alwarebytes' Anti-Malware 1.42
Database version: 3406
Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 8.0.6001.18865
12/21/2009 8:53:54 PM
mbam-log-2009-12-21 (20-53-54).txt
Scan type: Full Scan (C:\|)
Objects scanned: 251801
Time elapsed: 41 minute(s), 43 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-23 15:34:41
Windows 6.0.6001 Service Pack 1
Running: gmer.exe; Driver: C:\Users\Jason\AppData\Local\Temp\pglcypog.sys
---- System - GMER 1.0.15 ----
SSDT 8719D100 ZwCreateKey
SSDT 8719C340 ZwCreateProcess
SSDT 8719C600 ZwCreateProcessEx
SSDT 8719DF60 ZwCreateThread
SSDT 8719D680 ZwDeleteKey
SSDT 8719D940 ZwDeleteValueKey
SSDT 8719E2A0 ZwLoadDriver
SSDT 8719CB80 ZwOpenProcess
SSDT 8719D3C0 ZwSetValueKey
SSDT 8719CE40 ZwTerminateProcess
SSDT 8719DDC0 ZwWriteVirtualMemory
SSDT 8719E100 ZwCreateThreadEx
SSDT 8719C8C0 ZwCreateUserProcess
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\tdx \Device\Tcp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \Driver\tdx \Device\Udp tmtdi.sys (Trend Micro TDI Driver (i386-fre)/Trend Micro Inc.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 12/23/2009 3:51:34 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Users\Jason\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 67.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.70 Gb Total Space | 385.73 Gb Free Space | 84.65% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.72 Gb Free Space | 57.25% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JASON-PC
Current User Name: Jason
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/12/23 15:35:34 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
PRC - [2009/12/21 18:35:47 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/12/07 22:14:28 | 00,285,296 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009/11/21 00:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/11/03 17:56:55 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/10/20 18:50:12 | 00,995,528 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
PRC - [2009/10/20 18:50:10 | 00,711,248 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
PRC - [2009/09/03 18:51:40 | 00,677,128 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
PRC - [2009/07/10 07:27:49 | 00,341,256 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2008/10/29 00:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/03/11 11:44:42 | 01,017,240 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\gs_agent\dsc.exe
PRC - [2008/03/11 11:44:38 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/03/11 11:44:36 | 00,202,544 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/01/19 01:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/08/19 23:08:08 | 00,610,304 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2007/06/01 09:52:34 | 00,049,152 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PRC - [2007/06/01 09:52:10 | 00,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PRC - [2007/05/11 07:26:44 | 04,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/04/03 19:50:00 | 01,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007/02/04 12:02:14 | 00,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2006/10/30 16:59:34 | 00,024,576 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
PRC - [2006/09/20 08:35:26 | 00,020,480 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
========== Modules (SafeList) ==========
MOD - [2009/12/23 15:35:34 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
MOD - [2008/01/19 01:26:34 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/11/03 17:56:55 | 00,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-093009-130223)
SRV - [2009/10/20 18:50:10 | 00,711,248 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2009/09/03 18:51:40 | 00,677,128 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - [2009/07/10 07:27:49 | 00,341,256 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2009/04/22 18:02:04 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/05/29 13:19:25 | 00,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/03/11 11:44:38 | 00,202,544 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/01/19 01:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/02 17:34:30 | 00,074,384 | R--- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2007/08/19 23:08:08 | 00,610,304 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2006/11/02 06:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Program Files\MyPlayCity\tbMyP0.dll File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...amp;ibd=2080530
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/...UI.cab55579.cab (MSN Games Matchmaking)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Mystery%20P.I.%20-%20Lost%20in%20Los%20Angeles/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://gsn.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinn...0/tpir/tpir.cab (TPIR Control)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/...dy.cab55579.cab (MSN Games Buddy Invite)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/...at.cab55579.cab (MSN Games Game Chat)
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} http://www.worldwinn...jattack/bja.cab (BJA Control)
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} http://zone.msn.com/...O1.cab60096.cab (UnoCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} http://zone.msn.com/...of.cab55579.cab (ZPA_WheelOfFortune Object)
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/...he.cab79352.cab (MSN Games Texas Holdem Poker)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mystery%20P.I.%20-%20The%20Vegas%20Heist/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/...xy.cab55579.cab (MSN Games Game Communicator)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....NPUplden-us.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/07/21 06:45:18 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!
