Just for home use, mainly gaming
OTL logfile created on: 14/09/2011 20:28:37 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Sam Byard\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.94 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 24.95% Memory free
11.75 Gb Paging File | 7.65 Gb Available in Paging File | 65.10% Paging File free
Paging file location(s): c:\pagefile.sys 8000 8000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.03 Gb Total Space | 28.70 Gb Free Space | 10.14% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 3.39 Gb Free Space | 22.62% Space Free | Partition Type: NTFS
Drive H: | 955.72 Mb Total Space | 625.03 Mb Free Space | 65.40% Space Free | Partition Type: FAT
Computer Name: SAMSBASE | User Name: Sam Byard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Sam Byard\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Sam Byard\Downloads\CKScanner.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Program Files (x86)\IObit\Game Booster\gbtray.exe (IObit)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\foobar2000\foobar2000.exe ()
PRC - C:\Program Files\Synergy\qsynergy.exe ()
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\EFT2.13.1\EFT.exe ()
========== Modules (No Company Name) ========== MOD - C:\Users\Sam Byard\Downloads\CKScanner.exe ()
MOD - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\mozjs.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-50.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-52.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-52.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll ()
MOD - C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll ()
MOD - C:\Program Files (x86)\IObit\Game Booster\sqlite3.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\foobar2000\foobar2000.exe ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_cdda.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_converter.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_unpack.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_input_std.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll ()
MOD - C:\Program Files (x86)\foobar2000\components\foo_fileops.dll ()
MOD - C:\Program Files (x86)\foobar2000\shared.dll ()
MOD - C:\Program Files (x86)\IObit\Game Booster\madexcept_.bpl ()
MOD - C:\Program Files (x86)\IObit\Game Booster\madbasic_.bpl ()
MOD - C:\Program Files (x86)\IObit\Game Booster\maddisAsm_.bpl ()
MOD - C:\Program Files\Synergy\qsynergy.exe ()
MOD - C:\Program Files (x86)\Java\jre6\bin\jp2native.dll ()
MOD - C:\EFT2.13.1\EFT.exe ()
MOD - C:\Program Files\Synergy\QtCore4.dll ()
MOD - C:\Program Files (x86)\foobar2000\zlib1.dll ()
MOD - C:\Program Files\Synergy\QtGui4.dll ()
MOD - C:\Program Files\Synergy\QtNetwork4.dll ()
MOD - C:\Program Files\Synergy\libgcc_s_dw2-1.dll ()
MOD - C:\Program Files\Synergy\mingwm10.dll ()
========== Win32 Services (SafeList) ========== SRV:
64bit: - (nlsvc) -- C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software)
SRV:
64bit: - (Synergy Server) -- C:\Program Files\Synergy\synergys.exe ()
SRV:
64bit: - (ftpsvc) -- C:\Windows\SysNative\inetsrv\ftpsvc.dll (Microsoft Corporation)
SRV:
64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV:
64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:
64bit: - (FirebirdGuardianDefaultInstance) -- C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project)
SRV:
64bit: - (FirebirdServerDefaultInstance) -- C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:
64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:
64bit: - (WMSVC) -- C:\Windows\SysNative\inetsrv\WMSvc.exe (Microsoft Corporation)
SRV:
64bit: - (STacSV) -- C:\Windows\SysNative\stacsv64.exe (SigmaTel, Inc.)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (OverwolfUpdaterService) -- C:\Program Files (x86)\Overwolf\\OverwolfUpdater.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (frameworkPostgreSQL) -- C:\Program Files (x86)\Rapid7\framework\postgresql\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (BrlAPI) -- C:\cygwin\bin\cygrunsrv.exe ()
========== Driver Services (SafeList) ========== DRV:
64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:
64bit: - (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM) -- C:\Windows\SysNative\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV:
64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:
64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:
64bit: - (NLNdisPT) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:
64bit: - (NLNdisMP) -- C:\Windows\SysNative\drivers\nlndis.sys (Locktime Software)
DRV:
64bit: - (nltdi) -- C:\Program Files\NetLimiter 3\nltdi.sys (Locktime Software)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:
64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:
64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:
64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:
64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:
64bit: - (Epfwndis) -- C:\Windows\SysNative\drivers\epfwndis.sys (ESET)
DRV:
64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:
64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:
