-4D10-952F-451B28B516CC}
[2012/05/24 21:36:53 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{E64372C4-FEE1-4758-AD1F-FC431360B1C3}
[2012/05/24 21:36:22 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{A638D759-D983-4CDA-98E5-1185C2D1EFC0}
[2012/05/24 05:51:18 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Lightning\Desktop\dds.scr
[2012/05/24 03:14:00 | 000,000,000 | ---D | C] -- C:\Users\Lightning\Desktop\june 2012
[2012/05/23 18:30:57 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{7BAB18E2-0345-477B-A322-78BA2930A22D}
[2012/05/23 18:30:46 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{BB80044A-27DD-4568-A6B8-90F3BCC15D2A}
[2012/05/22 21:28:37 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/05/22 21:28:37 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/05/22 21:28:37 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/05/22 21:28:37 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/05/22 21:28:37 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/05/22 21:28:37 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/05/22 21:28:37 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/05/22 21:28:37 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/05/22 21:28:37 | 000,818,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/05/22 21:28:37 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/05/22 21:28:37 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/05/22 21:28:37 | 000,246,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/05/22 21:28:37 | 000,202,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/05/22 21:28:37 | 000,188,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012/05/22 21:28:37 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012/05/22 21:28:36 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/05/22 21:28:36 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/05/22 21:28:36 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/05/22 21:22:28 | 168,454,136 | ---- | C] (NVIDIA Corporation) -- C:\Users\Lightning\Desktop\301.42-desktop-win7-winvista-64bit-english-whql.exe
[2012/05/22 15:46:36 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{08496945-B200-4845-8F5D-625317B58129}
[2012/05/22 15:46:25 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{5555DA86-B1D2-4B27-8DC3-4DB836AB5FF0}
[2012/05/22 03:35:03 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{B402261C-0006-43FD-ACBD-14EE7985C9D9}
[2012/05/22 03:34:52 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{F46CE1F7-7274-4FA1-B889-7282B50E1D2B}
[2012/05/22 03:34:42 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{5490BD05-34BF-4615-867C-B579544822E6}
[2012/05/22 03:34:31 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{15173883-3AE6-4676-8C34-49A93C5E183E}
[2012/05/22 03:34:10 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{9CB6E20C-16A8-4AF4-9BC2-C4A777A319E2}
[2012/05/22 03:32:52 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{BB76A48C-91C5-4792-8B44-2BA1A7393043}
[2012/05/21 19:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/05/21 19:37:49 | 006,151,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/05/21 19:37:49 | 003,149,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/05/21 19:37:49 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/05/21 19:37:49 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/05/21 19:37:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/05/21 19:37:16 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/05/21 19:37:16 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/05/21 19:37:16 | 010,194,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/05/21 19:37:16 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/05/21 19:37:16 | 002,741,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/05/21 19:37:16 | 001,738,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/05/21 19:37:16 | 001,468,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012/05/21 19:37:16 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012/05/21 19:37:16 | 000,949,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/05/21 19:37:16 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/05/21 19:37:16 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/05/21 19:25:39 | 166,448,312 | ---- | C] (NVIDIA Corporation) -- C:\Users\Lightning\Desktop\296.10-desktop-win7-winvista-64bit-english-whql.exe
[2012/05/21 19:14:21 | 000,372,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2012/05/21 19:14:12 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\NVIDIA Corporation
[2012/05/21 19:13:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA nTune Performance Application
[2012/05/21 15:23:52 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{695A79C2-D774-4B05-8836-CF4D4C6F8013}
[2012/05/21 15:23:42 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{7B355EC0-7E15-43C7-B562-AF4E8DD9D68D}
[2012/05/20 18:00:47 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{DB9EE5E3-BCB2-4489-8A4B-1F5D3D8417B7}
[2012/05/20 18:00:37 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{480D3817-F403-4BA6-81BF-D6B56BF03F56}
