OTL logfile created on: 11/17/2009 3:19:52 AM - Run 2 OTL by OldTimer - Version 3.1.5.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 83.30% Memory free 4.00 Gb Paging File | 3.66 Gb Available in Paging File | 91.54% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 149.04 Gb Total Space | 33.75 Gb Free Space | 22.64% Space Free | Partition Type: NTFS Drive D: | 298.01 Gb Total Space | 145.24 Gb Free Space | 48.74% Space Free | Partition Type: FAT32 Drive E: | 74.52 Gb Total Space | 21.74 Gb Free Space | 29.17% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ANONYMOUS Current User Name: Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 14 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009/11/16 21:35:18 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe PRC - [2009/11/12 07:11:08 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe PRC - [2009/11/09 01:43:49 | 00,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3.6 Beta 2\firefox.exe PRC - [2009/09/21 04:38:51 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe PRC - [2009/09/21 04:38:51 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe PRC - [2009/09/11 12:33:48 | 18,717,696 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2009/08/17 03:03:00 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe PRC - [2009/07/26 16:44:34 | 03,883,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe PRC - [2009/07/19 11:02:49 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2009/07/19 11:02:49 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe PRC - [2009/07/19 11:00:44 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2009/07/19 11:00:44 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe PRC - [2008/12/18 12:05:40 | 00,457,248 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe PRC - [2008/12/18 12:05:40 | 00,191,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe PRC - [2008/08/18 19:01:52 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvraidservice.exe PRC - [2008/04/14 07:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe PRC - [2007/12/10 15:55:26 | 00,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\Pixart\Pac7302\Monitor.exe PRC - [2005/04/27 14:59:24 | 00,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe PRC - [2002/10/11 14:32:30 | 00,065,536 | ---- | M] () -- C:\WINDOWS\twain_32\ca561a\SnapDetect.exe PRC - [2002/03/19 17:30:00 | 00,045,632 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009/11/16 21:35:18 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe MOD - [2009/07/19 11:00:49 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll MOD - [2009/07/19 10:59:05 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5705_x-ww_36cfed49\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009/11/12 07:11:08 | 00,075,064 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009/09/21 04:38:51 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2009/08/17 03:03:00 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (nvsvc) SRV - [2009/07/26 06:43:14 | 00,025,832 | ---- | M] (BioWare) -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc) SRV - [2009/07/19 11:07:49 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc) SRV - [2009/04/26 19:05:00 | 02,870,429 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2008/12/18 12:05:40 | 00,457,248 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM) SRV - [2008/12/18 12:05:40 | 00,191,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV - [2008/07/29 20:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2008/07/29 18:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2008/07/29 18:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2008/07/25 10:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/07/25 10:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - [2008/04/14 07:00:00 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc) SRV - [2005/04/27 14:59:24 | 00,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:0.4.5.14 FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.14 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.3.1 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6b2 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/21 04:36:44 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/09/21 04:38:51 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/06 00:28:47 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/12 19:01:54 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6b2\extensions\\Components: C:\Program Files\Mozilla Firefox 3.6 Beta 2\components [2009/11/14 17:01:37 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6b2\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.6 Beta 2\plugins [2009/11/14 17:01:34 | 00,000,000 | ---D | M] [2009/09/21 06:39:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions [2009/09/21 06:39:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/11/16 16:16:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\69lozume.default\extensions [2009/10/20 21:08:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\69lozume.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2009/09/21 20:14:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\69lozume.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2009/11/16 15:43:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\69lozume.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2009/11/13 03:14:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\69lozume.