64bit: - (SaiK0CFA) -- C:\Windows\SysNative\drivers\SaiK0CFA.sys (Saitek)
DRV:
64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:
64bit: - (SaiMini) -- C:\Windows\SysNative\drivers\SaiMini.sys (Saitek)
DRV:
64bit: - (SaiU0CFA) -- C:\Windows\SysNative\drivers\SaiU0CFA.sys (Saitek)
DRV:
64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:
64bit: - (jumi) -- C:\Windows\SysNative\drivers\jumi.sys (Windows (R) Codename Longhorn DDK provider)
DRV:
64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:
64bit: - (USBPNPA) -- C:\Windows\SysNative\drivers\CM10864.sys (C-Media Electronics Inc)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (e1express) Intel(R) -- C:\Windows\SysNative\drivers\e1e6232e.sys (Intel Corporation)
DRV:
64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:
64bit: - (SaiK0728) -- C:\Windows\SysNative\drivers\SaiK0728.sys (Saitek)
DRV:
64bit: - (STHDA) SigmaTel High Definition Audio CODEC (for 64-bit Windows) -- C:\Windows\SysNative\drivers\stwrt64.sys (SigmaTel, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://uk.msn.com/?ocid=iehpIE - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 25 03 A2 D9 77 FD CB 01 [binary data]
IE - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems:
testpilot@labs.mozilla.com:1.0.4
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Sam Byard\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sam Byard\AppData\Local\Google\Update\1.3.21.67\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sam Byard\AppData\Local\Google\Update\1.3.21.67\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2011/06/14 21:39:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/01/20 20:48:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/09 15:36:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\components [2011/09/11 14:26:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/08/17 13:45:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011/06/14 21:39:56 | 000,000,000 | ---D | M]
[2010/11/28 04:56:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sam Byard\AppData\Roaming\Mozilla\Extensions
[2010/11/28 04:56:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sam Byard\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/05/06 05:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sam Byard\AppData\Roaming\Mozilla\Firefox\Profiles\jozd5h79.default\extensions
[2011/01/22 23:46:01 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Sam Byard\AppData\Roaming\Mozilla\Firefox\Profiles\jozd5h79.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/05/06 05:08:55 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Sam Byard\AppData\Roaming\Mozilla\Firefox\Profiles\jozd5h79.default\extensions\cacaoweb@cacaoweb.org
[2011/01/27 01:44:09 | 000,000,000 | ---D | M] (Feedback) -- C:\Users\Sam Byard\AppData\Roaming\Mozilla\Firefox\Profiles\jozd5h79.default\extensions\testpilot@labs.mozilla.com
[2011/09/09 01:04:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sam Byard\AppData\Roaming\Mozilla\Firefox\Profiles\jr85emb2.Samsb\extensions
[2011/09/09 01:04:06 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Sam Byard\AppData\Roaming\Mozilla\Firefox\Profiles\jr85emb2.Samsb\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/02/23 17:42:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/01/09 21:18:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/01/09 21:17:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/27 06:24:34 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/10/27 06:24:34 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/10/27 06:24:34 | 000,000,769 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/10/27 06:24:34 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:
64bit: - HKLM..\Run: [Cm108Sound] C:\Windows\Syswow64\cm108.dll (C-Media Corporation)
O4:
64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:
64bit: - HKLM..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4:
64bit: - HKLM..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4:
64bit: - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe (SigmaTel, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3712959989-1330060028-480819939-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-3712959989-1330060028-480819939-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-EU06I.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3712959989-1330060028-480819939-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Sam Byard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bitcoin.lnk = C:\Program Files (x86)\Bitcoin\bitcoin.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3712959989-1330060028-480819939-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A462397-8C90-45B9-A551-61DF25626E96}: DhcpNameServer = 10.203.129.68 10.203.129.68
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B78E9E1B-9758-4EE3-827C-947214C7C1BF}: DhcpNameServer = 8.8.8.8 8.8.4.4
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Overwolf\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/24 01:07:01 | 000,000,261 | ---- | M] () - C:\AUTOEXEC.BAK -- [ NTFS ]