========== Files/Folders - Created Within 14 Days ==========
[2009/12/23 15:35:15 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2009/12/21 18:38:14 | 00,000,000 | ---D | C] -- C:\Users\Jason\Documents\JavaRa[1]
[2009/12/21 17:08:19 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/12/21 17:08:08 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/12/21 17:08:07 | 00,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\SUPERAntiSpyware.com
[2009/12/21 17:07:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/12/21 16:58:06 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/12/21 16:57:19 | 01,084,528 | ---- | C] (Piriform Ltd) -- C:\Users\Jason\Desktop\ccsetup226_slim.exe
[2009/12/21 16:25:34 | 00,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Malwarebytes
[2009/12/21 16:25:30 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/21 16:25:28 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/21 16:25:28 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/21 16:25:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/12/21 16:24:49 | 04,844,264 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jason\Desktop\mbam-setup.exe
[2009/12/21 16:12:07 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jason\Desktop\HJTInstall.exe
[2009/12/20 14:03:44 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2009/12/20 14:03:43 | 00,000,000 | ---D | C] -- C:\aebb5edd0925c60a21b364278f924b
[2009/12/13 19:37:42 | 00,000,000 | ---D | C] -- C:\ProgramData\rionix
[2008/06/02 19:59:43 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
========== Files - Modified Within 14 Days ==========
[2009/12/23 15:55:59 | 02,883,584 | -HS- | M] () -- C:\Users\Jason\ntuser.dat
[2009/12/23 15:47:43 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/23 15:47:42 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/23 15:47:42 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/23 15:43:10 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/23 15:43:10 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/23 15:43:08 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/23 15:43:07 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/23 15:43:03 | 32,193,12640 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/23 15:35:34 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2009/12/23 14:05:24 | 00,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2D3BF0A5-7B2F-41E5-BE04-63265993C875}.job
[2009/12/23 07:12:44 | 00,524,288 | -HS- | M] () -- C:\Users\Jason\ntuser.dat{027325d8-eda6-11de-8284-001d099e3e06}.TMContainer00000000000000000001.regtrans-ms
[2009/12/23 07:12:44 | 00,065,536 | -HS- | M] () -- C:\Users\Jason\ntuser.dat{027325d8-eda6-11de-8284-001d099e3e06}.TM.blf
[2009/12/23 07:12:38 | 04,421,902 | -H-- | M] () -- C:\Users\Jason\AppData\Local\IconCache.db
[2009/12/22 16:06:42 | 00,385,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/12/21 17:08:10 | 00,000,864 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/12/21 16:58:07 | 00,001,632 | ---- | M] () -- C:\Users\Jason\Desktop\CCleaner.lnk
[2009/12/21 16:57:20 | 01,084,528 | ---- | M] (Piriform Ltd) -- C:\Users\Jason\Desktop\ccsetup226_slim.exe
[2009/12/21 16:25:33 | 00,000,780 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/21 16:25:10 | 04,844,264 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jason\Desktop\mbam-setup.exe
[2009/12/21 16:12:19 | 00,001,836 | ---- | M] () -- C:\Users\Jason\Desktop\HijackThis.lnk
[2009/12/21 16:12:12 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Jason\Desktop\HJTInstall.exe
[2009/12/21 09:02:08 | 00,000,680 | ---- | M] () -- C:\Users\Jason\AppData\Local\d3d9caps.dat
[2009/12/20 22:56:41 | 00,524,288 | -HS- | M] () -- C:\Users\Jason\ntuser.dat{027325d8-eda6-11de-8284-001d099e3e06}.TMContainer00000000000000000002.regtrans-ms
[2009/12/20 14:40:13 | 00,524,288 | -HS- | M] () -- C:\Users\Jason\ntuser.dat{8065a5fb-ec41-11de-b01e-001d099e3e06}.TMContainer00000000000000000001.regtrans-ms
[2009/12/20 14:40:13 | 00,065,536 | -HS- | M] () -- C:\Users\Jason\ntuser.dat{8065a5fb-ec41-11de-b01e-001d099e3e06}.TM.blf
[2009/12/19 04:11:31 | 00,524,288 | -HS- | M] () -- C:\Users\Jason\ntuser.dat{8065a5fb-ec41-11de-b01e-001d099e3e06}.TMContainer00000000000000000002.regtrans-ms
[2009/12/18 20:08:20 | 00,524,288 | -HS- | M] () -- C:\Users\Jason\ntuser.dat{a89112b5-5b01-11de-8621-001d099e3e06}.TMContainer00000000000000000001.regtrans-ms
[2009/12/18 20:08:20 | 00,065,536 | -HS- | M] () -- C:\Users\Jason\ntuser.dat{a89112b5-5b01-11de-8621-001d099e3e06}.TM.blf
[2009/12/11 12:12:29 | 00,001,614 | ---- | M] () -- C:\Users\Jason\Desktop\Calculator.lnk
[2009/12/10 17:38:33 | 00,002,587 | ---- | M] () -- C:\Users\Jason\Desktop\Microsoft Office Word 2007.lnk
========== Files Created - No Company Name ==========
[2009/12/21 20:55:48 | 32,193,12640 | -HS- | C] () -- C:\hiberfil.sys
[2009/12/21 17:08:10 | 00,000,864 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/12/21 16:58:07 | 00,001,632 | ---- | C] () -- C:\Users\Jason\Desktop\CCleaner.lnk
[2009/12/21 16:25:33 | 00,000,780 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/12/21 16:12:19 | 00,001,836 | ---- | C] () -- C:\Users\Jason\Desktop\HijackThis.lnk
[2009/12/20 14:49:33 | 00,524,288 | -HS- | C] () -- C:\Users\Jason\ntuser.dat{027325d8-eda6-11de-8284-001d099e3e06}.TMContainer00000000000000000002.regtrans-ms
[2009/12/20 14:49:33 | 00,524,288 | -HS- | C] () -- C:\Users\Jason\ntuser.dat{027325d8-eda6-11de-8284-001d099e3e06}.TMContainer00000000000000000001.regtrans-ms
[2009/12/20 14:49:33 | 00,065,536 | -HS- | C] () -- C:\Users\Jason\ntuser.dat{027325d8-eda6-11de-8284-001d099e3e06}.TM.blf
[2009/12/18 20:12:00 | 00,524,288 | -HS- | C] () -- C:\Users\Jason\ntuser.dat{8065a5fb-ec41-11de-b01e-001d099e3e06}.TMContainer00000000000000000002.regtrans-ms
[2009/12/18 20:12:00 | 00,524,288 | -HS- | C] () -- C:\Users\Jason\ntuser.dat{8065a5fb-ec41-11de-b01e-001d099e3e06}.TMContainer00000000000000000001.regtrans-ms
[2009/12/18 20:12:00 | 00,065,536 | -HS- | C] () -- C:\Users\Jason\ntuser.dat{8065a5fb-ec41-11de-b01e-001d099e3e06}.TM.blf
[2009/12/11 12:12:29 | 00,001,614 | ---- | C] () -- C:\Users\Jason\Desktop\Calculator.lnk
[2009/01/25 10:16:03 | 00,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2009/01/25 10:14:38 | 00,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008/06/05 17:09:15 | 00,031,744 | ---- | C] () -- C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/02 20:16:45 | 00,000,097 | ---- | C] () -- C:\Users\Jason\AppData\Local\DownloadLog.txt
