OTL logfile created on: 2010-06-26 오전 4:45:44 - Run 1 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\JBP\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Korea | Language: KOR | Date Format: yyyy-MM-dd 4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 65.00% Memory free 7.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 235.68 Gb Total Space | 208.24 Gb Free Space | 88.36% Space Free | Partition Type: NTFS Drive D: | 579.41 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive E: | 220.66 Gb Total Space | 173.63 Gb Free Space | 78.69% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: JBP-PC Current User Name: JBP Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-06-26 04:07:50 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\JBP\Desktop\OTL.exe PRC - [2010-06-20 03:46:15 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe PRC - [2010-06-10 06:58:32 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe PRC - [2010-06-10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe PRC - [2010-02-17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe PRC - [2009-10-27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe PRC - [2009-08-14 16:29:26 | 000,090,112 | ---- | M] (Microsoft) -- C:\Program Files\OSD\OSD_Main.exe PRC - [2009-07-15 21:48:22 | 000,013,624 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe PRC - [2009-07-15 21:48:14 | 000,057,672 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe PRC - [2009-07-15 18:36:48 | 000,016,704 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe PRC - [2009-07-08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe PRC - [2009-07-07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe PRC - [2009-06-24 19:31:43 | 000,095,496 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe PRC - [2009-06-24 19:31:42 | 001,942,792 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe PRC - [2009-06-24 19:31:21 | 002,368,776 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe PRC - [2009-05-15 10:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-04-28 23:50:26 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared Files\brs.exe PRC - [2009-02-20 13:13:04 | 000,013,312 | ---- | M] () -- C:\Program Files\OSD\Service1.exe PRC - [2009-02-19 14:45:42 | 000,020,480 | ---- | M] (Alienware Corporation) -- C:\Program Files\OSD\Launch_CC.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-06-26 04:07:50 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\JBP\Desktop\OTL.exe MOD - [2009-07-13 21:15:36 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\IME\imekr8\imkrtip.dll MOD - [2009-07-13 21:15:36 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\IME\imekr8\imkrapi.dll MOD - [2009-07-13 21:15:35 | 000,374,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\IME\shared\IMETIP.DLL MOD - [2009-07-13 21:15:35 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\IME\shared\IMJKAPI.DLL MOD - [2009-07-13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\msscript.ocx MOD - [2009-07-13 21:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-02-24 13:16:08 | 000,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV:[b]64bit:[/b] - [2010-02-17 16:45:16 | 000,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield) SRV:[b]64bit:[/b] - [2009-10-15 11:35:36 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE -- (wltrysvc) SRV:[b]64bit:[/b] - [2009-07-15 18:36:54 | 000,013,624 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService) SRV:[b]64bit:[/b] - [2009-07-13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-01 21:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2009-06-29 12:44:00 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4aa689b67feb46b2\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2009-06-24 19:31:21 | 002,368,776 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe -- (FAService) SRV:[b]64bit:[/b] - [2009-03-02 13:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_4aa689b67feb46b2\AESTSr64.exe -- (AESTFilters) SRV:[b]64bit:[/b] - [2009-02-20 13:13:04 | 000,013,312 | ---- | M] () [Auto | Running] -- C:\Program Files\OSD\Service1.exe -- (CustomSvc) SRV - [2010-06-10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc) SRV - [2010-02-17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon) SRV - [2009-10-27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService) SRV - [2009-07-13 23:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\WINDOWS\Vss -- (VSS) SRV - [2009-07-13 23:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\WINDOWS\SysWOW64\Msdtc -- (MSDTC) SRV - [2009-07-13 16:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\wbem\vds.mof -- (vds) SRV - [2009-07-08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy) SRV - [2009-07-07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc) SRV - [2009-05-15 10:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-06-21 