O32 - AutoRun File - [2008/08/24 01:07:01 | 000,000,261 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{16db9f6e-95e5-11e0-9fe9-001d092885b8}\Shell - "" = AutoRun
O33 - MountPoints2\{16db9f6e-95e5-11e0-9fe9-001d092885b8}\Shell\AutoRun\command - "" = G:\RAY2.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/09/14 18:30:29 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011/09/14 18:30:29 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011/09/14 18:30:29 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011/09/14 18:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/09/14 18:24:02 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011/09/14 06:22:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Chart Controls
[2011/09/10 02:07:32 | 000,000,000 | ---D | C] -- C:\EVEMon_3002_2011-09-07
[2011/09/09 03:05:49 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/09/09 01:33:15 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\Documents\DeadIsland
[2011/09/08 16:26:06 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Local\PMB Files
[2011/09/08 16:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/09/08 16:25:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011/09/08 11:21:35 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Roaming\WinPatrol
[2011/09/08 11:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2011/09/07 20:05:40 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Roaming\Malwarebytes
[2011/09/07 20:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/09/07 20:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/09/07 20:04:39 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/09/07 20:04:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/09/07 04:04:21 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Local\Chromium
[2011/09/07 04:00:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/09/07 04:00:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf
[2011/09/07 03:49:54 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Local\Overwolf
[2011/09/06 17:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2011/09/06 00:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Three Rings Design
[2011/09/01 16:39:11 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft
[2011/08/29 02:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/08/26 00:25:47 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Local\dxhr
[2011/08/26 00:24:33 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Local\28050
[2011/08/25 23:05:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011/08/19 14:31:18 | 000,066,728 | ---- | C] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys
[2011/08/19 14:31:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
[2011/08/19 14:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable
[2011/08/19 14:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\firebird
[2011/08/19 14:06:26 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Local\SpacialAudio
[2011/08/19 14:05:00 | 000,548,864 | ---- | C] (Firebird Project) -- C:\Windows\SysWow64\GDS32.DLL
[2011/08/19 14:04:59 | 000,855,552 | ---- | C] (Firebird Project) -- C:\Windows\SysNative\GDS32.DLL
[2011/08/19 14:04:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (x64)
[2011/08/19 14:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Firebird
[2011/08/19 14:03:54 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SAM Broadcaster
[2011/08/19 14:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpacialAudio
[2011/08/19 04:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/08/19 04:01:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/08/19 03:01:21 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/08/19 03:01:20 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/08/19 03:01:19 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/08/19 03:01:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/08/19 03:01:18 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/08/19 03:01:18 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/08/19 03:01:18 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/08/19 03:01:18 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/08/19 03:01:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/08/19 01:17:17 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2011/08/19 01:17:15 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011/08/19 01:17:15 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011/08/19 01:17:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011/08/19 01:17:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011/08/19 01:17:14 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011/08/19 01:17:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011/08/19 01:17:14 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011/08/19 01:17:14 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011/08/19 01:17:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011/08/19 01:16:56 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011/08/19 01:16:55 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011/08/19 01:16:55 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011/08/19 01:16:54 