[2008/06/02 16:27:05 | 00,000,680 | ---- | C] () -- C:\Users\Jason\AppData\Local\d3d9caps.dat
[2008/05/29 20:45:40 | 01,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/05/29 20:45:40 | 01,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/05/29 20:45:40 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/05/29 20:45:40 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/05/29 20:45:38 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/05/29 13:06:33 | 00,031,616 | ---- | C] () -- C:\Windows\System32\drivers\livecamv.sys
[2006/11/02 06:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 01:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
========== LOP Check ==========
[2009/07/05 17:13:46 | 00,000,000 | -HSD | M] -- C:\Users\Jason\AppData\Roaming\.#
[2009/02/15 21:36:02 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Alawar
[2009/11/16 18:19:04 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Artogon
[2008/08/30 02:17:22 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Big Fish Games
[2009/01/04 13:03:53 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\blg
[2008/08/24 14:30:12 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\BloodTies
[2009/03/14 12:04:55 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Boolat Games
[2008/11/11 21:39:34 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Boomzap
[2009/07/27 13:55:42 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Canon
[2009/08/04 11:12:51 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\CasualForge
[2009/11/29 13:13:11 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Cat's Eye Games
[2009/08/26 19:46:56 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\cerasus.media
[2009/06/18 23:49:33 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\DreamDale
[2009/11/11 17:28:19 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\EcoRescue
[2009/10/20 20:26:07 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\EleFun Games
[2009/11/26 17:42:46 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\EscapeTheMuseum2
[2008/08/13 17:16:29 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Eyeblaster
[2009/01/18 16:45:00 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Fabulous Finds
[2009/08/28 14:43:38 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\fillup
[2008/10/31 12:15:21 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Flood Light Games
[2009/10/07 18:23:40 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\FlyWheelGames
[2008/09/04 20:30:37 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ForgottenRiddles
[2008/12/19 23:51:05 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ForgottenRiddles2
[2008/08/22 19:16:44 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Friday's games
[2009/04/26 12:24:26 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Fuel Industries
[2008/10/24 14:38:57 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\funkitron
[2008/08/06 15:11:56 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Gaijin Ent
[2008/11/14 17:36:48 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\GameHouse
[2009/08/19 13:59:02 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\GameHousev1001
[2008/11/11 21:42:18 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Gamelab
[2009/07/18 15:50:48 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Games
[2008/07/11 20:24:40 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\GamesCafe
[2008/07/11 22:46:50 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\GetRightToGo
[2008/12/08 20:43:58 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Gogii Games
[2009/08/09 17:10:54 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Gold Casual Games
[2008/12/26 17:22:36 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\GOL_byHasbro
[2009/08/14 19:21:10 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\GraveyardShift
[2009/11/26 19:08:20 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\HdO Adventure
[2009/07/08 14:55:44 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Hidden Island Data
[2009/06/26 16:27:11 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\HiT-MM
[2009/05/31 14:59:00 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\HuruBeachParty
[2008/11/16 15:54:16 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\IOMediaSupport6SZZ001s
[2008/10/04 19:14:50 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ITTNord
[2008/12/11 20:49:26 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\iWin
[2008/08/26 21:23:08 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\iWinArcade
[2009/03/01 00:09:09 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Jetsetter
[2009/12/04 18:42:40 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Ludia
[2009/09/12 01:48:37 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\MagicBall4
[2009/07/21 14:02:09 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\MegaplexMadnessSummerBlockbuster
[2009/09/30 22:20:13 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Merscom
[2008/10/19 15:59:31 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Mushroom Age
[2009/01/04 15:31:02 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\My Games
[2008/08/29 08:59:58 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\MysteryStudio
[2008/08/09 13:39:43 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Mysteryville2
[2009/08/30 09:53:10 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Namco
[2009/05/16 18:03:09 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Oberon Games
[2009/12/09 09:11:47 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Oberonv1002
[2008/09/26 20:49:33 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Oberonv1005
[2009/09/15 18:39:40 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Once Upon a Time in Chicago
[2009/07/16 21:25:18 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Peace Craft
[2008/12/08 20:37:29 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Pharaohs Secret
[2009/11/28 17:01:03 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Playrix Entertainment
[2009/04/17 16:15:27 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\PoBros
[2008/11/09 16:52:17 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Pogo Games