22:02:43 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-02-17 16:52:42 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\mfehidk.sys -- (mfehidk) DRV:[b]64bit:[/b] - [2010-02-17 16:52:42 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfeavfk.sys -- (mfeavfk) DRV:[b]64bit:[/b] - [2010-02-17 16:52:42 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mfesmfk.sys -- (mfesmfk) DRV:[b]64bit:[/b] - [2010-02-17 16:45:32 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\mferkdk.sys -- (mferkdk) DRV:[b]64bit:[/b] - [2009-10-15 11:35:36 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\bcm42rly.sys -- (BCM42RLY) DRV:[b]64bit:[/b] - [2009-10-15 11:35:35 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2009-07-14 15:16:34 | 000,273,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009-07-13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-13 19:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009-07-02 22:41:04 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2009-07-02 22:41:04 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2009-07-02 22:41:04 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2009-07-02 22:41:02 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2009-06-29 12:44:00 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2009-06-25 20:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rimmpx64.sys -- (rimmptsk) DRV:[b]64bit:[/b] - [2009-06-25 19:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rixdpx64.sys -- (rismxdp) DRV:[b]64bit:[/b] - [2009-06-25 19:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\rimspx64.sys -- (rimsptsk) DRV:[b]64bit:[/b] - [2009-06-10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:[b]64bit:[/b] - [2009-06-10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2009-06-10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-06-10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:[b]64bit:[/b] - [2009-06-10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-04-09 17:23:02 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\Mpfp.sys -- (MPFP) DRV:[b]64bit:[/b] - [2009-03-09 16:58:00 | 000,060,416 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\itecir.sys -- (itecir) DRV:[b]64bit:[/b] - [2008-09-24 23:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\facap.sys -- (FACAP) DRV:[b]64bit:[/b] - [2008-07-25 15:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- C:\Program Files\OSD\WinRing0x64.sys -- (WinRing0_1_2_0) DRV:[b]64bit:[/b] - [2006-11-02 15:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2009-06-10 17:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) DRV - [2009-06-10 17:15:18 | 000,003,066 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SysWOW64\wbem\tcpip.mof -- (Tcpip) DRV - [2009-04-16 02:28:08 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/10/15 08:39:07] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://kr.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ko IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 C0 EB EE 00 15 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2009-01-21 14:24:28 | 000,000,759 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.) O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision ) O4:[b]64bit:[/b] - HKLM..\Run: [] File not found O4:[b]64bit:[/b] - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Broadcom Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [OSD CC] C:\Program Files\OSD\Launch_CC.exe (Alienware Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared Files\brs.exe (cyberlink) O4 - HKLM..\Run: [FAStartup] File not found O4 - HKLM..\Run: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision ) O4 - HKLM..\Run: [OSD] c:\Program Files\OSD\Launch.exe (HH) O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:[b]64bit:[/b] - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {2A2B6809-46C9-4126-BAFC-B352585BD56E} http://www.kiwidisk.com/mmsv/KiwidiskControl.CAB (Kiwidisk File Share Control 5) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {FE342FC7-4374-4EBE-86DB-D73AE861F779} http://file.naver.com/activex/NaverAXGuide.cab (NaverAXGuide Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\FastAccess: DllName - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll () O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-02-19 12:22:43 | 000,000,051 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{1c6bb16b-b99f-11de-8709-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{1c6bb16b-b99f-11de-8709-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Installer.exe -- [2008-02-19 12:22:44 | 001,172,376 | R--- | M] () O33 - MountPoints2\{6e15ab4a-7da2-11df-afb4-00225ff77ee6}\Shell - "" = AutoRun O33 - MountPoints2\{6e15ab4a-7da2-11df-afb4-00225ff77ee6}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* Drivers32:[b]64bit:[/b] midi - wdmaud.drv (Microsoft Corporation) Drivers32:[b]64bit:[/b] midi1 - wdmaud.drv (Microsoft Corporation) Drivers32:[b]64bit:[/b] midi2 - wdmaud.drv (Microsoft Corporation) Drivers32:[b]64bit:[/b] midimapper - midimap.