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011/08/19 01:16:54 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011/08/19 01:16:53 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011/08/19 01:16:53 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011/08/19 01:16:53 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011/08/19 01:16:53 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011/08/19 01:16:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011/08/19 01:16:53 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011/08/19 01:16:52 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011/08/19 01:16:52 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011/08/19 01:16:33 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011/08/19 01:16:33 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011/08/19 01:16:33 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011/08/19 01:16:33 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011/08/19 01:16:33 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/08/19 01:16:32 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011/08/19 01:16:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011/08/19 01:16:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011/08/19 01:16:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011/08/19 01:16:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011/08/19 01:16:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011/08/19 01:16:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/08/19 01:16:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/08/19 01:16:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/08/19 01:16:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/08/19 01:16:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011/08/19 01:16:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/19 01:16:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/19 01:16:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/19 01:16:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/19 01:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/19 01:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/19 01:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/08/19 01:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/08/19 01:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/08/19 01:16:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/19 01:16:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/19 01:16:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/19 01:16:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/08/19 01:16:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/08/19 01:16:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/08/19 01:16:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011/08/19 01:16:27 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011/08/19 01:16:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011/08/19 01:16:19 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/08/19 01:16:18 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/08/19 01:16:17 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/08/18 23:15:10 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
[2011/08/18 23:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
[2011/08/18 23:15:07 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\Documents\Heroes of Newerth
[2011/08/18 23:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Heroes of Newerth
[2011/08/18 17:38:09 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\Documents\Games for Windows - LIVE Demos
[2011/08/18 17:34:59 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\Documents\Spartan
[2011/08/18 17:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games
[2011/08/18 17:10:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011/08/18 17:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011/08/18 17:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/08/18 01:03:19 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\riotsGamesLogs
[2011/08/17 18:28:52 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\Documents\Dust
[2011/08/17 18:23:31 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Local\Ubisoft Game Launcher
[2011/08/17 18:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011/08/17 00:48:21 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\Documents\Osmos
[2011/08/16 01:17:16 | 000,000,000 | ---D | C] -- C:\Users\Sam Byard\AppData\Roaming\mIRC
[2011/08/16 01:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2011/08/16 01:17:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
========== Files - Modified Within 30 Days ========== [2011/09/14 20:07:09 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3712959989-1330060028-480819939-1000UA.job
[2011/09/14 20:06:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3712959989-1330060028-480819939-1000Core.job
[2011/09/14 18:56:04 | 000,000,942 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3712959989-1330060028-480819939-1000UA.job
[2011/09/14 18:33:24 | 000,089,406 | ---- | M] () -- C:\minecraft.jar