[2008/07/17 22:40:21 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\PopCapv1005
[2008/08/31 12:57:18 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Righteous Kill
[2009/09/15 20:22:35 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Sanna
[2009/01/25 10:14:26 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ScanSoft
[2008/10/25 19:12:21 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SecretIslandEng
[2009/03/14 14:18:06 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SerpentOfIsis
[2009/08/07 18:38:07 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\she_is_a_shadow
[2008/09/17 18:21:39 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Skip-Bo
[2008/11/16 15:54:16 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Spinapse
[2008/08/06 13:26:23 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SpinTop
[2009/07/21 19:38:07 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SpinTop Games
[2008/08/17 21:53:35 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\StoneLoopsOberon
[2008/08/29 13:25:29 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Sudden Games
[2009/04/26 14:11:10 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\TikGames
[2008/09/10 15:18:22 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\TMInc
[2009/04/20 20:13:37 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\UClick
[2008/11/05 23:01:33 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\URSE Games
[2009/07/11 12:01:41 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\V-Games
[2008/11/16 14:17:27 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Valusoft
[2009/03/01 00:26:06 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\ViquaSoft
[2009/07/30 17:57:00 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Winv1001
[2009/01/14 20:44:14 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\World-LooM
[2009/07/16 17:02:54 | 00,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\YoudaGames
[2009/12/23 07:12:45 | 00,032,642 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/12/23 14:05:24 | 00,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2D3BF0A5-7B2F-41E5-BE04-63265993C875}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008/01/19 01:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 01:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 01:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2008/05/29 20:29:42 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys
[2008/05/29 20:29:42 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2008/05/29 20:29:42 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2008/05/29 20:29:41 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006/11/02 03:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/04/11 00:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 01:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/19 01:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 01:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 03:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/05/29 20:30:08 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2008/05/29 20:45:15 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5da5d093\atapi.sys
[2008/05/29 20:45:15 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=61CA2C1E145809813C28752298CF9843 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20580_none_db8503133dc1c2af\atapi.sys
[2008/05/29 20:45:15 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_6c3af7d3\atapi.sys
[2008/05/29 20:45:15 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=7EB55F6BEFB392BD312CD0CD5263305D -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16470_none_db063634249c06f4\atapi.sys
[2008/05/29 20:29:39 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
[2008/05/29 20:29:39 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys
[2008/05/29 20:30:08 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2008/05/29 20:30:08 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2008/05/29 20:40:25 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/05/29 20:40:25 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/05/29 20:40:25 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008/05/29 20:40:25 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006/11/02 03:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 03:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2007/04/26 04:41:38 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Drivers\storage\R154092\iastor.sys
[2007/04/26 04:41:38 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\drivers\iaStor.sys
[2007/04/26 04:41:38 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3a63e5a6\iaStor.sys
[2007/04/26 04:41:38 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_5f6e7be5\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008/01/19 01:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 01:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 03:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 03:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006/11/02 03:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 00:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 01:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/19 01:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006/11/02 03:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 03:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 01:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 01:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008/01/19 01:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/19 01:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 03:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 00:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< %systemroot%\*. /mp /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:BB71BBA2
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:84AE4B1B
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:71FA8B7F
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:4C2F1C3C
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:C47E54BB
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:BA05E0C4
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:4A1628E5
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:494C4968