[2012/05/20 05:09:51 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{3E5F4D3D-494A-46DB-B2A6-517E5865FAF3}
[2012/05/20 05:09:29 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{FC2098F1-6104-4186-931E-9342F7F66486}
[2012/05/19 17:09:04 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{0286F34E-FF9A-4042-80E3-1C9D8987EEEB}
[2012/05/19 17:08:53 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{23DDD0B7-A008-460B-BF1D-88EF14C2FAFA}
[2012/05/19 04:49:40 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{B17B0578-8C27-45BA-839E-4977E02BECEF}
[2012/05/19 04:49:18 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{1805F74D-429B-455A-B089-47BE66E13C23}
[2012/05/18 20:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/05/18 20:26:18 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/05/18 20:26:18 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/05/18 20:26:18 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/05/18 20:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/05/18 20:25:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/05/18 20:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/05/18 20:25:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012/05/18 20:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012/05/18 20:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/05/18 20:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012/05/18 20:25:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012/05/18 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\Lightning\Documents\CAPCOM
[2012/05/18 16:48:53 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{F189A3B2-94A4-497C-A7C9-A1D6B3AAC1A3}
[2012/05/18 16:48:30 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{36B14775-2FCD-4C74-AF86-0A2886F176CC}
[2012/05/17 21:41:41 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\Razer
[2012/05/17 21:41:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2012/05/17 19:37:25 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{3855A4A5-21D6-4A8D-B5E8-AE1368D19F9C}
[2012/05/17 19:37:03 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{0AF56C2D-CB34-42AD-BDE4-920F275B4B5D}
[2012/05/17 03:58:28 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{8CC8A56C-3836-4A5D-83F1-E0BD93665C70}
[2012/05/17 03:58:17 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{1BE0983F-6804-487C-AEC7-914FAAB4E254}
[2012/05/16 15:58:04 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{5BE81193-AD0F-46B8-ADFD-74990CDCB0D3}
[2012/05/16 15:57:53 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{0BA64573-696A-4E67-A94C-3AD7CDB089F5}
[2012/05/15 20:16:43 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{E75028C4-70DF-4107-9CBF-3EF596F12B9E}
[2012/05/15 20:16:32 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{218AA661-9B58-44AB-BAC2-A81055215E03}
[2012/05/15 00:58:36 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{7ACCF44C-0D4B-4C6F-8527-312333CA5215}
[2012/05/15 00:57:46 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{D5300770-F350-44F0-9209-A15003EF8BDB}
[2012/05/14 13:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/05/14 13:23:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/05/14 13:23:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/05/14 12:57:33 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{92E86B17-5B88-4709-BB0F-1D4206397A32}
[2012/05/14 12:57:11 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{9F4A09C6-B8B6-450C-95C5-B7B810267CBE}
[2012/05/13 19:28:44 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{78E4DA42-CCF5-4838-BA8E-C0779EED6898}
[2012/05/13 19:28:33 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{E065DB90-86C0-47FA-8D3A-520976B10133}
[2012/05/12 19:55:11 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{25B3C571-C789-4DEF-9816-99A4AAC3F68D}
[2012/05/12 19:55:00 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{06640C94-44C7-4D6A-8813-E7A1A7DD76A5}
[2012/05/12 02:38:44 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{ADCA69E0-44C4-449E-AE87-8402FC71DE8D}
[2012/05/12 02:38:23 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{8644B141-1767-4AF7-8B90-A0BAAAE6A91D}
[2012/05/11 14:37:57 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{5CF25E04-73C8-41A5-A001-6CE49E693D0D}
[2012/05/11 14:37:46 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{E53F95B3-4557-4C13-AC7D-F9D65EE88FE6}
[2012/05/11 02:31:35 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{F91E865A-A19C-47C7-9907-23D748E461D9}
[2012/05/11 02:31:13 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{05E27C7F-DB0C-4D65-AB15-57837B9AA8CC}
[2012/05/10 14:31:00 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{E5D174FB-3645-405F-B53A-28BA1B4BDC4F}
[2012/05/10 14:30:39 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{63529318-2197-4596-AB4D-9E9EAE390788}
[2012/05/10 02:30:13 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{6A69C422-5C5C-4D84-8820-4926B9F4B3B2}
[2012/05/10 02:29:52 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{0438930B-287B-4833-8987-6240411B0B6F}