[2011/09/14 18:30:17 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011/09/14 18:30:17 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011/09/14 18:30:17 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011/09/14 18:30:17 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011/09/14 10:58:00 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2011/09/14 06:46:09 | 000,282,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/09/14 06:46:09 | 000,282,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/14 06:27:58 | 000,290,496 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/09/14 06:19:03 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/14 05:05:02 | 000,709,968 | ---- | M] () -- C:\Windows\is-EU06I.exe
[2011/09/14 05:05:02 | 000,010,498 | ---- | M] () -- C:\Windows\is-EU06I.msg
[2011/09/14 05:05:02 | 000,000,393 | ---- | M] () -- C:\Windows\is-EU06I.lst
[2011/09/14 03:56:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3712959989-1330060028-480819939-1000Core.job
[2011/09/13 18:25:28 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/13 18:25:28 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/13 18:15:53 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\AWC AutoSweep.job
[2011/09/13 18:15:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/13 18:15:19 | 3169,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/13 03:06:18 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini
[2011/09/12 21:21:13 | 000,726,986 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/12 21:21:13 | 000,146,590 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/12 21:21:12 | 000,865,420 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/12 00:54:58 | 000,020,572 | ---- | M] () -- C:\Users\Sam Byard\Documents\EVEMon_Settings_3002.xml.bak
[2011/09/11 14:26:55 | 000,002,162 | ---- | M] () -- C:\Users\Sam Byard\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 11.lnk
[2011/09/11 14:26:55 | 000,002,162 | ---- | M] () -- C:\Users\Sam Byard\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 10.lnk
[2011/09/08 21:16:56 | 000,000,432 | ---- | M] () -- C:\Users\Sam Byard\Desktop\Resume Download of League of Legends.url
[2011/09/08 14:21:56 | 000,002,116 | ---- | M] () -- C:\Users\Sam Byard\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2011/09/07 20:04:43 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 04:00:36 | 000,001,708 | ---- | M] () -- C:\Users\Public\Desktop\Overwolf.lnk
[2011/09/06 17:40:59 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2011/09/06 17:40:59 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2011/09/03 21:26:21 | 000,002,381 | ---- | M] () -- C:\Users\Sam Byard\Desktop\Google Chrome.lnk
[2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/08/24 23:37:17 | 000,129,712 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/08/19 14:31:18 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys
[2011/08/19 14:03:55 | 000,002,054 | ---- | M] () -- C:\Users\Sam Byard\Application Data\Microsoft\Internet Explorer\Quick Launch\SAM Broadcaster.lnk
[2011/08/19 14:03:55 | 000,002,030 | ---- | M] () -- C:\Users\Sam Byard\Desktop\SAM Broadcaster.lnk
[2011/08/19 13:45:14 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2011/08/19 08:20:42 | 000,306,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/08/19 04:08:34 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/08/19 04:07:50 | 021,073,936 | ---- | M] () -- C:\vlc-1.1.11-win32.exe
[2011/08/19 03:57:32 | 000,850,888 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/18 23:15:14 | 000,001,951 | ---- | M] () -- C:\Users\Sam Byard\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2011/08/18 23:15:13 | 000,001,927 | ---- | M] () -- C:\Users\Sam Byard\Desktop\Heroes of Newerth.lnk
[2011/08/18 22:58:38 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/18 17:02:02 | 000,001,245 | ---- | M] () -- C:\Users\Public\Desktop\Quick Care.lnk
[2011/08/17 00:48:20 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011/08/17 00:48:20 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011/08/17 00:48:20 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011/08/17 00:48:19 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011/08/16 01:17:16 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
========== Files Created - No Company Name ========== [2011/09/14 18:33:22 | 000,089,406 | ---- | C] () -- C:\minecraft.jar
[2011/09/14 05:05:02 | 000,709,968 | ---- | C] () -- C:\Windows\is-EU06I.exe
[2011/09/14 05:05:02 | 000,010,498 | ---- | C] () -- C:\Windows\is-EU06I.msg
[2011/09/14 05:05:02 | 000,000,393 | ---- | C] () -- C:\Windows\is-EU06I.lst
[2011/09/10 02:07:51 | 000,020,572 | ---- | C] () -- C:\Users\Sam Byard\Documents\EVEMon_Settings_3002.xml.bak
[2011/09/08 21:16:56 | 000,000,432 | ---- | C] () -- C:\Users\Sam Byard\Desktop\Resume Download of League of Legends.url
[2011/09/07 20:04:43 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/07 04:00:36 | 000,001,708 | ---- | C] () -- C:\Users\Public\Desktop\Overwolf.lnk
[2011/09/06 17:40:59 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2011/09/06 17:40:59 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2011/08/19 14:03:55 | 000,002,054 | ---- | C] () -- C:\Users\Sam Byard\Application Data\Microsoft\Internet Explorer\Quick Launch\SAM Broadcaster.lnk