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:D41AB8D0
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:4FE42FFC
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:1E5E0A4D
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:E962FBDB
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:C07A6A6B
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:70E897B5
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:B2AAF611
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:E92C67B9
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:E7EE4FA3
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:92847C60
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:4AC9B4B7
@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:26C634E5
@Alternate Data Stream - 354 bytes -> C:\ProgramData\TEMP:F56BCB0F
@Alternate Data Stream - 348 bytes -> C:\ProgramData\TEMP:B8CAAE22
@Alternate Data Stream - 334 bytes -> C:\ProgramData\TEMP:07557E0B
@Alternate Data Stream - 301 bytes -> C:\ProgramData\TEMP:2D1BA810
@Alternate Data Stream - 296 bytes -> C:\ProgramData\TEMP:1387592D
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:5BCAA2E9
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:D9046031
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:E23BF4AD
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:81F54BD5
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:3DAC3B29
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:D5458F6B
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:FB647F34
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:E895790F
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:E35942A2
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:F0A6D4E5
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:DEDAEF90
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:65D73220
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:EDC744FB
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:D0ED9DB7
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:E1256631
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:1181620C
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:61B54B15
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:0F16D679
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:D8F9D810
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:78DBBDCD
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:077CC761
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5466F106
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:100E92DA
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:E5438999
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:9AE67195
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:698B483C
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:5E22637F
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:4CD2D817
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:CCBF0D67
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:C4870D32
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:81B52FA6
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:5FEFEAEF
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:C90E8309
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:AD727397
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:848CC150
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:6444B424
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0A73A758
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:EA701346
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:C15FE8A0
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B9B1C40F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A7B70C4E
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7AF9CAEB
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:5E413CD6
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:2F34C507
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:D5D1F833
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:A02025CE
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:9026FFAC
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:85091E5D
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:8160BC44
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:26566B27
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:1F7A10DD
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:05321270
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:EF5B3572
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:80E965A3
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5BBAFAAC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4F30F326
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:02BC319B
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C03F5109
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:9EA0F98F
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:93D985FC
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:6CA8BD9A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:69AF9D20
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:5AE33054
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:3F2F06F2
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:3C859CF5
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:37A3BA29
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:2159CA2F
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:DE07EBE7
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C86B29EB
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:A5FC8FA1
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:90C66010
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:908019AD
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:7920E530
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:52747E44
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:4A2D1995
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:47BE4EDF
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:3539CD43
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:F8071C14
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:EB5BDBB0
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:7B15F8C8
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:41C283B2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:359B5EAB
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:2702A8B3
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F986CC21