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2009/11/13 03:14:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\69lozume.default\extensions\bejeweledblitz3cheat@thecybershadow.net [2009/09/21 06:42:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\69lozume.default\extensions\foxyproxy@eric.h.jung [2009/10/21 02:07:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\69lozume.default\extensions\personas@christopher.beard [2009/09/21 06:39:16 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009/11/06 00:28:47 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009/11/06 00:28:41 | 00,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll [2009/11/06 00:28:41 | 00,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll [2009/07/07 16:20:42 | 00,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnu.dll [2009/07/07 16:20:42 | 00,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll [2009/07/02 23:34:44 | 00,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll [2009/08/17 06:42:14 | 00,073,728 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll [2009/11/06 00:28:43 | 00,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll [2009/09/25 01:02:40 | 00,098,304 | ---- | M] (OGPlanet Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npOGPPlugin.dll [2009/10/02 20:40:53 | 00,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll [2009/08/24 13:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml [2009/08/24 13:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml [2009/08/24 13:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml [2009/08/24 13:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml [2009/08/24 13:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml [2009/08/24 13:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml [2009/08/24 13:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe () O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\Pixart\Pac7302\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [UserFaultCheck] File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Icatch(VI) SnapDetect.lnk = C:\WINDOWS\twain_32\ca561a\SnapDetect.exe () O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 18 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM () O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM () O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {18D63578-EA2F-4A59-A49A-7F62E6B3DF3E} http://activexdown.paran.com/paranactivex/data/ImP3.cab (ImP3 Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {7B0A8629-5034-486A-8033-1FDF38E4DD03} http://activexdown.paran.com/paranactivex/data/kSysInfo.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} http://www.hangame.com/common/HanSetup1020.cab (HanSetupCtrl1010 Class) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {EF48A09C-6D35-4DF0-99A2-C0D7DCF4D507} http://windybeta.xcdnplus.co.kr/windydev/sd/BetaZone/IF_info/common/cab/20090424/WZMngrAx.cab (WZIFLauncher Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.140 68.87.66.135 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/09/21 04:29:45 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008/07/12 16:28:48 | 00,000,000 | -H-D | M] - D:\autorun -- [ FAT32 ] O32 - AutoRun File - [2008/04/14 10:00:02 | 00,000,110 | ---- | M] () - D:\AUTORUN.INF -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color] [2009/11/17 02:59:18 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009/11/17 02:59:05 | 00,000,000 | --SD | C] -- C:\Combo-Fix [2009/11/16 20:12:48 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent [2009/11/16 20:11:06 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner [2009/11/16 20:05:39 | 00,000,000 | ---D | C] -- C:\VundoFix Backups [2009/11/16 17:42:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2009/11/16 17:42:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe [2009/11/16 17:42:01 | 00,000,000 | ---D | C] -- C:\Program Files\xerox [2009/11/16 17:42:01 | 00,000,000 | ---D | C] -- C:\Program Files\outlook express [2009/11/16 17:42:01 | 00,000,000 | ---D | C] -- C:\Program Files\netmeeting [2009/11/16 17:42:01 | 00,000,000 | ---D | C] -- C:\Program Files\msn gaming zone [2009/11/16 17:42:01 | 00,000,000 | ---D | C] -- C:\Program Files\movie maker [2009/11/16 17:42:01 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage [2009/11/16 17:42:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv [2009/11/16 17:08:30 | 00,000,000 | RHSD | C] -- C:\cmdcons [2009/11/16 17:04:47 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009/11/16 17:04:47 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009/11/16 17:04:47 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009/11/16 17:04:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2009/11/16 17:03:37 | 00,000,000 | ---D | C] -- C:\Qoobox [2009/11/16 16:13:09 | 00,000,000 | ---D | C] -- C:\Program Files\ESET [2009/11/16 15:43:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\QuickScan [2009/11/16 15:08:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes [2009/11/16 15:08:45 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009/11/16 15:08:43 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009/11/16 15:08:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2009/11/16 06:00:35 | 00,093,360 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2009/11/16 05:58:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft [2009/11/15 23:20:07 | 00,000,000 | ---D | C] -- C:\Program Files\AVG [2009/11/14 21:32:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\V-Safe 100 [2009/11/14 17:04:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee [2009/11/14 17:01:33 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 3.6 Beta 2 [2009/11/13 01:01:18 | 00,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2009/11/12 17:04:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan [2009/11/12 17:03:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS [2009/11/12 12:55:45 | 00,000,000 | ---D | C] -- C:\Program Files\Activision [2009/11/12 10:09:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\FireShot [2009/11/12 07:11:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\id Software [2009/11/12 07:11:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\id Software [2009/11/12 00:34:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\DarKGunZ [2009/11/11 