[2011/08/19 14:03:55 | 000,002,030 | ---- | C] () -- C:\Users\Sam Byard\Desktop\SAM Broadcaster.lnk
[2011/08/19 04:08:34 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/08/19 04:07:40 | 021,073,936 | ---- | C] () -- C:\vlc-1.1.11-win32.exe
[2011/08/18 23:15:14 | 000,001,951 | ---- | C] () -- C:\Users\Sam Byard\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2011/08/18 23:15:13 | 000,001,927 | ---- | C] () -- C:\Users\Sam Byard\Desktop\Heroes of Newerth.lnk
[2011/08/18 22:58:38 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/08/16 01:17:16 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2011/08/05 13:51:40 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011/08/03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/07/09 15:14:38 | 000,282,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/07/09 15:14:20 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/06/19 20:13:48 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/04/18 04:41:19 | 000,000,600 | ---- | C] () -- C:\Users\Sam Byard\AppData\Roaming\winscp.rnd
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/02/27 17:18:18 | 000,129,712 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/02/26 16:38:17 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/02/18 05:04:47 | 000,850,888 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/01/28 12:42:22 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/01/09 20:52:30 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix108.dll
[2011/01/09 20:52:30 | 000,000,259 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2011/01/09 20:52:23 | 000,008,288 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2011/01/09 20:52:23 | 000,002,029 | ---- | C] () -- C:\Windows\Cm108.ini.cfg
[2011/01/09 20:52:23 | 000,001,320 | ---- | C] () -- C:\Windows\cm108.ini
[2010/06/25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll
< End of report >
OTL Extras logfile created on: 14/09/2011 20:28:37 - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Users\Sam Byard\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.94 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 24.95% Memory free
11.75 Gb Paging File | 7.65 Gb Available in Paging File | 65.10% Paging File free
Paging file location(s): c:\pagefile.sys 8000 8000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.03 Gb Total Space | 28.70 Gb Free Space | 10.14% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 3.39 Gb Free Space | 22.62% Space Free | Partition Type: NTFS
Drive H: | 955.72 Mb Total Space | 625.03 Mb Free Space | 65.40% Space Free | Partition Type: FAT
Computer Name: SAMSBASE | User Name: Sam Byard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3712959989-1330060028-480819939-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 10\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6D41B4C4-FCD7-4F9B-99B9-A01F63F71F0F}" = Smart Technology Programming Software 7.0.2.7
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C0D93E4E-0866-43C8-A104-BF41A803EA84}" = ESET Smart Security
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"C-Media CM108 Like Sound Driver" = SteelSeries USB Soundcard v1.20
"FBDBServer_2_5_x64_is1" = Firebird 2.5.0.26074 (x64)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PerformanceTest 7_is1" = PerformanceTest v7.0 (64-bit)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24
"{27107EAA-34E0-43BF-B537-7F8EF6880F5A}" = Facebook Video Calling 1.0.0.8177
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D530FA3-9B89-4186-98B7-F51000000100}" = Age of Empires Online
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}" = msxml4
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}" = PCMark 7
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82AF3E91-57E1-4754-84D0-40A46E2479AB}" = OpenOffice.org 3.3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner 1.7.0
"{CDACF7D5-F9FE-4315-BA3E-E1DA75CA4C7A}" = XSplit
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1A16A14-DB9D-4597-95D7-9898670046E7}" = Overwolf
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBFC96E5-4409-426E-88B7-650ADB342E78}" = MSI to redistribute MS VS2005 CRT libraries
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"A2BAF Data cache removal" = ARMA 2: British Armed Forces - Data cache removal
"A2PMC Data cache removal" = ARMA 2: Private Military Company - Data cache removal
"ACE LoL Client" = League of Legends - ACE Client
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Alien vs. Triangles" = NVIDIA Alien vs. Triangles demo
"AnalogX NetStat Live" = AnalogX NetStat Live
"APB Reloaded" = APB Reloaded
"Apollo_is1" = Apollo 37zz
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Bejeweled 31.0" = Bejeweled 3
"BOSS" = BOSS
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"Endless City" = NVIDIA Endless City demo
"EVEMon" = EVEMon
"foobar2000" = foobar2000 v1.1.5
"Fraps" = Fraps (remove only)
"Frozen Synapse_is1" = Frozen Synapse
"Game Booster_is1" = Game Booster 3
"GamersFirst LIVE!" = GamersFirst LIVE!