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:F6424B89
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:99963C1E
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:6425A235
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:60B211FF
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:15E76ABF
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E07EA07E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C928F3BE
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:9E3E060F
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:9DF9F99A
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:7C60A173
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:6CC86DF2
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:69DD03D4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:538DC028
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:341C1FBD
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:1CE87230
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:C611D6C8
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:AF952105
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:8F09BC2E
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:3BAD46F6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:37CE0F2E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:E7A21528
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A4BF246C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:85C3B823
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:7B626525
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:77248999
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5F15D632
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5C6EBC69
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:560D46AC
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5335CE76
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:3E06C78F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:FE4E15B1
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:E22FF3D0
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:CB16385F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A58B27C9
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:92806EDF
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:8F292FAC
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:6E86D926
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:69E3AF64
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:60A4BB64
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:52A22573
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:1740DC47
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:00479775
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:E4BCEC7A
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:CC30FDA5
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:B8F55F6A
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:9ACB70D7
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:9A69BCBB
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:88C60511
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:52D492DA
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:33DB8278
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:C72A744C
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:C213B3C4
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:708BB0FA
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:61A3E318
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:58E07FC2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:51CF9716
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:13FB6DB8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:F822B7ED
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:A51C9924
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:90E3641D
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:84415AE8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:5B85C37B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:EF0E8680
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:CA84168C
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:8C458D50
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:864A52B8
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:40BAD1B0
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:178D4338
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:EC9787B3
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D48500F8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D226F1A4
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:A18121AD
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:7A0FEE87
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:517B507A
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:4F58D818
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:1B7D2A38
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:0D52F295
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:0995C8F9
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:EEA9057A
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:CEB60D1E
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:A37A44E3
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:8BB2EC84
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:820E417F
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:7C72DC93
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:77A023CE
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:72ABE5B6
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:5FEF2975
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:48C1DDAA
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:389D51A1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:E73B14E2
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C823CB04
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:69329C29
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:3790BACD
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DF0BC727
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:C71EFD73
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A384652A
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:9DAC67BE
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:9A95B210
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:2FF4577A
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:0E4DF3FE
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:F5096B56
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:D1F97C5A