01:35:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Sonic CD [2009/11/10 22:18:05 | 00,461,824 | ---- | C] (PixArt Imaging Inc.) -- C:\WINDOWS\System32\drivers\PAC7302.SYS [2009/11/10 22:18:05 | 00,141,824 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\SP7302.AX [2009/11/10 22:18:05 | 00,006,656 | ---- | C] (PixArt Imaging Inc.) -- C:\WINDOWS\System32\CoInst.dll [2009/11/10 22:17:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\Pixart [2009/11/10 22:17:57 | 00,000,000 | ---D | C] -- C:\Program Files\VGA USB Camera [2009/11/08 22:57:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Symantec [2009/11/08 22:57:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton [2009/11/08 22:57:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller [2009/11/08 19:57:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe [2009/11/06 02:37:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\BioWare [2009/11/06 02:33:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\BioWare [2009/11/06 02:22:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP [2009/11/06 01:56:45 | 00,000,000 | ---D | C] -- C:\Program Files\Dragon Age [2009/11/06 01:56:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare [2009/11/04 01:57:12 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2006/02/20 08:52:38 | 00,135,168 | ---- | C] ( ) -- C:\WINDOWS\System32\ImP2.DLL [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 14 Days ==========[/color] [2009/11/17 02:16:06 | 00,250,223 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2009/11/17 02:15:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009/11/17 02:15:50 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009/11/17 02:15:46 | 24,154,35776 | -HS- | M] () -- C:\hiberfil.sys [2009/11/17 01:57:04 | 00,002,207 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Steam.lnk [2009/11/17 00:24:40 | 00,031,586 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\1185421530773.jpg [2009/11/16 22:50:15 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{036F3D52-FA96-4F92-BA28-CB1FCA29760C}.job [2009/11/16 20:18:04 | 04,456,448 | -H-- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT [2009/11/16 20:18:04 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini [2009/11/16 20:17:58 | 06,947,204 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db [2009/11/16 20:12:23 | 00,001,482 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20091116_201220.reg [2009/11/16 20:12:08 | 00,043,432 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20091116_201157.reg [2009/11/16 20:11:07 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk [2009/11/16 17:45:03 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009/11/16 17:42:24 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009/11/16 17:08:59 | 00,000,293 | RHS- | M] () -- C:\boot.ini [2009/11/16 15:08:47 | 00,000,572 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009/11/16 06:55:38 | 00,000,729 | ---- | M] () -- C:\WINDOWS\win.ini [2009/11/16 06:55:38 | 00,000,223 | ---- | M] () -- C:\Boot.bak [2009/11/16 06:51:05 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009/11/16 06:00:30 | 00,093,360 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys [2009/11/16 03:02:10 | 00,011,168 | -H-- | M] () -- C:\WINDOWS\System32\nozimawu [2009/11/15 14:53:04 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009/11/14 17:01:40 | 00,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 3.6 Beta 2.lnk [2009/11/14 01:47:57 | 00,260,608 | ---- | M] () -- C:\WINDOWS\PEV.exe [2009/11/12 13:35:27 | 00,000,842 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Call of Duty Modern Warfare 2 SP.lnk [2009/11/12 13:35:27 | 00,000,842 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Call of Duty Modern Warfare 2 MP.lnk [2009/11/12 08:03:35 | 00,138,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/11/12 08:03:25 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2009/11/12 08:03:25 | 00,214,488 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009/11/12 07:11:08 | 02,373,712 | ---- | M] () -- C:\WINDOWS\System32\pbsvc.exe [2009/11/12 07:11:08 | 00,075,064 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009/11/12 06:25:41 | 00,000,586 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Taikodom.lnk [2009/11/12 00:34:50 | 00,000,031 | ---- | M] () -- C:\WINDOWS\GunzLauncher.INI [2009/11/12 00:26:18 | 00,000,020 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\aionmemo_c498994f.dat [2009/11/06 02:22:17 | 00,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Dragon Age Origins.lnk [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009/11/17 03:19:11 | 00,007,739 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\hijackthis1 [2009/11/17 00:24:39 | 00,031,586 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\1185421530773.jpg [2009/11/16 20:12:22 | 00,001,482 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20091116_201220.reg [2009/11/16 20:12:01 | 00,043,432 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20091116_201157.reg [2009/11/16 20:11:07 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\CCleaner.lnk [2009/11/16 17:08:55 | 00,000,223 | ---- | C] () -- C:\Boot.bak [2009/11/16 17:08:38 | 00,260,272 | ---- | C] () -- C:\cmldr [2009/11/16 17:04:47 | 00,260,608 | ---- | C] () -- C:\WINDOWS\PEV.exe [2009/11/16 17:04:47 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2009/11/16 17:04:47 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2009/11/16 17:04:47 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2009/11/16 17:04:47 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2009/11/16 15:08:47 | 00,000,572 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009/11/16 06:55:22 | 00,001,576 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Rainmeter.lnk [2009/11/14 17:01:40 | 00,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 3.6 Beta 2.lnk [2009/11/12 13:35:27 | 00,000,842 