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] mixer - wdmaud.drv (Microsoft Corporation) Drivers32:[b]64bit:[/b] mixer1 - wdmaud.drv (Microsoft Corporation) Drivers32:[b]64bit:[/b] mixer2 - wdmaud.drv (Microsoft Corporation) Drivers32:[b]64bit:[/b] msacm.imaadpcm - imaadp32.acm (Microsoft Corporation) Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:[b]64bit:[/b] msacm.msadpcm - msadp32.acm (Microsoft Corporation) Drivers32:[b]64bit:[/b] msacm.msg711 - msg711.acm (Microsoft Corporation) Drivers32:[b]64bit:[/b] msacm.msgsm610 - msgsm32.acm (Microsoft Corporation) Drivers32:[b]64bit:[/b] MSVideo8 - VfWWDM32.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] vidc.i420 - iyuv_32.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] VIDC.IYUV - iyuv_32.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] vidc.mrle - msrle32.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] vidc.msvc - msvidc32.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] VIDC.UYVY - msyuv.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] VIDC.YUY2 - msyuv.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] VIDC.YVU9 - tsbyuv.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] VIDC.YVYU - msyuv.dll (Microsoft Corporation) Drivers32:[b]64bit:[/b] wave - wdmaud.drv (Microsoft Corporation) Drivers32:[b]64bit:[/b] wave1 - wdmaud.drv (Microsoft Corporation) Drivers32:[b]64bit:[/b] wave2 - wdmaud.drv (Microsoft Corporation) Drivers32:[b]64bit:[/b] wavemapper - msacm32.drv (Microsoft Corporation) Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: midi2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation) Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation) Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation) Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation) Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation) Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation) Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation) Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation) Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation) Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation) Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation) Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation) Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation) Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point [color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color] [2010-06-26 04:40:47 | 000,000,000 | ---D | C] -- C:\Users\JBP\Documents\EVEREST Reports [2010-06-26 04:07:12 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\JBP\Desktop\OTL.exe [2010-06-26 03:58:12 | 008,461,992 | ---- | C] (Lavalys, Inc. ) -- C:\Users\JBP\Desktop\everestultimate460-[Guru3D.com].exe [2010-06-26 03:02:47 | 004,179,293 | ---- | C] (Lavalys, Inc. ) -- C:\Users\JBP\Desktop\everesthome220.exe [2010-06-26 02:50:08 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\Malwarebytes [2010-06-26 02:50:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-06-26 02:50:01 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010-06-26 02:50:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010-06-26 02:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010-06-26 02:48:44 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\JBP\Desktop\mbam-setup.exe [2010-06-26 02:48:27 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010-06-26 02:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2010-06-26 02:47:35 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\JBP\Desktop\erunt_setup.exe [2010-06-26 02:37:56 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\JBP\Desktop\TFC.exe [2010-06-26 02:20:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys [2010-06-26 02:01:41 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\McAfee [2010-06-26 01:49:17 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\Registry Mechanic [2010-06-26 01:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2010-06-26 01:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2010-06-25 19:40:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2010-06-25 19:35:21 | 000,000,000 | ---D | C] -- C:\d95c14c5eab1ee59a725 [2010-06-25 02:18:27 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Local\Adobe [2010-06-25 02:17:46 | 000,000,000 | ---D | C] -- C:\Windows\pss [2010-06-21 22:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive [2010-06-21 22:13:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive [2010-06-21 22:13:31 | 000,000,000 | ---D | C] -- C:\Users\JBP\Documents\Sports Interactive [2010-06-21 22:13:30 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\Sports Interactive [2010-06-21 22:07:46 