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:D1BCFD4A
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:9E9BA8D0
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:8DA9DB01
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:8401B6D5
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:7A0EFE63
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:3FF6432F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:2FCCEABB
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:2D61FFEE
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:18379B4C
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:E2370C47
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:DE6EED8B
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:45F3AD49
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:10F6E97E
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:03DF2E8E
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:F0E8F4FE
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:CFF21EA7
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:B9FD87FA
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:B9610852
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:67C9F690
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:2BC498A4
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:0D3CE40A
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:F65733F1
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:EDB0421C
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:C22674B6
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:AC73CDCE
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:981349EA
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:70F0A2F4
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:1291B7F6
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:067F588D
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:F9E10A82
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:F7177020
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:EA34E08F
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:A688EF17
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:A3B8F70C
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:A39CF033
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:89A5891E
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:876B6C70
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:7E6454EB
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:598E0FFA
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:561B1D2B
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:38CEAA1E
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:12C2EF8D
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:B458E32E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:82FACE4F
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:6DE1FF38
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:22D48BE5
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:00F7B10F
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:00190653
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:9DF07E8F
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:68ED2583
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:017C5853
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:CB0FEE2B
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:C9ADED35
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:3E69E337
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:38BFF11F
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:2634FC95
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:1AFC2166
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:FCA68DE9
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:F5BB3657
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:D650D56C
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:CC174F28
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:302D4BF4
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:27D1368B
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:0513B2BD
< End of report >
OTL Extras logfile created on: 12/23/2009 3:51:34 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Users\Jason\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 67.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.70 Gb Total Space | 385.73 Gb Free Space | 84.65% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.72 Gb Free Space | 57.25% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JASON-PC
Current User Name: Jason
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5AA1AAAC-5D62-4B1B-B7BC-4264B9D70122}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{8CD0BB4B-6211-4C02-ADCA-E57289B1B6B1}" = lport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe |
"{E29B7E80-9DA5-40D7-9F88-92C147052F98}" = lport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{8F28A41C-71F8-4D45-BB6F-B86EBBD7D5DF}C:\program files\3d mini golf\3d mini golf.exe" = protocol=6 | dir=in | app=c:\program files\3d mini golf\3d mini golf.exe |
"TCP Query User{C8712D25-0211-498D-96A0-49D9A0764F1E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4BEBFE69-F8C5-4537-9EEB-4730B83B0F75}C:\program files\3d mini golf\3d mini golf.exe" = protocol=17 | dir=in | app=c:\program files\3d mini golf\3d mini golf.exe |
"UDP Query User{C4F31497-95F0-4237-82B2-0464FE2587DF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{045DB95B-F123-B440-D999-AD083AA55196}" = CCC Help German
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX300_series" = Canon MX300 series
"{11CB6E0D-FFB2-7FAE-17FC-CA92BEE8F24A}" = Catalyst Control Center Localization Japanese
"{1400192B-D969-6FD4-8044-E2D07C5ADE3A}" = Catalyst Control Center Localization German
"{14BD87BE-02AA-8E04-602C-B20A43267F5B}" = CCC Help Japanese
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1662D4E1-B469-D6A3-085B-0B5350BF7CA5}" = Catalyst Control Center Localization Italian
"{168879EE-A348-BFB7-3622-3651449C629F}" = CCC Help Italian
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A8E3C5D-B772-CB4A-1117-751B5D79787B}" = Catalyst Control Center Graphics Light
"{1B2E11A4-8566-B8C7-3FB6-0D2A6F8D2139}" = CCC Help Portuguese
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{266156C9-F681-A84B-083C-D2052A461583}" = Catalyst Control Center Graphics Full New
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 17