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Call of Duty Modern Warfare 2 SP.lnk [2009/11/12 13:35:27 | 00,000,842 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Call of Duty Modern Warfare 2 MP.lnk [2009/11/12 06:25:41 | 00,000,586 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Taikodom.lnk [2009/11/12 00:34:50 | 00,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI [2009/11/10 22:18:05 | 00,000,850 | ---- | C] () -- C:\WINDOWS\System32\SP7302.INI [2009/11/06 02:22:17 | 00,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Dragon Age Origins.lnk [2009/11/02 21:29:04 | 00,014,385 | ---- | C] () -- C:\WINDOWS\Tw561a.ini [2009/11/02 21:29:04 | 00,000,180 | ---- | C] () -- C:\WINDOWS\ap561.ini [2009/11/02 21:24:16 | 00,000,081 | ---- | C] () -- C:\WINDOWS\Setup8a.ini [2009/10/22 06:54:03 | 00,000,143 | ---- | C] () -- C:\WINDOWS\GKLauncherInfo.ini [2009/10/18 13:53:14 | 00,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini [2009/10/16 15:43:39 | 00,000,040 | ---- | C] () -- C:\WINDOWS\System32\Sx5363.ini [2009/10/08 08:42:52 | 00,138,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009/10/08 08:42:51 | 00,139,152 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\PnkBstrK.sys [2009/10/04 02:29:24 | 00,000,172 | ---- | C] () -- C:\WINDOWS\CS_MD_T.ini [2009/09/30 16:20:44 | 01,147,576 | ---- | C] () -- C:\WINDOWS\System32\HanWebMsg1058.dll [2009/09/21 20:09:10 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2009/09/21 20:09:10 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2009/09/21 20:09:10 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2009/09/21 13:36:42 | 00,014,848 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/09/21 07:30:31 | 00,035,200 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009/09/21 04:40:39 | 06,947,204 | -H-- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db [2009/09/21 04:39:38 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009/09/21 04:39:37 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009/09/21 04:39:36 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009/09/21 04:39:36 | 02,402,304 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2009/09/21 04:39:36 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009/09/21 04:39:36 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009/09/21 04:39:35 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/09/21 04:39:35 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009/09/21 04:32:52 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Owner\Application Data\desktop.ini [2009/09/20 23:08:53 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini [2009/08/03 00:21:54 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009/08/03 00:21:54 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009/08/03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009/08/03 00:21:52 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2009/07/19 11:11:41 | 00,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll [2009/07/14 16:15:00 | 00,178,432 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2008/04/14 07:00:00 | 00,000,729 | ---- | C] () -- C:\WINDOWS\win.ini [2008/04/14 07:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2006/06/29 13:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [2006/06/29 13:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 14:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/04/18 14:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [color=#E56717]========== LOP Check ==========[/color] [2009/09/27 23:08:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM [2009/11/06 02:37:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare [2009/09/29 15:33:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard [2009/09/27 22:39:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2009/11/12 07:11:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software [2009/10/18 19:25:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ijjigame [2009/10/03 17:28:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus! [2009/10/02 22:29:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files [2009/09/25 00:33:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009/09/27 23:08:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\acccore [2009/09/27 23:11:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DAEMON Tools Lite [2009/11/12 10:09:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FireShot [2009/10/22 09:39:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\fltk.org [2009/09/21 04:39:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Foxit [2009/10/27 23:14:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\GetRightToGo [2009/11/12 07:11:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\id Software [2009/09/25 00:28:57 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Owner\Application Data\ijjigame [2009/10/04 19:04:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech [2009/11/16 15:45:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\QuickScan [2009/10/02 21:14:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Rainmeter [2009/09/30 16:05:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\SystemRequirementsLab [2009/11/13 13:18:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\TeamViewer [2008/04/14 07:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009/11/17 02:15:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT [2009/11/16 22:50:15 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{036F3D52-FA96-4F92-BA28-CB1FCA29760C}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2009/10/03 14:38:17 | 00,000,000 | ---D | M](C:\Documents and Settings\Owner\My Documents\????) -- C:\Documents and Settings\Owner\My Documents\마비노기 [2009/10/03 14:38:17 | 00,000,000 | ---D | C](C:\Documents and Settings\Owner\My Documents\????) -- C:\Documents and Settings\Owner\My Documents\마비노기 < End of report >