[2012/05/09 14:29:39 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{0267D066-EF50-4C49-AFDB-374A41B5C182}
[2012/05/09 14:29:28 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{898F34E2-7B21-4A73-90AB-B819C3C01FEB}
[2012/05/09 03:01:35 | 000,000,000 | ---D | C] -- C:\e6e8d012520a8e56c76bc7665b9488
[2012/05/08 21:52:23 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/05/08 21:52:18 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/05/08 21:52:16 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/05/08 21:52:15 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/05/08 15:01:03 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{8FAFC6F2-BF55-49DE-9587-FDA13F2CB5BD}
[2012/05/08 15:00:41 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{E12635CD-754C-43D5-821A-2322F8619B2A}
[2012/05/08 03:00:17 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{BEC338E6-BC3B-4CAE-9A47-644AB45A6262}
[2012/05/08 02:59:55 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{2C087274-22D2-4A0E-947B-2A72656076D7}
[2012/05/07 14:59:42 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{1D94EA2E-2D67-46A9-8171-DC756D842203}
[2012/05/07 14:59:20 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{6FC8C58A-A257-4650-8808-3AE9DEE31400}
[2012/05/07 02:58:56 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{56F87393-BA28-479B-9F16-D23406A85934}
[2012/05/07 02:58:35 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{C9CFBF69-030C-4995-A8A4-AEB2F836A6AD}
[2012/05/06 14:58:21 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{D9098F0C-F754-44ED-9C5A-EE73C06E4754}
[2012/05/06 14:57:59 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{B22849BF-F535-4B15-85D9-A488B2555F00}
[2012/05/06 02:57:35 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{04E72FB9-2CBA-4AE7-8016-E37A24387E94}
[2012/05/06 02:57:13 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{EAF4D99A-0FFE-472A-8C5B-90B55B9219AE}
[2012/05/05 14:57:00 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{D720956D-6D99-437D-8C44-9952C1B5D36C}
[2012/05/05 14:56:49 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{036A2801-81C5-46B8-882D-3E86A970688E}
[2012/05/05 02:54:02 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{BFAEEF38-DC67-4B4A-B8F3-C31AEB70D95A}
[2012/05/05 02:53:40 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{BB4330C9-4CCE-42A0-A967-7D6B4CEB1045}
[2012/05/04 15:09:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2012/05/04 14:53:24 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{5C8AEAD7-AE7C-40B4-8594-B85F5967E9D4}
[2012/05/04 14:53:02 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{9F4A72B9-38EE-45C5-95DB-FC69F619DB20}
[2012/05/04 02:49:46 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{538529CE-4138-4632-B24F-5231549469BB}
[2012/05/04 02:49:24 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{F2E6B971-2A3F-41B9-A3E6-0918C5672364}
[2012/05/03 14:49:11 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{73E86C5C-215F-479A-B36A-637A7DF38DF5}
[2012/05/03 14:48:50 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{0950AE19-799E-4194-9DE0-498EDCD1C910}
[2012/05/03 14:32:32 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\Innovative Solutions
[2012/05/03 14:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Innovative Solutions
[2012/05/03 14:30:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/05/03 02:48:25 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{301DEB12-2569-4E72-B223-34BE50A156DD}
[2012/05/03 02:48:03 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{95BF36DE-189E-4188-A4F2-50EC68FDF560}
[2012/05/02 14:47:49 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{A97C69AB-4FE3-4A15-AD53-94305EB49E8A}
[2012/05/02 14:47:38 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{0799BCB6-5EB1-46FB-8944-72D0A33DA132}
[2012/05/01 16:34:32 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{F99D9B7F-A6DA-4323-A171-D6004303022C}
[2012/05/01 16:34:10 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{4CE64A14-166F-4DDA-918E-6CE3BB4ED233}
[2012/05/01 04:33:45 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{15071BF1-7FEE-406A-AB07-68272DF842A0}
[2012/05/01 04:33:23 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{8F859861-7DBD-40A0-B0D1-6C0C486E4714}
[2012/05/01 03:00:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/04/30 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{79775016-1C83-400A-9019-6E7A2C7A56BA}
[2012/04/30 16:32:49 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{AF0C0804-AC4D-47DE-8742-C5137D76E5BC}
[2012/04/30 04:32:23 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{007421F4-B7A9-4A7F-9FDC-F39CE8B9E252}
[2012/04/30 04:32:02 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{E7C6821C-F57E-4B7D-97FA-091C8C4BE880}
[2012/04/29 16:31:35 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{1358A382-AB1E-4928-8B00-1748C215A250}
[2012/04/29 16:31:24 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{FC5B258E-EA63-4770-AA99-9F518A903DF4}
[2012/04/29 06:33:15 | 000,000,000 | ---D | C] -- C:\Users\Lightning\AppData\Local\{40F7C910-B02E-4C0C-A106-A53A8A18DA96}