"GFWL_{4D530FA3-9B89-4186-98B7-F51000000100}" = Age of Empires Online
"GoldWave v5.58" = GoldWave v5.58
"Harvest Massive Encounter_is1" = Harvest Massive Encounter
"hon" = Heroes of Newerth
"Impulse" = Impulse
"Inkscape" = Inkscape 0.48.0
"jahPlayer" = jahPlayer
"League of Legends_is1" = League of Legends
"Little SineGen" = Little SineGen 1.00
"Live 8.2.2" = Live 8.2.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"mIRC" = mIRC
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Firefox 7.0 (x86 en-GB)" = Mozilla Firefox 7.0 (x86 en-GB)
"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)
"Nmap" = Nmap 5.51
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"OpenAL" = OpenAL
"OpenLibraries" = OpenLibraries
"Origin" = Origin
"PlayerScore" = PlayerScore
"Precision" = EVGA Precision 2.0.2
"Privoxy" = Privoxy (remove only)
"PunkBusterSvc" = PunkBuster Services
"SAM3" = SAM Broadcaster v4
"Sins of a Solar Empire" = Sins of a Solar Empire
"Sins of a Solar Empire - Diplomacy" = Sins of a Solar Empire - Diplomacy
"Sins of a Solar Empire - Entrenchment" = Sins of a Solar Empire - Entrenchment
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam App 104320" = Red Orchestra 2: Heroes of Stalingrad Beta
"Steam App 105600" = Terraria
"Steam App 109200" = Legend of Fae
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 22330" = The Elder Scrolls IV: Oblivion
"Steam App 22350" = Brink
"Steam App 24780" = SimCity 4 Deluxe
"Steam App 26500" = Cogs
"Steam App 26800" = Braid
"Steam App 26900" = Crayon Physics Deluxe
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 29180" = Osmos
"Steam App 33460" = From Dust
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 35450" = Red Orchestra 2: Heroes of Stalingrad
"Steam App 40700" = Machinarium
"Steam App 40800" = Super Meat Boy
"Steam App 41100" = Hammerfight
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42910" = Magicka
"Steam App 440" = Team Fortress 2
"Steam App 620" = Portal 2
"Steam App 65700" = ARMA 2: British Armed Forces
"Steam App 65720" = ARMA 2: Private Military Company
"Steam App 6600" = Bullet Candy
"Steam App 70100" = Hacker Evolution
"Steam App 70110" = Hacker Evolution - Untold
"Steam App 70120" = Hacker Evolution Duality
"Steam App 70300" = VVVVVV
"Steam App 91310" = Dead Island
"Steam App 9180" = Commander Keen Complete Pack
"Steam App 93200" = Revenge of the Titans
"Steam App 96200" = Steel Storm: Burning Retribution
"Steam App 98800" = Dungeons of Dredmor
"Steam App 99900" = Spiral Knights
"Steam App 99910" = Puzzle Pirates
"Synergy" = Synergy
"Trillian" = Trillian
"Two Worlds II Castle Defense Lite" = Two Worlds II Castle Defense Lite
"Unlocker" = Unlocker 1.9.0
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11
"WebcamMax" = WebcamMax
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"winscp3_is1" = WinSCP 4.3.2
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3712959989-1330060028-480819939-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"7fe6cd463fd935ad" = RecursiveWorld
"Bitcoin" = Bitcoin
"Google Chrome" = Google Chrome
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Puzzle Pirates" = Puzzle Pirates
"SOE-EverQuest" = EverQuest
"World of Logs Client" = World of Logs Client
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 10/09/2011 02:36:49 | Computer Name = Samsbase | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\mozbackup\dll\DelZip179.dll".Error
in manifest or policy file "c:\program files (x86)\mozbackup\dll\DelZip179.dll"
on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is
invalid.
Error - 10/09/2011 05:10:28 | Computer Name = Samsbase | Source = PostgreSQL | ID = 0
Description =
Error - 10/09/2011 23:08:07 | Computer Name = Samsbase | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\mozbackup\dll\DelZip179.dll".Error
in manifest or policy file "c:\program files (x86)\mozbackup\dll\DelZip179.dll"
on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is
invalid.