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry [2010-06-21 22:07:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sports Interactive [2010-06-21 22:07:23 | 000,000,000 | -H-D | C] -- C:\Users\JBP\InstallAnywhere [2010-06-21 22:06:06 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Local\Diagnostics [2010-06-21 22:02:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2010-06-21 22:01:51 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\DAEMON Tools Lite [2010-06-21 21:57:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro [2010-06-21 21:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Pro [2010-06-21 21:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2010-06-21 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\JBP\Tracing [2010-06-21 20:47:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2010-06-21 20:47:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2010-06-21 20:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive [2010-06-21 20:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2010-06-21 20:47:00 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010-06-21 20:42:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2010-06-21 19:33:10 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\DAEMON Tools Pro [2010-06-20 03:45:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2010-06-19 09:08:22 | 012,151,808 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl [2010-06-19 09:08:22 | 003,593,216 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll [2010-06-19 09:08:22 | 000,564,224 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe [2010-06-19 07:38:57 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Local\Broadcom [2010-06-19 07:38:57 | 000,000,000 | ---D | C] -- C:\Users\JBP\Documents\Bluetooth Exchange Folder [2010-06-19 07:38:34 | 000,000,000 | R--D | C] -- C:\Users\JBP\Searches [2010-06-19 07:38:34 | 000,000,000 | -H-D | C] -- C:\Users\JBP\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2010-06-19 07:38:24 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\Identities [2010-06-19 07:38:22 | 000,000,000 | R--D | C] -- C:\Users\JBP\Contacts [2010-06-19 07:38:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2010-06-19 07:38:20 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Local\VirtualStore [2010-06-19 07:38:13 | 000,000,000 | --SD | C] -- C:\Users\JBP\AppData\Roaming\Microsoft [2010-06-19 07:38:13 | 000,000,000 | R--D | C] -- C:\Users\JBP\Videos [2010-06-19 07:38:13 | 000,000,000 | R--D | C] -- C:\Users\JBP\Saved Games [2010-06-19 07:38:13 | 000,000,000 | R--D | C] -- C:\Users\JBP\Pictures [2010-06-19 07:38:13 | 000,000,000 | R--D | C] -- C:\Users\JBP\Music [2010-06-19 07:38:13 | 000,000,000 | R--D | C] -- C:\Users\JBP\Links [2010-06-19 07:38:13 | 000,000,000 | R--D | C] -- C:\Users\JBP\Favorites [2010-06-19 07:38:13 | 000,000,000 | R--D | C] -- C:\Users\JBP\Downloads [2010-06-19 07:38:13 | 000,000,000 | R--D | C] -- C:\Users\JBP\My Documents [2010-06-19 07:38:13 | 000,000,000 | R--D | C] -- C:\Users\JBP\Desktop [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\AppData\Local\Temporary Internet Files [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\Templates [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\Start Menu [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\SendTo [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\Recent [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\PrintHood [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\NetHood [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\Documents\My Videos [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\Documents\My Pictures [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\Documents\My Music [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\My Documents [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\Local Settings [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\AppData\Local\History [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\Cookies [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\Application Data [2010-06-19 07:38:13 | 000,000,000 | -HSD | C] -- C:\Users\JBP\AppData\Local\Application Data [2010-06-19 07:38:13 | 000,000,000 | -H-D | C] -- C:\Users\JBP\AppData [2010-06-19 07:38:13 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Local\Temp [2010-06-19 07:38:13 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Local\Microsoft [2010-06-19 07:38:13 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\Media Center Programs [2010-06-19 04:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III [2010-06-19 04:35:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2010-06-19 03:31:17 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\GRETECH [2010-06-19 03:30:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DtsFilter [2010-06-19 03:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GNU [2010-06-19 03:30:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH [2010-06-19 03:30:02 | 005,889,760 | ---- | C] (Gretech Corporation) -- C:\Users\JBP\Desktop\GOMPLAYERSETUP.EXE [2010-06-19 03:26:18 | 000,296,472 | ---- | C] (Dacom Multimedia Internet Corp.) -- C:\Windows\SysWow64\NaverFDL.exe [2010-06-19 03:26:18 | 000,292,376 | ---- | C] (Dacom Multimedia Internet Corp.) -- C:\Windows\SysWow64\NaverFile.ocx [2010-06-19 03:23:25 | 000,000,000 | ---D | C] -- C:\Users\JBP\Documents\JB [2010-06-19 03:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kiwidisk [2010-06-19 03:19:11 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\Macromedia [2010-06-19 03:19:11 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Roaming\Adobe [2010-06-19 03:17:55 | 000,000,000 | ---D | C] -- C:\Users\JBP\AppData\Local\Alienware [2010-05-27 19:21:04 | 001,725,856 | ---- | C] (NHN corp.) -- C:\Windows\SysWow64\NaverAXGuide.exe [color=#E56717]========== Files - Modified Within 90 Days ==========[/color] [2010-06-26 04:47:46 | 001,048,576 | -HS- | M] () -- C:\Users\JBP\NTUSER.DAT [2010-06-26 04:45:29 | 000,011,713 | ---- | M] () -- C:\Windows\SysNative\Config.MPF [2010-06-26 04:43:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-06-26 04:43:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-06-26 04:43:07 | 3018,608,640 | -HS- | M] () -- C:\hiberfil.sys [2010-06-26 04:41:42 | 001,995,638 | -H-- | M] () -- C:\Users\JBP\AppData\Local\IconCache.db [2010-06-26 04:07:55 | 000,018,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-06-26 04:07:55 | 000,018,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-06-26 04:07:50 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\JBP\Desktop\OTL.exe [2010-06-26 03:59:24 | 000,001,120 | ---- | M] () -- C:\Users\JBP\Desktop\EVEREST Ultimate Edition.lnk [2010-06-26 03:58:20 | 008,461,992 | ---- | M] (Lavalys, Inc. ) -- C:\Users\JBP\Desktop\everestultimate460-[Guru3D.com].exe [2010-06-26 03:12:59 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010-06-26 03:12:59 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010-06-26 03:12:59 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010-06-26 03:02:50 | 004,179,293 | ---- | M] (Lavalys, Inc. ) -- C:\Users\JBP\Desktop\everesthome220.exe [2010-06-26 02:49:37 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\JBP\Desktop\mbam-setup.exe [2010-06-26 02:47:38 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\JBP\Desktop\erunt_setup.exe [2010-06-26 02:38:01 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\JBP\Desktop\TFC.exe [2010-06-26 01:24:21 | 000,937,984 | ---- | M] () -- C:\Users\JBP\s-1-5-21-24082937-311354830-2071060067-1003.rrr [2010-06-26 01:10:05 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-06-25 02:18:00 | 000,476,436 | ---- | M] () -- C:\Users\JBP\Desktop\NRL6 32 Moat.PDF [2010-06-21 22:10:58 | 000,001,187 | ---- | M] () -- C:\Users\JBP\Desktop\fm-MCE.lnk [2010-06-21 22:02:51 | 000,001,948 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2010-06-21 22:02:43 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2010-06-19 07:58:56 | 000,524,288 | -HS- | M] () -- C:\Users\JBP\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010-06-19 07:58:56 | 000,524,288 | -HS- | M] () -- C:\Users\JBP\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010-06-19 07:58:56 | 000,065,536 | -HS- | M] () -- C:\Users\JBP\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010-06-19 07:39:08 | 000,059,648 | ---- | M] () -- C:\Users\JBP\AppData\Local\GDIPFONTCACHEV1.DAT [2010-06-19 07:38:13 | 000,000,020 | -HS- | M] () -- C:\Users\JBP\ntuser.ini [2010-06-19 07:37:18 | 000,272,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010-06-19 07:35:17 | 000,039,252 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2010-06-19 07:35:17 | 000,039,252 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2010-06-19 05:31:56 | 000,241,664 | ---- | M] () -- C:\Users\JBP\Desktop\ChaosOne.exe [2010-06-19 04:45:15 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk [2010-06-19 03:30:57 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\GomTV.lnk [2010-06-19 03:30:57 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk [2010-06-19 03:30:07 | 005,889,760 | ---- | M] (Gretech Corporation) -- C:\Users\JBP\Desktop\GOMPLAYERSETUP.EXE [2010-06-19 03:19:05 | 000,001,435 | ---- | M] () -- C:\Users\JBP\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010-06-03 11:12:06 | 000,296,472 | ---- | M] (Dacom Multimedia Internet Corp.) -- C:\Windows\SysWow64\NaverFDL.exe [2010-06-03 11:12:04 | 000,292,376 | ---- | M] (Dacom Multimedia Internet Corp.) -- C:\Windows\SysWow64\NaverFile.ocx [2010-05-27 19:21:04 | 001,725,856 | ---- | M] (NHN corp.) -- C:\Windows\SysWow64\NaverAXGuide.exe [2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010-04-29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-06-26 03:59:24 | 000,001,120 | ---- | C] () -- C:\Users\JBP\Desktop\EVEREST Ultimate Edition.lnk [2010-06-26 01:24:21 | 000,937,984 | ---- | C] () -- C:\Users\JBP\s-1-5-21-24082937-311354830-2071060067-1003.rrr [2010-06-26 01:06:57 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010-06-25 02:14:32 | 000,476,436 | ---- | C] () -- C:\Users\JBP\Desktop\NRL6 32 Moat.PDF [2010-06-21 22:10:58 | 000,001,187 | ---- | C] () -- C:\Users\JBP\Desktop\fm-MCE.lnk [2010-06-21 22:02:51 | 000,001,948 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2010-06-21 16:47:50 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2010-06-19 10:30:07 | 3018,608,640 | -HS- | C] () -- C:\hiberfil.sys [2010-06-19 07:38:13 | 001,048,576 | -HS- | C] () -- C:\Users\JBP\NTUSER.DAT [2010-06-19 07:38:13 | 000,524,288 | -HS- | C] () -- C:\Users\JBP\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010-06-19 07:38:13 | 000,524,288 | -HS- | C] () -- C:\Users\JBP\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010-06-19 07:38:13 | 000,262,144 | -HS- | C] () -- C:\Users\JBP\ntuser.dat.LOG1 [2010-06-19 07:38:13 | 000,065,536 | -HS- | C] () -- C:\Users\JBP\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010-06-19 07:38:13 | 000,000,290 | ---- | C] () -- C:\Users\JBP\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2010-06-19 07:38:13 | 000,000,272 | ---- | C] () -- C:\Users\JBP\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2010-06-19 07:38:13 | 000,000,020 | -HS- | C] () -- C:\Users\JBP\ntuser.ini [2010-06-19 07:38:13 | 000,000,000 | -HS- | C] () -- C:\Users\JBP\ntuser.dat.LOG2 [2010-06-19 04:41:05 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III - The Frozen Throne.lnk [2010-06-19 03:30:57 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\GomTV.lnk [2010-06-19 03:30:57 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk [2010-06-19 03:19:05 | 000,001,435 | ---- | C] () -- C:\Users\JBP\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2009-10-15 11:17:54 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2009-07-15 18:40:30 | 000,097,584 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll [2009-07-13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-24 19:32:33 | 000,089,352 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll [2009-06-24 19:31:45 | 000,059,144 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll [2009-06-24 19:30:58 | 000,234,760 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll [2008-10-07 12:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008-10-07 12:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008-10-07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008-10-07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008-10-07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008-10-07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008-10-07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008-10-07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008-10-07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008-10-07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [color=#E56717]========== LOP Check ==========[/color] [2010-06-21 22:06:49 | 000,000,000 | ---D | M] -- C:\Users\JBP\AppData\Roaming\DAEMON Tools Lite [2010-06-21 19:33:10 | 000,000,000 | ---D | M] -- C:\Users\JBP\AppData\Roaming\DAEMON Tools Pro [2010-06-26 01:49:17 | 000,000,000 | ---D | M] -- C:\Users\JBP\AppData\Roaming\Registry Mechanic [2010-06-21 22:13:30 | 000,000,000 | ---D | M] -- C:\Users\JBP\AppData\Roaming\Sports Interactive [2009-10-15 11:53:46 | 000,000,356 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job [2009-10-15 11:53:46 | 000,000,348 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job [2009-07-14 01:08:49 | 000,011,196 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2009-07-13 21:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2009-08-04 19:50:01 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-10-15 12:00:22 | 000,000,000 | ---- | M] () -- C:\C_USERPART [2010-06-26 04:43:07 | 3018,608,640 | -HS- | M] () -- C:\hiberfil.sys [2010-06-26 04:43:15 | 4024,811,520 | -HS- | M] () -- C:\pagefile.sys [color=#A23BEC]< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[/color] [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [2009-07-13 21:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\SysWOW64\dxtmsft.dll [2009-07-13 21:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\SysWOW64\dxtrans.dll [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color] [color=#A23BEC]< %systemroot%\system32\user32.dll /md5 >[/color] [2009-07-13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\WINDOWS\SysWOW64\user32.dll [color=#A23BEC]< %systemroot%\system32\ws2_32.dll /md5 >[/color] [2009-07-13 21:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\WINDOWS\SysWOW64\ws2_32.dll [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:D1B5B4F1 < End of report >