========== Files - Modified Within 30 Days ========== [2012/05/28 15:39:42 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/28 15:39:42 | 000,020,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/28 15:37:48 | 000,796,026 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/28 15:37:48 | 000,671,192 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/28 15:37:48 | 000,126,278 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/28 15:35:21 | 002,127,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Lightning\Desktop\tdsskiller.exe
[2012/05/28 15:35:01 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Lightning\Desktop\OTL.exe
[2012/05/28 15:33:31 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/28 15:32:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/28 15:31:56 | 1066,582,014 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/28 04:04:59 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{0000000A-00000000-00000000-00001102-0000000B-00441102}.rfx
[2012/05/28 04:04:59 | 000,062,308 | ---- | M] () -- C:\Windows\SysNative\BMXState-{0000000A-00000000-00000000-00001102-0000000B-00441102}.rfx
[2012/05/28 04:04:59 | 000,000,820 | ---- | M] () -- C:\Windows\SysNative\DVCState-{0000000A-00000000-00000000-00001102-0000000B-00441102}.rfx
[2012/05/28 03:24:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/28 03:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/27 18:16:40 | 1100,122,648 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/05/24 05:51:19 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Lightning\Desktop\dds.scr
[2012/05/23 23:24:52 | 000,002,338 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/05/23 22:40:42 | 093,565,757 | ---- | M] () -- C:\Users\Lightning\Desktop\Blonde Angel Dark And Diana Do ... - XVIDEOS.COM.flv
[2012/05/22 21:23:46 | 168,454,136 | ---- | M] (NVIDIA Corporation) -- C:\Users\Lightning\Desktop\301.42-desktop-win7-winvista-64bit-english-whql.exe
[2012/05/22 16:35:47 | 003,082,601 | ---- | M] () -- C:\Users\Lightning\Desktop\bookmarks-2012-05-22.json
[2012/05/21 19:25:40 | 166,448,312 | ---- | M] (NVIDIA Corporation) -- C:\Users\Lightning\Desktop\296.10-desktop-win7-winvista-64bit-english-whql.exe
[2012/05/21 19:13:45 | 000,372,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2012/05/21 18:48:12 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2012/05/21 18:48:12 | 000,001,853 | ---- | M] () -- C:\Users\Public\Desktop\3DMark 11.lnk
[2012/05/20 23:43:06 | 000,001,392 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/05/17 21:47:05 | 004,855,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/17 21:44:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf
[2012/05/15 05:48:00 | 025,743,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/05/15 05:48:00 | 025,248,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/05/15 05:48:00 | 019,607,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/05/15 05:48:00 | 018,044,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/05/15 05:48:00 | 017,551,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/05/15 05:48:00 | 015,322,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/05/15 05:48:00 | 010,194,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/05/15 05:48:00 | 008,139,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/05/15 05:48:00 | 008,105,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/05/15 05:48:00 | 005,982,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/05/15 05:48:00 | 002,881,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/05/15 05:48:00 | 002,741,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/05/15 05:48:00 | 002,681,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/05/15 05:48:00 | 002,524,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/05/15 05:48:00 | 002,445,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/05/15 05:48:00 | 002,368,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/05/15 05:48:00 | 001,738,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/05/15 05:48:00 | 001,468,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012/05/15 05:48:00 | 000,949,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/05/15 05:48:00 | 000,818,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/05/15 05:48:00 | 000,364,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/05/15 05:48:00 | 000,301,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/05/15 05:48:00 | 000,246,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/05/15 05:48:00 | 000,202,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/05/15 05:48:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/05/15 05:48:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/05/15 05:48:00 | 000,014,324 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012/05/15 04:29:46 | 000,118,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/05/15 04:29:46 | 000,063,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/05/15 04:29:45 | 002,621,723 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/05/15 04:29:25 | 003,149,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/05/15 04:28:42 | 006,151,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/05/15 02:21:50 | 000,423,744 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/05/12 20:04:38 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2012/05/10 21:29:11 | 000,003,606 | ---- | M] () -- C:\Users\Lightning\Documents\swtor.rzp