Error - 11/09/2011 13:29:21 | Computer Name = Samsbase | Source = Application Error | ID = 1000
Description = Faulting application name: CivilizationV_DX11.exe, version: 1.0.1.383,
time stamp: 0x4e41c172 Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651,
time stamp: 0x4e211319 Exception code: 0x0000087a Fault offset: 0x0000b9bc Faulting
process id: 0xbb0 Faulting application start time: 0x01cc708e3049fb1d Faulting application
path: c:\program files (x86)\steam\steamapps\common\sid meier's civilization v\CivilizationV_DX11.exe
Faulting
module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 95500eec-dc9b-11e0-92db-001d092885b8
Error - 11/09/2011 22:35:14 | Computer Name = Samsbase | Source = PostgreSQL | ID = 0
Description =
Error - 12/09/2011 01:05:49 | Computer Name = Samsbase | Source = PostgreSQL | ID = 0
Description =
Error - 12/09/2011 20:59:33 | Computer Name = Samsbase | Source = Application Error | ID = 1000
Description = Faulting application name: Oblivion.exe, version: 1.2.0.416, time
stamp: 0x462392c7 Faulting module name: Oblivion.exe, version: 1.2.0.416, time stamp:
0x462392c7 Exception code: 0xc0000005 Fault offset: 0x000c9f97 Faulting process id:
0xc6c Faulting application start time: 0x01cc71a2cc884c40 Faulting application path:
c:\program files (x86)\steam\steamapps\common\oblivion\Oblivion.exe Faulting module
path: c:\program files (x86)\steam\steamapps\common\oblivion\Oblivion.exe Report
Id: a3d43c25-dda3-11e0-ae43-001d092885b8
Error - 12/09/2011 21:18:04 | Computer Name = Samsbase | Source = Application Error | ID = 1000
Description = Faulting application name: Oblivion.exe, version: 1.2.0.416, time
stamp: 0x462392c7 Faulting module name: Oblivion.exe, version: 1.2.0.416, time stamp:
0x462392c7 Exception code: 0xc0000005 Fault offset: 0x000c1ed7 Faulting process id:
0xff0 Faulting application start time: 0x01cc71b0c94d2df1 Faulting application path:
c:\program files (x86)\steam\steamapps\common\oblivion\Oblivion.exe Faulting module
path: c:\program files (x86)\steam\steamapps\common\oblivion\Oblivion.exe Report
Id: 3aa78e05-dda6-11e0-ae43-001d092885b8
Error - 13/09/2011 13:15:32 | Computer Name = Samsbase | Source = PostgreSQL | ID = 0
Description =
Error - 13/09/2011 14:32:59 | Computer Name = Samsbase | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\mozbackup\dll\DelZip179.dll".Error
in manifest or policy file "c:\program files (x86)\mozbackup\dll\DelZip179.dll"
on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is
invalid.
[ NetLimiter 3 Events ]
Error - 09/09/2011 20:15:34 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 09/09/2011 20:56:48 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 10/09/2011 05:10:29 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 10/09/2011 18:43:27 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 11/09/2011 22:35:38 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 11/09/2011 23:37:32 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 11/09/2011 23:42:30 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 12/09/2011 00:42:38 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 12/09/2011 01:05:52 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
Error - 13/09/2011 13:15:33 | Computer Name = Samsbase | Source = NetLimiter 3 Service | ID = 1000
Description = Registration or trial period expired
[ System Events ]
Error - 12/09/2011 01:05:32 | Computer Name = Samsbase | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 12/09/2011 01:05:41 | Computer Name = Samsbase | Source = EventLog | ID = 6008
Description = The previous system shutdown at 06:03:29 on ?12/?09/?2011 was unexpected.
Error - 12/09/2011 01:05:37 | Computer Name = Samsbase | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 12/09/2011 01:05:55 | Computer Name = Samsbase | Source = Service Control Manager | ID = 7024
Description = The Synergy Server service terminated with service-specific error
%%4.
Error - 12/09/2011 01:07:10 | Computer Name = Samsbase | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%1058
Error - 13/09/2011 13:15:16 | Computer Name = Samsbase | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 13/09/2011 13:15:21 | Computer Name = Samsbase | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 13/09/2011 13:15:36 | Computer Name = Samsbase | Source = Service Control Manager | ID = 7024
Description = The Synergy Server service terminated with service-specific error
%%4.
Error - 13/09/2011 13:16:38 | Computer Name = Samsbase | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%1058
Error - 13/09/2011 20:31:28 | Computer Name = Samsbase | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
< End of report >