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2A6FFA23-9188-E796-4AFF-196A2004AA39}" = ccc-utility
"{2EE437A9-75E3-10D1-3633-D4E8D6043503}" = CCC Help Spanish
"{2F3BCA05-4FD4-9418-1976-32F783E43DF4}" = Catalyst Control Center Graphics Full Existing
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3CE8C77E-8703-B62E-8F7C-31F7AA97F2A7}" = Catalyst Control Center Localization French
"{40E12A55-C504-4223-AFAC-7672DBF1ACDE}" = Trend Micro AntiVirus
"{4524E7FD-A547-C564-CD8F-A872F7C39029}" = CCC Help French
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6E4FC36F-A7B5-EE38-2FE4-7D0D94D230F5}" = Catalyst Control Center Localization Portuguese
"{6EF2AFEF-2044-4A85-ED1F-E70A568D7ED9}" = Catalyst Control Center Localization Turkish
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro AntiVirus
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{75F8E142-7720-156D-C74C-80AA0974B993}" = CCC Help Polish
"{7727DA6C-A845-890D-2B48-7863A93F167C}" = Catalyst Control Center Localization Korean
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.11.0
"{7C950A9E-B452-4DA1-BF55-C610D70E89E1}" = TurboTax 2008 wwiiper
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{87CA11B3-C4CE-D989-42C7-C6197B266EFD}" = CCC Help Chinese Standard
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91F2493D-8A65-7BF3-5684-9D6397F8847D}" = Catalyst Control Center Core Implementation
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9794B30C-0FCB-3658-B44F-33BDDC788C2D}" = CCC Help English
"{994FCE98-1379-2A33-24BC-F092466CC5C4}" = Catalyst Control Center Localization Thai
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC76BA86-7AD7-5760-0000-800000000003}" = Japanese Fonts Support For Adobe Reader 8
"{AC7C7307-6324-D891-1E53-77B00E4F0961}" = CCC Help Turkish
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6EECBB7-BDA4-4E52-2BD6-69D70215AC48}" = Catalyst Control Center Localization Polish
"{C279E4B3-9FCD-9D82-7A83-B773C2D4E526}" = Catalyst Control Center Localization Hungarian
"{C2D192BE-5E2C-92CF-56A0-28C7D9D67B96}" = CCC Help Hungarian
"{C2F3DB53-EF8E-4885-36C4-34C4911FEAE0}" = ccc-core-static
"{C486C7E9-5591-8777-CEB5-FA373AFE6711}" = Catalyst Control Center Localization Spanish
"{C57606D6-7A44-4A99-D6D0-BA07FD3ACCEA}" = Catalyst Control Center Localization Chinese Traditional
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D379100F-65A2-4B54-D568-CD2BE238C6A3}" = Catalyst Control Center Graphics Previews Vista
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{D973AE1D-ACB1-2C54-92FE-A29E2A7482C0}" = CCC Help Thai
"{E0EFA6E0-2A18-A83B-34EA-8435EFEE1285}" = CCC Help Korean
"{E24EDDF0-93A0-95CC-509A-1C012180F8CB}" = Skins
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E53C563F-1157-20B2-1276-755A22E814D2}" = Catalyst Control Center Localization Chinese Standard
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6B8797E-923E-4902-9698-62937FE80FAB}" = CCC Help Chinese Traditional
"{FBF1268D-3323-545E-4DD0-F45AD313E37E}" = Catalyst Control Center Graphics Previews Common
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Canon MX300 series User Registration" = Canon MX300 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Creative OEM003" = Monitor Integrated Webcam Driver (1.00.13.0608)
"DELL Webcam Center" = DELL Webcam Center
"DELL Webcam Manager" = DELL Webcam Manager
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Google Desktop" = Google Desktop
"GoToAssist" = GoToAssist 8.0.0.514
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"PokerStars" = PokerStars
"PROPLUS" = Microsoft Office Professional Plus 2007
"PROSetDX" = Intel® PRO Network Connections 12.1.11.0
"TurboTax 2008" = TurboTax 2008
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/11/2009 12:23:10 AM | Computer Name = Jason-PC | Source = EventSystem | ID = 4621
Description =
Error - 12/12/2009 10:50:37 PM | Computer Name = Jason-PC | Source = EventSystem | ID = 4621
Description =
Error - 12/15/2009 10:49:40 PM | Computer Name = Jason-PC | Source = EventSystem | ID = 4621
Description =
Error - 12/17/2009 11:19:42 PM | Computer Name = Jason-PC | Source = EventSystem | ID = 4621
Description =
Error - 12/18/2009 9:54:23 PM | Computer Name = Jason-PC | Source = EventSystem | ID = 4621
Description =
Error - 12/19/2009 4:21:12 AM | Computer Name = Jason-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18865 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1930 Start Time: 01ca8067f8d28730 Termination Time: 31
Error - 12/19/2009 10:13:05 PM | Computer Name = Jason-PC | Source = EventSystem | ID = 4621
Description =
Error - 12/20/2009 4:31:43 PM | Computer Name = Jason-PC | Source = ESENT | ID = 215
Description = WinMail (3540) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 12/20/2009 5:52:58 PM | Computer Name = Jason-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18865, time stamp
0x4b077416, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6,
exception code 0xc0000005, fault offset 0x000681cb, process id 0x1454, application
start time 0x01ca81be7e189edd.
Error - 12/21/2009 9:51:55 AM | Computer Name = Jason-PC | Source = EventSystem | ID = 4621
Description =
[ OSession Events ]
Error - 3/22/2009 2:19:48 PM | Computer Name = Jason-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 145
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12/22/2009 6:25:05 PM | Computer Name = Jason-PC | Source = HTTP | ID = 15016
Description =
Error - 12/22/2009 6:46:21 PM | Computer Name = Jason-PC | Source = HTTP | ID = 15016
Description =
Error - 12/22/2009 7:15:05 PM | Computer Name = Jason-PC | Source = HTTP | ID = 15016
Description =
Error - 12/22/2009 8:50:01 PM | Computer Name = Jason-PC | Source = HTTP | ID = 15016
Description =
Error - 12/22/2009 8:59:46 PM | Computer Name = Jason-PC | Source = HTTP | ID = 15016
Description =
Error - 12/23/2009 9:38:45 AM | Computer Name = Jason-PC | Source = HTTP | ID = 15016
Description =
Error - 12/23/2009 5:12:28 PM | Computer Name = Jason-PC | Source = DCOM | ID = 10016
Description =
Error - 12/23/2009 5:13:33 PM | Computer Name = Jason-PC | Source = DCOM | ID = 10016
Description =
Error - 12/23/2009 5:43:07 PM | Computer Name = Jason-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:42:07 PM on 12/23/2009 was unexpected.
Error - 12/23/2009 5:43:08 PM | Computer Name = Jason-PC | Source = HTTP | ID = 15016
Description =
< End of report >
Sign In
Create Account