[2012/05/05 15:14:16 | 000,007,607 | ---- | M] () -- C:\Users\Lightning\AppData\Local\Resmon.ResmonCfg
[2012/05/05 13:23:59 | 000,001,854 | ---- | M] () -- C:\Users\Lightning\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/04 19:09:16 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/05/04 19:09:15 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/04 19:09:06 | 008,744,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/01 23:26:36 | 000,030,324 | ---- | M] () -- C:\Users\Lightning\AppData\Local\Temp20.html
[2012/05/01 23:26:26 | 000,001,955 | ---- | M] () -- C:\Users\Lightning\AppData\Local\Temp1.html
[2012/05/01 03:01:00 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/05/01 03:00:54 | 000,809,684 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== Files Created - No Company Name ========== [2012/05/23 22:27:56 | 093,565,757 | ---- | C] () -- C:\Users\Lightning\Desktop\Blonde Angel Dark And Diana Do ... - XVIDEOS.COM.flv
[2012/05/22 16:35:46 | 003,082,601 | ---- | C] () -- C:\Users\Lightning\Desktop\bookmarks-2012-05-22.json
[2012/05/21 19:37:49 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/05/21 19:37:16 | 000,014,324 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/05/21 19:14:21 | 002,065,920 | ---- | C] () -- C:\Windows\SysNative\nvcplUI.exe
[2012/05/21 19:14:21 | 001,524,736 | ---- | C] () -- C:\Windows\SysNative\MFC71.dll
[2012/05/21 19:14:21 | 001,064,448 | ---- | C] () -- C:\Windows\SysNative\nvcplUIR.dll
[2012/05/21 19:14:21 | 000,978,944 | ---- | C] () -- C:\Windows\SysNative\msvcp71.dll
[2012/05/21 19:14:21 | 000,520,192 | ---- | C] () -- C:\Windows\SysNative\msvcr71.dll
[2012/05/21 19:14:21 | 000,403,456 | ---- | C] () -- C:\Windows\SysNative\nvcpl.cpl
[2012/05/21 19:14:21 | 000,381,952 | ---- | C] () -- C:\Windows\SysNative\nvexpBar.dll
[2012/05/18 20:25:28 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/05/17 21:44:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_rzudd_01009.Wdf
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/05/10 21:29:11 | 000,003,606 | ---- | C] () -- C:\Users\Lightning\Documents\swtor.rzp
[2012/03/06 06:46:05 | 000,030,324 | ---- | C] () -- C:\Users\Lightning\AppData\Local\Temp20.html
[2012/03/05 00:13:23 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/02/17 01:32:32 | 000,000,132 | ---- | C] () -- C:\Users\Lightning\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/02/15 15:39:16 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2012/02/02 23:37:46 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2012/02/02 23:37:39 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2012/02/02 23:37:39 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2012/01/08 02:47:18 | 000,001,955 | ---- | C] () -- C:\Users\Lightning\AppData\Local\Temp1.html
[2012/01/01 05:49:12 | 000,007,607 | ---- | C] () -- C:\Users\Lightning\AppData\Local\Resmon.ResmonCfg
[2011/12/29 09:07:52 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/12/12 22:43:29 | 000,110,168 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/12/07 22:42:00 | 002,089,984 | ---- | C] () -- C:\Windows\libmem.dll
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/12/10 23:41:48 | 000,000,097 | ---- | C] () -- C:\Users\Lightning\AppData\Local\fusioncache.dat
[2010/12/10 23:40:00 | 000,809,684 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/10 23:04:28 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/12/07 17:39:34 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2010/12/07 16:28:09 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2010/12/07 16:28:09 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2010/12/07 16:28:09 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2010/12/07 16:16:02 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/12/07 16:16:02 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010/11/05 17:49:42 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
[2010/07/07 14:23:10 | 000,017,868 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010/07/07 13:36:44 | 000,014,336 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2010/07/07 13:33:04 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2010/07/07 13:21:00 | 000,384,647 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2010/07/07 13:21:00 | 000,051,787 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2010/07/07 13:10:30 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2010/07/07 13:10:22 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
========== Alternate Data Streams ========== @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
TDSSKiller -
Found nothing at all.
I noticed these ads are related to flash when i click them I get flash property settings etc.